Firewalls have been around since the internet has become popularized with the first network firewall being designed in the 1980s. Firewalls are the first line of defense a computer had, and it is very imperative to have one. The reason being that it establishes a barrier between the secured internal networks that can be trusted to the unsecured external networks. The origin of a firewall comes from a wall used for restricting a fire to spreading to other parts of a building, but this term is more commonly known now for computer security. The first type of network firewall was a packet filter that would be able to inspect packets being transmitted from computers. Once a packet did match what the packet filter specified then the packet would be either thrown out or rejected to protect the security of the computer. Otherwise if the packet would meet the requirements specified by the packet filter then the packet would be allowed to pass.
There are a few different types of firewalls, but it is important to understand the basics of how firewalls work. Whenever you send and receive data on the internet or if you were to send and receive data in an internal network, the data would be made up of TCP and UDP packets. TCP packets are preferred over using UDP packets in terms of security with a firewall, because UDP packets while they can filter by which port the headers in UDP lack a lot of information that TCP packet headers contain. While with TCP packets they use more information like source and destination addresses, payload, and packet sequence information. When a firewall has access to this information it can be a lot more effective in warding off attacks as compared to when the firewall has to filter by UDP packets. The way a firewall works is by using a filtering process to determine what is acceptable in the secured environment and what is not acceptable which you use the default settings in a firewall program or set the parameters yourself to ensure that your system is secure.
These are three basic types of firewalls the first one is of course the packet filter. Also referred to as a stateless firewall this type of firewall inspects each packet that the system gets individually. As stated previously this firewall inspects each packet analyzing if it is appropriate or not. If the packet is a TCP packet then the firewall will be able to filter the source and destination address, the payload and the packet sequence information. Where as if the packet was a UDP packet, the firewall would only be able to filter by the port number. Which is why it is better for security reasons to have TCP packets filtered rather than UDP packets because there is more information to determine whether or not a packet could do harm to your system. Another type firewall is a stateful firewall this type also examines each individual packet and assesses if the packet is safe. But stateful firewalls also consider the state of network connections like TCP streams or UDP communication and can hold data of each connection in memory. The data that the firewall stores from each connection could be ports that were involved in the connection, IP addresses and sequence numbers of the packets. So, this type of firewall tracks the individual packets, and keeps track of the state of the connection and then stores the data that it needs. Overtime this data will be used so that filtering decisions would not just be predicated on what the administrator set in the settings, but also on the data that has been accumulated overtime on the state of the connections. Similar to the packet filtering firewall, when it comes to the stateful firewall TCP is also more secure than UDP. Mainly because UDP is not founded in a bidirectional connection like TCP which would make the stateful firewall more vulnerable. The stateful firewall would only be able to see the connection through addresses and ports of packets’ source and destination. As opposed to TCP where it has the three-way handshake with SYN, SYN-ACK, and ACK this helps the stateful firewall by authenticating the connection bidirectionally. Another type of firewall is an application firewall this firewall filters packets as well as keep track of the state of network connections. This type of firewall also checks the actual content of the packets and does not just look at the headers of the packets. This firewall type allows for someone to enter their own parameters and helps defend against malicious code. So, just in case someone masquerades the packets and they get through it also analyzes the data in the packet to ensure that your system will not be harmed.
Firewalls are essential when operating a system that will be connected to an environment that is not completely secure. A firewall needs to be set up on a system to establish a barrier between a secure internal network and an unsecured external network. If you do not have a firewall setup correctly or if you do not have a firewall at all your system could be open for plenty of different attacks. These attacks could leave your system completely useless and your private information could be stolen. Every system that is connected to an unsecure network should have a firewall because it is your system’s first line of defense when preventing an attack.