Issues with Firewalls

From Ganfyd

Jump to: navigation, search

Issues with Firewalls

Contents

Introduction

Firewalls protect you from unwanted internet (or network) traffic. They are essential for dealing with spyware and viruses. At its most extreme a firewall is the same as pulling out a network connection.

LogoKeyPointsBox.pngCatches with Hardware Firewalls in 2005
  • Cheaper routers may have only NAT (Network Address Translation)
  • Ones with 'Stateful Packet Inspection' are better and allow useful configeration
  • Router firewall defaults can be turned off or too basic to be safe
  • ALWAYS CHANGE YOUR ROUTERS ADMINISTRATION PASSWORD

Types of Firewall

  • Hardware
    • This is usually a dedicated computer in its own right, as in a network router that runs software that allows only network traffic in that can be related to a message from within the network.
    • Typical routers will also allow you to
      1. Block selected internet addresses
      2. Only communicate with specific devices (each device has a unique identifier called a MAC which can be used for this purpose)
      3. Create a tunnel pathway to a particular device that bypasses the firewall
  • Software
    • This uses low level operating system hooks to look at and block network traffic
      1. Inwards Traffic unless it can be related to a message from the network-this is like the basic functionality of a hardware firewall
      2. Outwards Traffic-this is the major strength of some software firewalls
LogoKeyPointsBox.pngCatches with Software Firewalls in 2005
  • Some are better than others, and most are better than the one that comes with Windows XP
  • A free one might be better than a commercial one

Some issues

  1. Software firewalls that only block inwards traffic such as the Windows XP default firewall are useless at detecting programs on your system that are trying to communicate without your knowledge. This has become a big problem, particularly if you have the bad luck to install malware by mistake, because with this type of Firewall you will miss easily generated warnings that you have a problem.
  2. Two software firewalls are dysfunctional. They usually fight each other and your system grinds to a halt (Honourable exception Unix where an Itables firewall like configuration might well coexist with a higher level firewall but this is detail for Nerds)
  3. Configuring a firewall can be difficult if you want maximum security and functionality. Luckily most decent firewalls now come with reasonable defaults with good interfaces.
  4. Software firewalls need to be enabled during the bootup process just after network connections enabled and disabled just before the network connection is closed. Vanilla Windows XP failed to do this, by not switched on its default firewall by default, and then only switched it on late in the bootup process. Some of us watched the ensuring virus infection disaster from safer sidelines.
  5. Software firewalls can be disabled by user action or during updates. Hardware firewalls are safer.
  6. Some say you only need a hardware firewall. The problem is that few hardware firewalls will stop outward traffic from an unwanted program. Also they do not protect you if you bypass them via say a dial up modem when your broadband connection goes down. This is potentially particularly problematical if you have Windows file or printing sharing enabled as computers out there are testing all the time for this wonderful exploitable back door into a computer system. It is also probably part of the explaination Microsoft did not switch on the original XP firewall by default...all software development and most beta testing would have been done behind hardware firewalls.
  7. Uninstalling Software Firewalls can be problematical. Problems have been reported with Norton ++ and ZoneAlarm. Some have never uninstalled the free ZoneAlarm and have just updated it for over 5 years so are happy with this software.

Recommendations

  1. Buy a router with a hardware firewall if you are on broadband or creating a wireless network
  2. Have a two way software firewall on all computers and any operating system. As long as you have the hardware firewall you can always disable the software firewalls while trouble shooting network problems. Re-enable them always before using dialup on a Windows network. Also the software firewalls just might prevent a trojan or virus that gets into your network infecting every computer, depending upon how they are configured.
  3. If reasonably paranoid have another router with hardware firewall separating any internet server or gaming machine from your home network.
  4. Consider the time learning to configure firewalls as time well spent.
  5. If you can't connect on a network and everything is plugged in, it might be your firewalls, worse luck. Windows XP is not a good operating system to connect to the internet with your firewall disabled however. Just don't.