Linux Today: Linux News On Internet Time.

More on LinuxToday

Linux Exposed: Realizing Firewalls

Jul 11, 2003, 05:30 (1 Talkback[s])

WEBINAR: On-demand Event

Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >

[ Thanks to Johan for this link. ]

"Nations without controlled borders cannot ensure the security and safety of their citizens, nor can they prevent piracy and theft. Networks without controlled access cannot ensure the security or privacy of stored data, nor can they keep network resources from being exploited by hackers. The communication efficiency provided by the Internet has caused a rush to attach private networks directly to it. Direct Internet connections make it easy for hackers to exploit private network resources. Prior to the Internet, the only widely available way for a hacker to connect from home to a private network was by direct dialing with modems and the public telephony network. Remote access security was a relatively small issue.

"When you connect your private network to the Internet, you are actually connecting your network directly to every other network that's attached to the Internet directly. There's no inherent central point of security control in fact, there's no inherent security at all. Firewalls are used to create security checkpoints at the boundaries of private networks. At these checkpoints, firewalls inspect all packets passing between the private network and the Internet and determine whether to pass or drop the packets depending on how they match the policy rules programmed into the firewall. If your firewall is properly configured, is capable of inspecting every protocol you allow to pass, and contains no serious exploitable bugs, your network will be as free from risk as possible.

"There are literally hundreds of firewall products available, and there are different theories from different security experts on how firewalls should be used to secure your network. This article will explore the operation of a generic firewall in detail, outline the important features you need in a firewall, and discuss how firewalls should be deployed in networks of any size..."

Complete Story

Related Stories: