What is Windows Firewall?
What is Windows Firewall?
A firewall helps to keep your computer more secure. It restricts information that comes to your computer from other computers, giving you more control over the data on your computer and providing a line of defense against people or programs (including viruses and worms) that try to connect to your computer without invitation.
You can think of a firewall as a barrier that checks information (often called traffic) coming from the Internet or a network and then either turns it away or allows it to pass through to your computer, depending on your firewall settings.
See the following illustration:
In Microsoft Windows XP Service Pack 2 (SP2), Windows Firewall is turned on by default. (However, some computer manufacturers and network administrators might turn it off.) You do not have to use Windows Firewall—you can install and run any firewall that you choose. Evaluate the features of other firewalls and then decide which firewall best meets your needs. If you choose to install and run another firewall, turn off Windows Firewall.
How does it work?
When someone on the Internet or a network tries to connect to your computer, we call that attempt an "unsolicited request." When your computer gets an unsolicited request, Windows Firewall blocks the connection. If you run a program such as an instant messaging program or a multiplayer network game that needs to receive information from the Internet or a network, the firewall asks if you want to block or unblock (allow) the connection. If you choose to unblock the connection, Windows Firewall creates an exception so that the firewall won't bother you when that program needs to receive information in the future.
For example, if you are exchanging instant messages with someone who wants to send you a file (a photo, for example), Windows Firewall will ask you if you want to unblock the connection and allow the photo to reach your computer. Or, if you want to play a multiplayer network game with friends over the Internet, you can add the game as an exception so that the firewall will allow the game information to reach your computer.
Although you can turn off Windows Firewall for specific Internet and network connections, doing this increases the risk that the security of your computer might be compromised.
What Windows Firewall does and does not do?
It does: It does not:
Help block computer viruses and worms from reaching your computer. Detect or disable computer viruses and worms if they are already on your computer. For that reason, you should also install antivirus software and keep it updated to help prevent viruses, worms, and other security threats from damaging your computer or using your computer to spread viruses to others.
Ask for your permission to block or unblock certain connection requests. Stop you from opening e-mail with dangerous attachments. Don't open e-mail attachments from senders that you don't know. Even if you know and trust the source of the e-mail you should still be cautious. If someone you know sends you an e-mail attachment, look at the subject line carefully before opening it. If the subject line is gibberish or does not make any sense to you, check with the sender before opening it.
Create a record (a security log), if you want one, that records successful and unsuccessful attempts to connect to your computer. This can be useful as a troubleshooting tool. If you want Windows Firewall to create a security log, see Enable security logging options. Block spam or unsolicited e-mail from appearing in your inbox. However, some e-mail programs can help you do this. Check the documentation for your e-mail program to learn more.
balumankalaCoool info yaar. thank u
Prasad AjinkyaAwesome posts friendster. While you are at it, please tell us about demilitarized zones and why do we need DMZs.
And speaking of firewalls, its better to use any of the other firewalls other than windows firewall. The windows firewall is at the lowest of the lot in the hierarchy of firewalls. Personally speaking, iptables rock in linux.
eski_komutthanks friendster7,good sharing.
friendster7In computer networking, DMZ is a firewall configuration for securing #-Link-Snipped-#. In a DMZ configuration, most computers on the LAN run behind a #-Link-Snipped-# connected to a public network like the Internet. One or more computers also run outside the firewall, in the DMZ. Those computers on the outside intercept traffic and broker requests for the rest of the LAN, adding an extra layer of protection for computers behind the firewall.
Traditional DMZs allow computers behind the firewall to initiate requests outbound to the DMZ. Computers in the DMZ in turn respond, forward or re-issue requests out to the Internet or other public network, as #-Link-Snipped-# do.(Many DMZ implementations, in fact, simply utilize a proxy server or servers as the computers within the DMZ.) The LAN firewall, though, prevents computers in the DMZ from initiating inbound requests. DMZ is a commonly-touted feature of home #-Link-Snipped-#. However, in most instances these features are not true DMZs. Broadband routers often implement a DMZ simply through additional firewall rules, meaning that incoming requests reach the firewall directly. In a true DMZ, incoming requests must first pass through a DMZ computer before reaching the firewall.
friendster7How to Install a Demilitarized Zone for Your Servers
What is a Demilitarized Zone (DMZ)?
