Firewalls
By Pauline M. Berry
"People often think that having a fireball between your companies internal
network and the ``Big Bad Internet'' will solve all your security problems. It
may help, but a poorly setup firewall system is more of a security risk than
not having one at all. A firewall can only add another layer of security to
your systems, but they will not be able to stop a really determined hacker from
penetrating your internal network. If you let internal security lapse because
you believe your firewall to be impenetrable, you have just made the hackers
job that bit easier."
Gary Palmer
A firewall is a program that is placed between networks. It analyses the
incoming traffic (or packets) and processes it through a set of user defined
rules. Packets that pass the rules are processed. Ones that don't are rejected,
logged, ignored or otherwise dealt with according to the rules that you
establish when you install the fire wall.
The two main issues that firewalls are intended to address are the security and
validation of end-users. These issues are becoming more and more important
given the commercialisation and increasing in accessibility of the internet.
There are 2 main types of firewall:
A router is a machine which forwards packets between two or more networks. A
packet filtering router has an extra piece of code in it's kernel, which
compares each packet to a list of rules before deciding if it should be
forwarded or not.
Proxy servers are machines which have had the normal system daemons (telnetd,
ftpd, etc) replaced with special servers. These are normally more secure than
normal servers, and often have a wider variety of authentication mechanisms
available, including ``one-shot'' password systems.
Back To:
FULL COURSE INDEX |
ITACS |
PAULINE BERRY | DIS |
STRATHCLYDE UNIVERSITY
Last modified .