Author Topic: What is a firewall? Here is the layman's explanation :)  (Read 44851 times)

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14627
    • Video Blog
What is a firewall? Here is the layman's explanation :)
« on: July 09, 2007, 02:56:44 PM »
What is a firewall?

Let’s start with the Webopedia definition:

(fīr´wâl) (n.) A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:
•   Packet filter: Looks at each packet entering or leaving the network and accepts or    rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
•   Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
•   Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
•   Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.

In practice, many firewalls use two or more of these techniques in concert.

A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.

http://www.webopedia.com/TERM/f/firewall.html

Eh? What? Who?

I hear you; we need someone to explain what the heck a firewall is, but in laymen terms.
First of all, there are two kinds of firewalls, the ones we all use on our PCs (known as Personal Firewall or Desktop Firewall ) and the others that are hardware based, in your router or where enterprises deploy in their operations (these cost a lot of money to buy, up to thousands of dollars). Both are integral to the everyday maintenance and security of a PC.

So why have two?

Because there are 2 things that a firewall does.

First, it acts as a prevention tool, and makes you invisible on the Internet. Imagine the Internet as a highway (literally) with houses scattered all around it. Each one will have its own number, as well as doors, windows, etc. Each house represents a computer connected to the Internet. Now, wouldn’t it be cool to have “invisible paint” that I can paint my house with on this highway, so that people can’t see me ? Yup, that’s one function of a firewall. It makes you invisible on the Internet highway so that hackers don’t know where you are and they can’t hack in to your machine. Hackers are like the nasties on this highway, who go knocking on your door to see if anyone is in, even try to open the door to see if they can get into your house. After all, in the virtual world, hackers get in to your house (your PC) and take over as you have much less visibility to what’s happening in your PC than your house!

Yes, but the firewalls in our routers have some firewall functionality to stop hackers from getting in to your PC, don’t they?

Yes sir, you are right. Some hardware firewalls do have this functionality. That is why firewalls (the PC firewalls) have evolved to offer the 2nd functionality, “detection”.

Huh?

Okay, let me think . . . got it!  Making yourself invisible only protects you against one type of threat. There are numerous others. Think of them like this:
1.   The hacker throws a hand bomb through a window he manages to open.
2.   The hacker puts a nasty bomb in your shopping bag without you realizing it. You take the shopping bag home.
3.   The hacker drops a package at your front door and you open it.
4.   The hacker gives you a really nice present that you will be proud to display as a piece of furniture. It looks a bit like a Trojan Horse, but you like it.

Protecting your PC against these attacks is tough, because they are not thoroughly understood. The idea is to prevent your stuff from being stolen, right? So how do you do that in the PC world? Let’s serve this up in the “real world”. It looks something like this.

You are shoplifter and you go to a retail outlet and identify some nice clothes to steal. You are wearing a huge coat so that you can put some of these clothes on you in the dressing room and simply walk out with them. Good plan so far. >:-D Ok, you go pick 5 items, go to the dressing room, and put them on. You feel like smiling, but don’t! You will give yourself away. Just walk towards the door as if nothing has happened. DO NOT WHISTLE! You are making it too obvious. Just walk normally. OK, great, almost there. Keep going…

BEEP…BEEP…BEEP … OOOHHHH NOOOO!!!!

You forgot to remove the tags! Oh well, try telling the police this was just an experiment to show how PC Firewalls work, and see if they buy it.  No, we can’t visit you in jail. :)

Tags? What tags? Those electronic tags on the clothes I stole?

BINGO!

This is a tag alert system. It stops valuables from being stolen. If you have something being taken out of the shop without authorization, it sounds the alarms. Well this what your firewall does. It stops thieves from stealing, literally. If you have somehow managed to get malware on your system and that malware is trying to make a call home and steal information from you, the firewall will warn you. This is why your firewall must not “leak”; otherwise, malware will be stealing stuff out of your machine, without your firewall alerting you. A leaky firewall is like a tag that doesn’t work, shoplifter will take it out of the store without sounding any alarms!

There are many ways to get something nasty into your house, and guess what? In the virtual world it’s even easier! It’s easier because not many people understand “what is what”. What may look like an Email or something else innocuous could spell disaster for your PC. Having both firewalls in place gives you both prevention and detection, so a hacker is outsmarted, both coming and going.
Now I hope I have been able to give you a good security briefing with this article.   If you take nothing else away from this,

“Put tags on your stuff, or it’s going out the door, people!”

Melih

« Last Edit: September 12, 2010, 07:53:08 AM by Melih »

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: What is a firewall? Here is the layman's explanation :)
« Reply #1 on: July 10, 2007, 02:17:55 PM »
Great explanation, Melih!   (:CLP)

Very good use of illustrations.

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14627
    • Video Blog
Re: What is a firewall? Here is the layman's explanation :)
« Reply #2 on: July 10, 2007, 03:14:30 PM »
Great explanation, Melih!   (:CLP)

Very good use of illustrations.

LM

Thanks LM :)

Now I hope people understand the importance of leak tests! A leaking firewall is like those electronic tags that don't work! Shoplifters will have a field day!

