Friday, December 07, 2007
11:37 by FoxTwo
Today, I'm gonna ramble about firewalls.
The history stretches back to ancient times. In medieval times, when armies fought, sometimes the commanders will erect flaming walls of fire to retard the advances of the enemy forces. Horses will be frightened of the wall of fire, and hence the defending forces bought some time, or is able to use the wall of fire to "funnel" the enemy forces into a kill zone.
This became known as a "fire wall".
Fast-forward to modern times. Internet was invented back in the 1960's and started to really grow exponentially around 1990. As with everything else, when something becomes popular, it gets abused. Worms, viruses and trojans started to appear and infect unprotected computers across the Internet.
Computers that are in an organization such as a company or educational institute are safer, because the network engineers have implemented a protection software called a "fire wall". It is aptly named because it does the same job as what a real wall of fire does - prevent and retard the advancing enemy forces (unauthorised entries into the network).
For a long time, up to the latter half of the 1990's, most home computers connected to the Internet were unprotected. When the Internet started to become more commercialised, marketers started to "push" unwanted software into your computers, to force the user to always log in to their marketing site(s), or to show you adverts. Alot of these malicious software also started to collect "demographic" data, and soon came to be known as "Spyware".
Up until this time, we were still connecting to the Internet at pathetically slow speeds of analogue modems - 56Kbps was the fastest speed possible. Having a personal firewall software was almost unheard of. Firewalls cost thousands of dollars, and no one at home could possibly afford that!
Now, in 2007, the majority of us connects to the Internet via "broadband", which became popular around 2000. At the time, personal firewall software started to become available, cheaply, and in some cases, FREE.
Thus, more and more people started installing firewalls, and newer PCs and Laptops now come pre-installed with some sort of firewalls too.
When Microsoft finally upgraded their Windows to XP, finally we get a "free" firewall built right into the OS. But, all is not well. General perception is that Microsoft's "XP firewall sucks".
People have gotten used to the 3rd party firewalls out there that do MORE than what a typical firewall does. For 3rd parties to sell their products to the masses, they need to be more than just a firewall. They need to offer features like adblocking, cookie cleaning etc, and so people got used to thinking that firewalls need to have those to be a "firewall".
In actual fact, the function of a firewall is simple- "Prevent Unauthorised Entry". That's all. It does not prevent OUTGOING data. It just blocks INCOMING. Microsoft's built-in firewall inside XP does exactly just that. Thus, people label it "sucks".
As a personal test, I configured a PC without any sort of 3rd party firewalls and placed it on the Internet using only Microsoft's XP firewall back in March 2007. It's now December 2007 and the PC is still fine, no trojans, no spyware. XP's firewall WORKS. However, read on below because sometime in August 2007 I turned off the XP Firewall on this PC.
Also, since many people are also now using routers at home, the routers also come with a hardware firewall built-in. By default, the hardware firewall inside the router is enabled. Thus, you would already have the protection of a firewall the moment you turn the router on. Also, the firewall in the router is pretty much "fire and forget", ie at most you need to configure it once and it'll work. Usually, you don't even need to configure it.
The hardware firewall in the router works similarly to XP firewall too - it only blocks INCOMING, and freely allows outgoing data. I emphasize again, that this behaviour is what a firewall is supposed to do.
Again, as a test, I turned off the XP firewall in the same test PC mentioned above, around August 2007. Thus I totally relied on the hardware firewall in the router for protection.
As mentioned earlier, the PC is still fine today, without a software firewall. There hasn't been a breach of my home network - the hardware firewall worked flawlessly. Because I'm such a geek, I actually bothered to look through the logfiles on the router, and I actually see it dropping packets from those people who were scanning and probing.
My reason for doing these tests? Because every bit of software you can turn off from the PC, releases more resources for other things. If the router came with a virus shield and automatically updates itself, I'd turn off the one in the PC too :)
A good test for your firewall(s) -> http://grc.com and select "SHIELDS UP". I don't want to do a direct link because it'll automatically start probing your system and might trigger off many alerts for you, and you might think this is a malicious post trying to get you infected :) If you click yourself, you KNOW you are gonna get probed, because the pages warn you about it first.
