Page 8 - 1906
P. 8

(Continued from page 7)                                   ·  User control determines if a user is al-
                                                                         lowed access to the service.
            allow increasing the protection when connected            ·  Behavior control determines how particu-
            to such unprotected networks.
                                                                         lar services are used.

                                                                  A firewall protects your computer from Internet
                                                                  hacking, where someone gains remote access
                                                                  to it over a network, and against worms, mal-
                                                                  ware that spreads over a network. However, it
                                                                  provides little or no protection against many oth-
                                                                  er threats.

                                                                      ·  If you give permission for other comput-
                                                                         ers to connect to yours, e.g. enable re-
            Figure 2. Host-based Firewall.                               mote access.

            There are multiple types of firewalls, each using         ·  Switching off the firewall or adding many
            a different approach to traffic filtering.                   exceptions to its rules reduces the pro-
               ·  First-generation firewalls were packet fil-            tection.
                   ters, comparing basic information, such            ·  It is not effective against malware, includ-
                   as the original source and destination of             ing viruses, spyware, ransomware, etc.
                   the packet, the port being used, and the              This is most commonly acquired through
                   protocol, against a list of rules.                    clicking on email attachments and email
               ·  Second-generation firewalls were the so-               links, downloading pirated media, and
                   called stateful firewalls, which added an-            visiting rouge or infected Websites.
                   other connection state to the filtering cri-       ·  It does nothing about spam.
                   teria. Based on this information, the tech-
                   nology could determine if the packet was           ·  People with physical access to your com-
                   starting the connection, was a part of an             puter or network are not monitored.
                   existing connection, or wasn’t involved at         ·  Data introduced to the computer other
                   all.                                                  than online, e.g. via USB connected de-

               ·  Third-generation firewalls understand ap-              vices, CD/DVD etc. are not checked.
                   plications as well as some widely-used             ·  If your laptop acquires malware while
                   protocols such as File Transfer Protocol              connected to a Wi-Fi hotspot, and you
                   (FTP) and Hypertext Transfer Protocol                 later connect it to your home LAN, your
                   (HTTP). Based on this information, the                other PCs can become compromised
                   firewall can detect attacks trying to cir-            since you are behind the firewall.
                   cumvent it by misusing a protocol or vio-          ·  Traffic that appears to be legitimate pass-
                   lating application procedures.
                                                                         es freely.
            Third-generation firewalls control traffic flow in        ·  A firewall protects only information on
            several ways.
                                                                         your home LAN; once you send it to the
               ·  Service control determines what types of               Internet it’s accessible to anybody.
                   services are accessed.
                                                                      ·  Only you can prevent phishing, where
               ·  Direction control determines in which di-              you are tricked by e-mail, a Website, or a
                   rection particular service requests are               phone call into installing malware, by-
                   initiated.                                                                        (Continued on page 9)



                                                              8
   3   4   5   6   7   8   9   10   11   12