120. Firewall 101
By Andrew D. Wright
Dear Mousepad:
I am confused. Some things I read say you should have a firewall.
I have a router and think I am being told I don't need a
firewall. Am I correct?
Bob Brown
Dartmouth, N.S.
One of our totally cool mousepads is in the mail to you for your question,
Bob.
A router (pronounced row-ter with row sounding like
cow) is a device used to connect networks together. It also acts as
a firewall for incoming data packets.
Let's start with the basics. The Internet is a vast collection of
computers all over the world that talk to each other using data packets.
These data packets are addressed like an envelope and sent out from one
computer to another.
Think of it like someone sending you a jigsaw puzzle through the mail with
one or two pieces in each envelope. Eventually you get the whole puzzle.
Now imagine that the mail system is for a big apartment building. Each
tenant would have their own mailbox and anything sent to the building not
addressed to one of the tenants would get thrown away. That's basically
what a firewall does.
On your computer there are 65,535 TCP (Transmission Control Protocol)
ports that can be used for network communication. Each of these ports can
send and receive data. Many of the lower-numbered ports have specific
functions. Other protocols can also have ports or port ranges assigned to
them.
For instance, when you use a web browser to get a web page from a server,
your computer is talking to the web server on TCP port 80, the port set
aside for web page traffic. Port 80 on the web server is open so requests
for web pages can be received and served.
A router uses NAT, or Network Address Translation, to set up a protected
subnet, a small local network. A computer behind the router on the subnet
would only receive data packets it had asked for. All other data packets
sent to the router from the outside world would simply be deleted.
In other words, routers act as natural firewalls for incoming traffic.
Data packets used in network-based attacks on your computer will be
silently destroyed by the router before they can ever get to your
computer.
Rules can be set on the router to forward traffic to specific ports on
specific computers on the protected subnet so that programs that need to
use certain ports can do so.
When setting up a router, be sure to change the default password to
something secure and make sure that remote administration of the router is
turned off. This is safer since it means a computer has to be physically
plugged into the router to change any router settings.
A wireless router can set up a subnet using radio waves instead of network
cables to connect the computers. It's a good idea to restrict the access
to this protected subnet using WPA (Wifi Protected Access) or WPA2, and a
strong password.
Firewalls can control outgoing traffic as well as incoming traffic.
Controlling outgoing traffic means that a program on your computer that
wanted to talk to the Internet would need to be approved first. This
usually requires firewall software running on the computer itself.
Test open ports on your computer:
Shields Up! :
http://grc.com/
Listing of Ports for Internet Service:
http://www.chebucto.ns.ca/~rakerman/port-table.html
Warriors of the Net (animated video on networks):
http://www.youtube.com/v/Ve7_4ot-Dzs&rel=1
Tip of the Chebucto chapeau to Chris Watt for the video
recommendation.
The Mousepad runs every two weeks. It's a service of Chebucto Community
Net, a community-owned Internet provider. If you have a question about
computing, email mousepad@chebucto.ns.ca or
click here. If we use your question
in a column, we'll send you a free mousepad.
Originally published 30 November 2007