Common setups used for small and medium networks include a firewall that processes all the requests from the internal network (LAN) to the Internet and from the Internet to the LAN. This firewall is the only protection the internal network has in these setups and it handles any NAT (Network Address Translation), forwarding and filtering requests as necessary. In most cases, the firewall also runs public services accessible from the Internet, such as web services and e-mail services. Within such setups, the DMZ is thus installed on and limited, we may say, to the server.
Why use a DMZ?
A DMZ aims to secure the internal network from external access. It does so by isolating the public services (requiring any entity from the Internet to connect to your servers) from the local, private LAN machines in your network.
The most common method of implementing such a divider is by setting up a firewall with three network interfaces installed. The first one is used for the Internet connection, the second for the DMZ network and the third for the private LAN. Any inbound connections are automatically forwarded to the DMZ because the private LAN does not run any services and is not connectible. Therefore, setting up the DMZ helps isolate the LAN from any Internet attacks.
How to set a DMZ?
First of all, you need to decide what services will run on each machine. The DMZ is generally on a different network segment, both physically and logically. This means that you need to use a separate machine to host the services you want to make public (such as DNS, web, mail etc.). From the connectivity point of view, the DMZ will be located on a different subnet than the LAN.
Furthermore, NAT should be provided for the computers on the LAN in order to enable the Internet access for the client hosts. The clients should also be enabled to connect to the servers in the DMZ.
Here is how the final setup should look:#-Link-Snipped-#
Hardening the DMZ machines
Computers in the DMZ obviously need to be hardened as much as possible given the fact that they will be in the first line, right behind the firewall. Their position will prevent attacks on the LAN, but it may also increase the risk to get compromised.
Here is a list of methods that you can use to increase the security of your DMZ systems:
- Disable all unnecessary services and dÃ¦mons;
- Run services chrooted whenever possible;
- Run services with unprivileged UIDs and GIDs whenever possible;
- Delete or disable unnecessary user accounts;
- Configure logging and check logs regularly;
- Use your firewall's security policy and anti-IP-spoofing features.
This type of network infrastructure is not the most secure way of protecting the private perimeter, but it is sometimes required. An example of such situation would be when a web server placed in a DMZ requires access to a database server over a secured port (and that port only) placed in a second DMZ. This database server could ultimately access some data found on the private LAN systems, if there is such a requirement. This way, the database is secured from public exposure, while keeping the web server accessible and the private LAN, isolated. Note: The above-listed methods apply to Linux/*NIX-type systems only.
What to keep in mind?
The simplicity of the DMZ concept makes it very powerful and prolific. A DMZ can be considered a safe-guard, although it is not a security measure by itself. However, with a tight and well-thought network infrastructure, IDS (intrusion detection systems) and IPS (intrusion prevention systems), it can become a barricade against attackers and unwanted or unneeded traffic.
Prasad AjinkyaHey if this is the case, then ... the hardware sizing of my firewall becomes dependent upon the number of machines on my lan who desire to access the machines in the DMZ!!
I did a small exercise.. Stopped the window firewall services.. in fact all the available firewalls on my system, and now when I tried to start the windows firewall, computer prompted a warning message that "firewall service is stopped do you want to start?"
I click on No.
Now for any Microsoft security update it tries to start windows firewall (which i have disabled), sometimes it throws an error/exception.
Why any idea?
Sometime we unblock something/any website or application using windows firewall. After unblocking it for once windows firewall never blocks that application again, even if we will try after removing the entry from exception tab?
Anything I am missing?
u had posted a nice information
really coOol info
Pranav KathaleWow. 😁
It's really a detailed information and full of knowledgeable stuff. Great. Now got the idea about the firewall.
Thanks for posting such a nice thread. :smile:
Members of CEan simply ROCKS!! 😁
Manish Goyalnice info dear
But 1 question what is the concept of nmap??
why it is required??
vishnu priyaReally good info people!!!
inbapuviGood information ya
You are reading an archived discussion.
GENETICALLY-ENGINEERED HUMANS HAVE ALREADY BEEN BORN The earthshaking news appeared in the medical journal Human Reproduction under the impenetrable headline: "Mitochondria in Human Offspring Derived From Ooplasmic Transplantation." The media...
Hi Friends Im facing a wiered problem with my CPU. The problem is when ever i start my PC, the processor fan starts rotating faster than the normal speed which...
good to be with people havin common sense..
Hi, I have a small motorcycle engine, a single cylinder, two-stroke, 39cc blata 'replica' engine to be precise. This runs a simple magneto type system to produce spark at the...
I know, I know.. we have so many dead projects. However, I believe that by suggesting projects to do, theres a chance that a segment of CEans will be interested...