Home Networking - Firewalls
When setting up your home networking system you will need a good firewalls system in place which may comprise of hardware, software or a combination of the two to prevent unauthorized persons and by malicious software.
Contractors use the word firewall to denote a physical barrier to keep flames from spreading from room to room. Home networks also have (or should have) firewalls. These are hardware, software or a combination of the two which protects a network from being accessed by unauthorized persons and by malicious software.
Computer firewalls can protect your system in two ways. They can keep programs from making connections to the internet, which keeps an infected program or a virus from spreading. More commonly, however, the purpose of home networking firewalls is to keep your system shielded from outside attempts to access it. Unauthorized access attempts may be from the internet, other computers on your own home network, or even "wardrivers" (hackers passing through with wireless computers) who can simply drive by and put a virus on your network.
Protecting your network from some types of access can make it more difficult for them, even if they manage to get to your network.Of course, blocking all traffic going both ways would make having a network useless. Network security is all about striking a balance between keeping some traffic out while allowing access for the traffic you want. Where exactly this balance lies is a difficult question. There are a number of more or less standard items which people should pay attention to when trying to implement effective firewalls system. The two most common are the UDP and TCP protocols.
UDP is a broadcast protocol and does not require you to have a two way connection. TCP, by contrast is two directional. UDP can be incoming or outgoing, for instance when you ping a server. When you want to open a port in your firewalls, you typically have to specify both port number and protocol. What you should aim for is close any port that you don't know for sure that you need open. Only open ports or allow protocols in the direction you need – and only when you know that you do. Closed in both directions should be the standard unless needed.
HTTP: This is the standard protocol used for data requests over the internet, both sending (uploading) or receiving (accessing web pages, downloading). Your system firewalls should have port 80 open for HTTP. Secure HHTP (or HTTPS) uses port 443 instead. Port 8080 is also common for HTTP connections.
FTP: Commonly used for file transfer over networks, you'll need to open port 20 for this protocol.
SMTP: Used for sending and receiving email, this protocol requires port 25 to be opened.
POP3: Also used for many email systems. Open port 110 for incoming POP3 traffic.
DNS: DNS needs to both send and receive in order to perform the function of translating IP addresses into domain names. Open port 53 in both directions for this important functionality.
DHCP: If your IP address is dynamically assigned rather than static you'll need to open port 68 to allow this protocol.
DOOM: If you play Doom, you're going to need to open port 666. Otherwise, as with any other port you won't be using, close it in both directions.
A lot other ports are used by various services , such as port 1433 (Microsoft SQL Server needs this one). Any program which needs a particular port should mention this in the documentation. Be careful when setting up your network firewalls system because it will provide good security to you!
ABOUT THE AUTHOR
|
|
|
