You have many firewalls in your life, from computers to cars.
They are designed to do the same thing—protection.
“A firewall is a wall that keeps the bad things out, like fire!” said Stacy Bresler, managing partner at Archer Security Group.
“In a car, the firewall is placed between the passengers and the engine to prevent a possible fire from getting into the main compartment of the vehicle,” he said.
On your computer, a firewall is meant to keep the bad guys out of your system.
“A firewall is placed between the important computer systems on your trusted network and a different network that is of less trust, e.g. the Internet,” Bresler explained.
For National Cyber Security Awareness Month, Archer News is asking cybersecurity experts at its parent company—Archer Security Group—for answers to your questions about cybersecurity words and phrases.
See also “What is cybersecurity?”, “What is a DDoS?”, “What is ransomware?”, “What is malvertising?“, “What is a password manager?“,”What is encryption?” and “What is IoT?” from Archer News.
Many home routers have a built-in firewall. Photo credit: sridgway via Foter.com / CC BY
Not bulletproof
In your car or house, fire is bad. A physical firewall should keep all fire out.
But on your computer, the situation is more complicated. Your firewall needs to let some traffic in.
It is more like a door with a peephole than a wall.
“Generally speaking, a firewall is a device that screens communication in and out of a network to see if it looks like it should be allowed, and to prevent communication if it doesn’t look like it should be allowed,” said Jim Feely with Archer Security Group.
“They vary in complexity, function, and effectiveness,” he said.
That can be a problem if an attacker disguises his or her traffic as something that looks harmless. The guard at the peephole might be fooled and open the door.
“If a bad guy can make his attack look like something the firewall thinks is okay, it’ll pass right through,” said Patrick C. Miller, managing partner at Archer Security Group.
“Many think a firewall is a bulletproof hacker stopper,” Miller said. “This is simply not true.”
Famous firewall holes
Firewalls played a role in the leak of alleged National Security Agency weapons in August.
Hackers claimed they got into the NSA’s system and pilfered security weapons the agency used for spying.
Two of these weapons—ExtraBacon and EpicBanana—allowed attackers to take over computer firewalls, reported Ars Technica.
In addition, you might configure your firewall the wrong way without knowing it.
“Firewalls can be complex devices, performing all kinds of security functions,” said Miller. “If not managed by someone who knows how to use it the right way, then you will think you’re more secure than you actually are.”
“It’s like giving a power tool to someone without training on how to use it without hurting themselves,” Miller added.
Social media users played with the names of the alleged NSA firewall exploits.
Part of the answer
Despite their flaws, firewalls are key, like locks on your doors. You don’t want the bad guys to march right through, unimpeded.
“They are essential for protection, but they are only part of the solution,” Miller said.
“Good security is achieved through concept called defense in depth which requires thoughtful analysis and the application of complementary policies, administrative controls, and technical controls, one of which is often a firewall,” said Feely.
For you at home, Microsoft recommends you use a hardware firewall, like a router, to protect your entire network, but also a software firewall on each computer.
That way, if one computer becomes infected, others may stay infection-free.
“Most modern operating systems include a software firewall,” the United States Computer Emergency Readiness Team said on its website. “In addition to the operating system’s firewall, the majority of home routers have a firewall built in.”
US-CERT advises you to check the user’s guide for information on how to set up your firewall, understand security settings, and set a strong password to protect it.
See also “What is cybersecurity?”, “What is a DDoS?”, “What is ransomware?”, “What is malvertising?“, “What is a password manager?“, “What is encryption?” and “What is IoT?” from Archer News.