Melih
« Last Edit: November 25, 2007, 11:08:26 AM by Melih »

Offline smkururu

  • Computer Security Testing Group
  • Comodo Member
  • *****
  • Posts: 47
  • I'm ready to code.
Re: What is a firewall? Here is the layman's explanation :)
« Reply #3 on: January 23, 2009, 06:46:33 AM »
Nice one Melih, but what about that tag, what if either the thieve bring scissors and cut the string attached to the tag and pass the security, or bring a hammer and bang that security check? Back to computer, what if the "virus" either cloak itself (don't know how), remove the installed virus definition, or simply terminate the antivirus?
Quote
Beware, virus might infect /dev/null and become unspeakable empty. :)

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14627
    • Video Blog
Re: What is a firewall? Here is the layman's explanation :)
« Reply #4 on: January 23, 2009, 03:03:11 PM »
Nice one Melih, but what about that tag, what if either the thieve bring scissors and cut the string attached to the tag and pass the security, or bring a hammer and bang that security check? Back to computer, what if the "virus" either cloak itself (don't know how), remove the installed virus definition, or simply terminate the antivirus?

that is why firewall alone cannot provide you all the security you need.
That is why you need a layered security architecture (you can read about it in my blog at www.melih.com )
Melih

Offline DaRtH VaDeR.

  • Usability Study Member
  • Comodo's Hero
  • *****
  • Posts: 1782
  • Everything in life comes to an end, exept life
Re: What is a firewall? Here is the layman's explanation :)
« Reply #5 on: January 23, 2009, 05:46:18 PM »
That is a great story! I really really like it! very funny, most of all it helps people understand the dangers of the virtual world..... Knowing how stuff works is one of the best defense systems people can have! ;)
DaRtH VaDeR says: "The path of success and progress is not to be reached by the things you have done, but by the things you will do, so think before you act,the voice of your history will confirm this fact.."

DaRtH VaDeR says: "Your system is as secure as the weakest link in your entire security"

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: What is a firewall? Here is the layman's explanation :)
« Reply #6 on: February 08, 2009, 03:43:26 PM »
Several posts relating to CIS Operations have been moved here so that the user's questions can be answered without disrupting the original thread.

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline Jesant13

  • Comodo Loves me
  • ****
  • Posts: 101
    • Facebook
Re: What is a firewall? Here is the layman's explanation :)
« Reply #7 on: February 25, 2009, 08:29:24 PM »
Excellent way of defining a firewall Melih!  (:WIN)

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14627
    • Video Blog
Re: What is a firewall? Here is the layman's explanation :)
« Reply #8 on: February 25, 2009, 08:30:35 PM »
Excellent way of defining a firewall Melih!  (:WIN)

Thank you Jesant13.

Melih

Offline Costas

  • Newbie
  • *
  • Posts: 4
Re: What is a firewall? Here is the layman's explanation :)
« Reply #9 on: March 25, 2009, 04:59:05 AM »
Very good explanation Melih, thnx

muthusrinivasan

  • Guest
Re: What is a firewall? Here is the layman's explanation :)
« Reply #10 on: August 27, 2009, 02:42:50 AM »
Nice one

Here is my explanation
==================================
In simple a house with many doors without compound and a security [ is a system with no firewalls installed ]

A house with many doors with compound and allows entry and exit through one door with a security check is a system with firewall [ a simple port blocking and packet analysing ].

Is anything wrong let me know.

Thanks

Regards
MuthusrinivasaN :)

Offline Senlac_Hill

  • Comodo Member
  • **
  • Posts: 36
Re: What is a firewall? Here is the layman's explanation :)
« Reply #11 on: September 22, 2009, 02:26:29 AM »
Really appreciate this explanation !! Many thanks !!

Offline Ringman

  • Comodo's Hero
  • *****
  • Posts: 657
Re: What is a firewall? Here is the layman's explanation :)
« Reply #12 on: September 22, 2009, 02:59:09 AM »
Great explanation, Melih!   (:CLP)

Very good use of illustrations.

LM

I think so,
This article (isn't it ?) should have illustrations.



Offline Valentin N

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 2869
  • Usability Study Group
    • My homepage at the moment
Re: What is a firewall? Here is the layman's explanation :)
« Reply #13 on: September 12, 2010, 07:47:45 AM »
nice explanation:)
Skype: comodohelper (Personal)

CEVPN: Valentin N

CIS 6.3

Keep CTM alive by voting


Offline pixel_dust

  • Newbie
  • *
  • Posts: 1
Re: What is a firewall? Here is the layman's explanation :)
« Reply #14 on: November 09, 2010, 07:32:02 PM »
Finally...an explanation that actually makes real sense - Thank you! I am such a n00b to Comodo, I was wondering if there is a Comodo 101 section somewhere that I could study.  I'm confused  ??? I thought I downloaded just the firewall, but, have found some antivirus events that were found and isolated.

One of my main sources of confusion is what to do with something that the firewall doesn't recognize. That nifty tab slides up and announces the file or whatever it has found and asks me what to do with it. Sometimes I'm sure I know what it is, and click the "allow" button.  Many other times, It's a funky (to this n00b) string of letters/numbers with .exe or some other extension, and I really don't have a clue what it is.  These usually end up in the sandbox - even though I don't yet really understand just what that is (my cats know), or how to get said ap out of there if I find I need it later 88)

Other times, it will send something I absolutely recognize (such as my web cam, or, an update from my antivirus program) to the sandbox, even though I've told it repeatedly that I know and trust the application!

My son pointed out yesterday that he couldn't update the virus definitions (not Comodo) because he couldn't find the program!  When I did some looking around in the firewall logs.....there were a lot of isolated items that should have gone through cuz they were from my antivirus program and should have been trusted  :-\

It should be obvious by now that I need to be directed to a place where I can study how to use this firewall product. 

I've been putting off asking about this because I keep thinking that even though I'm new to this product, I should be able to figure it out.

Friends ask me "Why use a product that you don't know how to use? Couldn't that end up doing more harm than good?"  They have a point.  Any chance of meaningful guidance for this n00b?

Confused, but, trainable

~p-d~

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek