.: Understanding Firewalls For Comptia Security+ Exam

By:James Brown

Category:Home / Computers / Security

Firewalls are one of the most thoroughly misunderstood concepts around in networking and security today. It is your duty to dispel some of the most common misconceptions about firewalls not just for the purpose of passing the Comptia Security+ exam but also for the sake of the information security community!

What is a Firewall?
A firewall is any hardware or software designed to prevent unwanted network traffic. Some firewalls are simplistic in nature; in fact, many people use NAT devices as firewalls as they do effectively prevent direct incoming connections to hosts behind the NAT. Other firewalls are intricate operations, based on whitelists and blacklists, rules, and alerts. What all firewalls have in common, however, is an ability to block incoming traffic that may be deemed harmful.

Types of Firewalls
Because the definition of a firewall (at least as given above) is somewhat generalized, it is hard to define the general actions and methods of firewalls. Instead, we look at the ways different types of firewalls work. Each type of firewall has abilities, advantages, and drawbacks; to do well on the Security+ exam, you should understand these.

Packet Filtering Firewall
A packet filtering firewall polices traffic on the basis of packet headers. IP, UDP, TCP, and even ICMP have enough header information for a packet filtering firewall to make an informed decision as to whether to accept or reject that packet. You can think of a packet filtering firewall as a bouncer at a party. The bouncer may have a list of people that are allowed to come in (a whitelist) or a list of people to specifically exclude (a blacklist). The bouncer may even check a guest's identification to assure that the guest is above 18. Similarly, a packet filtering firewall simply inspects the source and destination of traffic in making a decision on whether to allow the packet to pass through. For example, some traffic may be addressed to a sensitive recipient and would therefore be blocked.

A packet filtering firewall can also filter traffic on the basis of port numbers. For example, many companies now block traffic on port 27374 because it is well-known to be a port used by the Trojan horse 'SubSeven.'

Note that a packet filtering firewall basically operates through a special ACL (access control list) in which both the white and black list of IP addresses and port numbers are listed. In essence, this firewall operates at the Network and Transport layers of the OSI Model. This model is notable for its simplicity, speed, and transparency ' however, traffic is not inspected for malicious content. In addition, IP addresses and DNS addresses can be hidden or 'spoofed,' as discussed in the Attacks lesson.

Circuit-Level Gateway
A circuit-level gateway is a type of firewall that operates on the Session layer of the OSI model. Instead of inspecting packets by header/source or port information, it instead maintains a connection between two hosts that is approved to be safe. This is something akin to a parent who approves the people that their children can speak with on the phone once they trust those people. In this scenario, the parent does not have to listen into the conversation because they know they can trust the two communicating children. Similarly, a circuit-level gateway establishes a secure connection between two hosts that have been authenticated and trust each other.

Application-Level Gateway
As the name suggests, an application-level gateway operates in the Application layer of the OSI model and actively inspects the contents of packets that are passed through to the gateway. It is for this reason that application-level gateways are considered the most secure as they can actively scan for malformed packets or malicious content. Think of an application-level gateway as the eavesdropping parent. An eavesdropping parent has the most complete knowledge of his or her child's activities because he or she can listen into all of the child's conversations. An application-level gateway does have drawbacks, however, including speed and routing problems. Application-level gateways are notorious for the amount of time it can take to inspect packets.

A special kind of application-level gateway is a proxy server, which is a server that serves as the 'middle man' between two hosts that wish to communicate. In the proxy server model, the host wishing to communicate sends a packet to the application-level gateway (proxy server), which then makes the decision whether to forward the packet to the intended recipient or to deny the request to send the packet.

Digg del.icio.us Blink Stumble Spurl Reddit Netscape Furl

Article keywords: comptia, security+, firewall, exam, certification, study

Article Source: http://www.articles32.com

ProProfs Free Online CompTIA Security+ Certification Exam School provides free study aids for the Security+ exam such as study guides, practice exams and practice questions. Visit free online Comptia Security+ school at: http://www.proprofs.com/certification/comptia/
http://www.ProProfs.com : Educational FREEway By Professionals & Professors!