11:37 by FoxTwo
Firewalls - Time For A Rethink
Today, I'm gonna ramble about firewalls.
History
The history stretches back to ancient times. In medieval times, when armies fought, sometimes the commanders will erect flaming walls of fire to retard the advances of the enemy forces. Horses will be frightened of the wall of fire, and hence the defending forces bought some time, or is able to use the wall of fire to "funnel" the enemy forces into a kill zone.
This became known as a "fire wall".
Fast-forward to modern times. Internet was invented back in the 1960's and started to really grow exponentially around 1990. As with everything else, when something becomes popular, it gets abused. Worms, viruses and trojans started to appear and infect unprotected computers across the Internet.
Computers that are in an organization such as a company or educational institute are safer, because the network engineers have implemented a protection software called a "fire wall". It is aptly named because it does the same job as what a real wall of fire does - prevent and retard the advancing enemy forces (unauthorised entries into the network).
For a long time, up to the latter half of the 1990's, most home computers connected to the Internet were unprotected. When the Internet started to become more commercialised, marketers started to "push" unwanted software into your computers, to force the user to always log in to their marketing site(s), or to show you adverts. Alot of these malicious software also started to collect "demographic" data, and soon came to be known as "Spyware".
Up until this time, we were still connecting to the Internet at pathetically slow speeds of analogue modems - 56Kbps was the fastest speed possible. Having a personal firewall software was almost unheard of. Firewalls cost thousands of dollars, and no one at home could possibly afford that!
Modern Era
Now, in 2007, the majority of us connects to the Internet via "broadband", which became popular around 2000. At the time, personal firewall software started to become available, cheaply, and in some cases, FREE.
Thus, more and more people started installing firewalls, and newer PCs and Laptops now come pre-installed with some sort of firewalls too.
When Microsoft finally upgraded their Windows to XP, finally we get a "free" firewall built right into the OS. But, all is not well. General perception is that Microsoft's "XP firewall sucks".
People have gotten used to the 3rd party firewalls out there that do MORE than what a typical firewall does. For 3rd parties to sell their products to the masses, they need to be more than just a firewall. They need to offer features like adblocking, cookie cleaning etc, and so people got used to thinking that firewalls need to have those to be a "firewall".
In actual fact, the function of a firewall is simple- "Prevent Unauthorised Entry". That's all. It does not prevent OUTGOING data. It just blocks INCOMING. Microsoft's built-in firewall inside XP does exactly just that. Thus, people label it "sucks".
As a personal test, I configured a PC without any sort of 3rd party firewalls and placed it on the Internet using only Microsoft's XP firewall back in March 2007. It's now December 2007 and the PC is still fine, no trojans, no spyware. XP's firewall WORKS. However, read on below because sometime in August 2007 I turned off the XP Firewall on this PC.
Routers/Wireless Routers
Also, since many people are also now using routers at home, the routers also come with a hardware firewall built-in. By default, the hardware firewall inside the router is enabled. Thus, you would already have the protection of a firewall the moment you turn the router on. Also, the firewall in the router is pretty much "fire and forget", ie at most you need to configure it once and it'll work. Usually, you don't even need to configure it.
The hardware firewall in the router works similarly to XP firewall too - it only blocks INCOMING, and freely allows outgoing data. I emphasize again, that this behaviour is what a firewall is supposed to do.
Again, as a test, I turned off the XP firewall in the same test PC mentioned above, around August 2007. Thus I totally relied on the hardware firewall in the router for protection.
As mentioned earlier, the PC is still fine today, without a software firewall. There hasn't been a breach of my home network - the hardware firewall worked flawlessly. Because I'm such a geek, I actually bothered to look through the logfiles on the router, and I actually see it dropping packets from those people who were scanning and probing.
My reason for doing these tests? Because every bit of software you can turn off from the PC, releases more resources for other things. If the router came with a virus shield and automatically updates itself, I'd turn off the one in the PC too :)
A good test for your firewall(s) -> http://grc.com and select "SHIELDS UP". I don't want to do a direct link because it'll automatically start probing your system and might trigger off many alerts for you, and you might think this is a malicious post trying to get you infected :) If you click yourself, you KNOW you are gonna get probed, because the pages warn you about it first.