What is a FIREWALL

I noticed that the computer I use has a firewall

is this some special nifty thing just for me or what does a firewall do for me?

will it help me so I dont have to do what I would to help my self do the things my computer should do

What kind of Firewall? Hardware or Software? What security programs are you running?

Best Software Firewall?

Benefits of COMODO Firewall Pro 3:

Reviews:

Plain and simple. A firewall blocks people that have no business connecting to your computer from connecting. It also keeps a check on what applications can access the internet, and perform some acts.

a firewall is a software? am i right? :slight_smile:

No.

I would say Yes, it is a software It may run on your personal PC or an appliance such as a router or another PC or even a device with the specific/unique purpose of serving as a Firewall only(to permit and deny traffic). It filters network traffic as to decide what traffic will be admitted or denied access to any point past the device or application that is monitoring said traffic. It may allow access to another device or application on the network or to a higher level in the Network Protocol or Communication Stack on the PC. In the end it is a software no matter what device it runs on. A firewall should monitor from Data link layer of the stack and also may monitor as high as the Application layer both of which exist in most network protocols directly related to a PC such as TCP/IP, Apple talk or Netware. The Application layer does not exist in such protocols as Frame Relay or ATM or other core protocols. These protocols are primarily core routing transports which will encapsulate the PC related Protocols. There are also filters which can be applied to these protocols but they are not unusually called firewalls. Firewalls usually exist at the LAN or Local Enterprise level. It all depends on exactly what type of firewall you are running. In the case of a software such as CFP it is a PC software firewall. It monitors all layers from the Data link to the Application level.

OD

Edits: only to correct grammer and spelling
Added or even a device with the specific/unique purpose of serving as a Firewall only(to permit and deny traffic)
Note for 3xist Wiki/Firewall does define it as network security device/appliance, but IMHO it´s the software that regulates/performs the actual work.
So you are not necessarily wrong, the answer is just more complicated that a yes or no.
You could say its both a combination of hardware device/s and software

Great answer OD,even a router with NAT has software built in(i think normally unix based,i may be wrong) but you can still update the firmware so it must be code based.

Matty

Firewall is software. It can monitor connections.

When a program on your PC communicate with a program on another PC via connection.
And any program on another PC communicate with any program on your PC via connection.

So using firewall program you can allow (or block) some(or all) connections.
To do that you have to have a little network connections theory.
But you can do that without using any firewall program also. For example in Windows95. ))))))

the firewall is the program looking at the network trafic. u see what comes in, what goes out, and u can set rules to block tcp in port 113 or block all netbios ports from sending infos.
firewalls were just trafic controllers based on known protocols. except now people can installl a driver with his own way of talking by tcp/ip. maybe i’m wrong but i’m sure someone will correct me if i made an error.
that’s why i like this forum, i learn things, without the need to fight, with moderators that don’t act like u feel like u’re in a dicature forum and they first try to help users instead of posting arrogant answers to make u feel they are the boss and u just have to shut up.
but now FWs are way more than FWs, and that’s a solution to face all those new exploits
look at Defense+, it’s able to defeat absolutly all AV by giving u a level of protection u cant compare with a simple analysis based on a list.

I have two questions:

  1. How does a hardware firewall work? I haven’t got any alerts from mine, so just wondering.

  2. If you have a hardware firewall, do you need a software firewall?

  1. See stateful inspection
    In short unless otherwise configured. It allows all outbound connections and the response to the request
    Hence, no alerts. Some can be configured to filter certain outbound requests such as by port, IP, or DNS resolution, but this would be an advanced configuration.

  2. This would depend on what level of protection you want. As I said most hardware firewalls allow all outbound connections. A software firewall (such as CFPv2), and some advanced hardware firewalls can filter on the higher layers of the protocol stack (APSTNDP) up to and including the application layer. A HIPS firewall such as CFPv3 with D+ activated can also monitor and control inter process interaction to help detect intrusions on any compatible computer system.

(APSTNDP) = All People Seem To Need Data Processing (mnemonic for the 7 OSI reference model layers)Protocol stack you can find more mnemonics here
All = Appliccation Layer
People = Presentation Layer
Seem = Session Layer
To = Transport Layer
Need = Network Layer
Data = Data link Layer
Processing =Physical Layer

Probably more than you wanted to know but
Hope it helps
OD
Notes/Edits:
Outbound protection on V2.4 saved my ■■■ at least twice. I am sure HIPS in CFPv3 will Save my ■■■ some day when I do something stupid. If I don’t just click allow with out reading the alert.
added (To = Transport Layer)

Thanks! Always trust that a mod will step in and help!! ;D

If you are a novice, like me, and want a simple pedestrian explaination of of what a FIREWALL is, I like the reply Ino-Sec made:
“Plain and simple. A firewall blocks people that have no business connecting to your computer from connecting. It also keeps a check on what applications can access the internet, and perform some acts.”

What is a connection exactly? allowing connection…
for example my app downloads (wants to download from www.arsenal.com)
My app connects to arsenal.com
(I have to allow outgoing connection for my app from me to www.arsenal.com)
and downloading starts…
Why I have not to allow incoming connection from www.arsenal.com to me ?

This is for security once you have allow a outbound connection inbound is allowed automatically, if you allow a inbound connecton you create a security risk some applications need this I believe P2P is one.
Dennis
EDIT You do need one for DHCP if you do not use a fixed IP.
This is for connecting computer to router.
Also if you have a local network for sharing files, printing, etc

to allow outgoing can be a security hole too, some code can steal your data to send it to some site.