.: New Security Articles

1). Phishing - How to Avoid Getting Caught
Phishing - what is it and how do you avoid it? Find out how you can protect yourself from the newest member of the fraud family in this article.

2). Save Your Computer Files From Hackers
In everyday practice, we have always regarded a computer as the safest place to store our important information.

3). The Important Needs of a Virus Scanner
Having a reliable virus scanner on your computer is a necessity if you use the internet at all. There are so many viruses and forms of spyware out there that it can be difficult to keep up with them.

4). Your Complete Guide to Shopping Online Safely
A discussion about how to stay safe when shopping online.

5). She Chainsawed The Furniture!-Online Public Records Search
Find out who they really are with an online public records search and even find out what is on you. Government bodies are building databases of public records for public viewing, safety, knowledge, and for law enforcement that can be accessed online.

6). How To Handle Your Passwords
To make your passwords more secure you have to consider some easy rules for your password management.

7). How To Keep Your Home Wireless Network Secure
If you have even a passing interest in the topic of wireless network, then you should take a look at the following information. This enlightening article presents some of the latest news on the subject of wireless network.


.: Top Security Articles

1). Why Not to Start using CGI Proxy sites?
Everyone now these days is concerned with protecting their personal information form prying eyes on the web. With the continuing increase cases of stealing personal web identities, many people have been misdirected about what information needs to be hidden on line and the best way to achieve a more secure Internet environment. One of the most common ideas is that when you start using cgi proxy sites the security level increases.

2). Phishing And Fraud – What Is It?
Phishing is a very sneaky type of fraud conducted over the Internet. Its name is a throw back to the early days of hacking and identity theft and the practice of phone phreaking. While there can be very complicated schemes devised, they are all based on a very simple concept. Phishers try to persuade you, or trick you into giving them sensitive information which they can then use to make money out of the system.

3). Why Do You Need A Registry Cleaner?
Before we understand the need of registry cleaner, let us understand what registry is and why you need a registry cleaner to enhance PC performance. Just as you would store your documents in a file, the Windows stores all information about your computer in a Registry, such as all the software and hardware settings, and everything about the system configuration.

4). E-mail Tracking -The Truth Is Revealed.
Have you ever wondered whether your boss, coworkers or family read your e-mails? Well, now you can track your sent e-mails. In fact, there are many approaches to e-mail tracking. We all know the "read-receipt" system, in which you send an e-mail requesting a read confirmation. When the recipient reads your e-mail, he or she is asked by the software, "Would you like to confirm you received this e-mail?" Then the recipient may choose "No", and we will never get a confirmation.

5). Norton: The Free Security Software You Need
Computer viruses are becoming so hard to battle. The more the technology becomes booming the more these viruses become more notorious.

6). Combating Viruses with Security Software
Do you know the difference between a worm, a Trojan, and spyware? When selecting your security software know exactly what it will do.

7). The Importance of Parental Control Software
Protecting children is the responsibility of every parent, and it is vital for them to keep up with the ever changing threats faced by children as they navigate the Internet. Perhaps the most important tool to help with this is Parental Control software.

.: Main Menu


Home
Top Articles
Top Authors
Submit Articles
Bookmark
Contact Us

.: Article Categories

Accounting
Beauty
Business
Career
Cars and Trucks
Computers
  ·  Computer Certification
  ·  Data Recovery
  ·  Databases
  ·  E-Learning
  ·  Hardware
  ·  Information Technology
  ·  Intra-net
  ·  Networks
  ·  Operating Systems
  ·  Programming
  ·  Security
  ·  Software
Culture and Society
Ecology
Environment
Family
Finance
Fitness
Food and Drink
Free Tools and Resources
Health
Hobbies
Home
Humor
Inspirational/Motivational
Internet
Internet Marketing
Legal
Marketing
Music
Others
Personal Development
Pets and Animals
Politics
Psychology
Publishing
Recreation and Leisure
Relationships
Religion and Spirituality
Science
Speaking
Technology
Writing

Page loaded in 0.183 seconds.