::::::::::::::::::::::::::::::::::::::::::::::::::::::::Mar/99 ::: The Discordant Opposition Journal ::: Issue 3 - File 2 ::: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :Firewall basics: Rue-the-Day What exactly is a 'firewall'? A firewall is basically a means of implementing a system wide security policy without having to individually configure each computer. A firewall creates a barrier between a 'trusted' [internal] network and an 'untrusted' or 'hostile' [external] one, thus effectively seperating a network from the rest of the internet for security purposes. The most obvious way of protecting a network from external tampering is to isolate it from the outside world. It can be said that the most secure system is one that's in a lead lined bunker with it's own generator and no dial-in modems. Oh yeah, and a guard posted outside the room with an uzi. Nice thought but not very practical. Besides, where am I going to find a man with an uzi to sit outside my bedroom? No suggestions please. Really. This is where a firewall comes in. A firewall is basically a compromise between security and convenience which is why they aren't always as secure as they could be. In essence a firewall is a computer that acts as a barrier between your network and the internet, it runs special software to keep others from accessing your systems without authorisation. In fact the firewall software doesn't even have to be on a seperate, dedicated computer, it can be on one used for other purposes as well, however this can be less efficient. Company employees want access to email, usenet and the web, after all if you had some monotonous job on a computer you'd want to do more with it than type up the company's accounts right? Right? Instead of just taking an all or nothing approach to the net firewalls allow organisations to let the parts of the net they want to be the only ones that can be accessed and to stop most of the rest from accessing them. If you look at what the original word 'firewall' meant then it explains a lot of what firewalls in the computer security sense are about. In the construction industry a firewall is a specially built wall that is resistant to fire damage. If a fire breaks out in a building then this wall helps to restrict the fire to one section of the area limiting potential danger and catastrophe. If a hacker should gain access to a LAN [local area network] which is one set of machines then the hope is that he would be unable to access the rest of the company's system through the rest of the firewall. Firewalls are defined by what they allow through and what they deny, it all comes down to restricting the flow of data. fig 1.1 basic firewall /--------\ [ph33r muh ascii sk1llz] | the | | |-- external network |internet| untrusted \---||---/ || /---||---\ | | this can be a 'bastion' ==->|firewall|-- filters incoming/outgoing packets [or 'gate'] or a 'choke' | | blocks certain services \---||---/ logs connections || || /---||---\ | local | | area |-- internal network | network| trusted | [LAN] | \--------/ Firewall related mailing lists 'Firewalls' To subscribe send email to majordomo@greatcircle.com or Firewalls-request@greatcircle.com with the text 'SUBSCRIBE firewalls' in the body of the message [not the subject line, okay?]. This list provides information on the implementataion of internet firewall security systems and issues related to them. It is an outgrowth of the Firewalls BOF session at the Third UNIX Security Symposium in Baltimore on September 15, 1992. 'Euro firewalls' To subscribe to this list email majordomo@gbnet.net with the text 'SUBSCRIBE firewalls-uk [your email address]' in the body of the message [not the subject line]. This list is about firewalls from a European perspective [is there actually a difference?]. 'Academic firewalls' To subscribe send email to majordomo@net.tamu.edu.