Striper Talk Striped Bass Fishing, Surfcasting, Boating - View Single Post

JohnR · 11-29-2002, 07:29 PM

FS - Nahh - different guy....

I've had a couple PMs about "WTH is a FIREWALL??" So I'll try to answer it as plain as possible...

When you send info across the internet, that info travels from numbers, like your IP address, across diferent devices called routers which also have their own IP address, until they get to their destination, the IP address for this website for example. So that's how the info, basically, bounces around. Now the other thing which happens is that all the different services that run on these IP addresses are typically given a number between 1-64,000. The most common services, like HTTP, POP E-mail, SMTP e-mail, FTP, DNS, telnet (part today's problem), and blah blah, each have their own service PORT . Common services are applied common ports- HTTP=80, POP E-mail =110, SMTP e-mail = 25 , FTP = 21, DNS = 53, telnet = 23 are typical of this. So if you want somoeone to read your website, you need to allow port 80 to be open on your machine.

Microsoft operating systems - which 99.99 % of the people here exclusively use, leave all this stuff open by default. That means that if someone figured out you IP address, they could find some other typically open port, say file sharing, and potentially sneak onto your machine. What a firewall does is uses a set of rules to close down everything other than what you want to be open coming into you. A good firewall will shut down EVERYTHING coming into it. So if someone trys to get into your system , they need to do it over a port that you have open. Fortunately, with these ports dedicated for the most part, in 99.999% of the cases they can't successfully try to do something over one of the other ports.

So this firewall can be hardware or software and have different levels of sophistication. Best to use a hardware router (like a Linksys BEFSR41) with a built in firewall if you have several computers connecting to the internet thru a cable modem as this will both give the other computers a private address which makes it harder to attack and the firewall portion can prevent more malicious attacks from coming in. These hardware boxes like the Linksys also do something call NAT - Network Address Translation where the hardwars device assumes the public IP address given to you by your ISP and that device gives you a hidden, private number that is not seen on the Internet. This shows up as almost a "stealth mode" becuase the hardware device really doesn't use any ports, it justs sends out the requests that your PC wants.

A software firewall (like Symantec's Internet Security or Zone Alarm) is good for most single PC hookups...

I realize that wasn't probably the best way to put it but I just do them and not talk about them too much

2 things to check out:

http://grc.com/su-firewalls.htm a quick read on firewalls...

and the link I put up earlier on the same site for the shields test: http://grc.com

If you show up under a scan or probe as having ports open, you're looking for trouble

I'll try to answer what else someone asks...

11-29-2002, 07:29 PM	#13
JohnR Certifiable Intertidal Anguiologist iTrader: (1) Join Date: Feb 2000 Location: Somewhere between OOB & west of Watch Hill Posts: 35,272 Blog Entries: 1	FS - Nahh - different guy.... I've had a couple PMs about "WTH is a FIREWALL??" So I'll try to answer it as plain as possible... When you send info across the internet, that info travels from numbers, like your IP address, across diferent devices called routers which also have their own IP address, until they get to their destination, the IP address for this website for example. So that's how the info, basically, bounces around. Now the other thing which happens is that all the different services that run on these IP addresses are typically given a number between 1-64,000. The most common services, like HTTP, POP E-mail, SMTP e-mail, FTP, DNS, telnet (part today's problem), and blah blah, each have their own service PORT . Common services are applied common ports- HTTP=80, POP E-mail =110, SMTP e-mail = 25 , FTP = 21, DNS = 53, telnet = 23 are typical of this. So if you want somoeone to read your website, you need to allow port 80 to be open on your machine. Microsoft operating systems - which 99.99 % of the people here exclusively use, leave all this stuff open by default. That means that if someone figured out you IP address, they could find some other typically open port, say file sharing, and potentially sneak onto your machine. What a firewall does is uses a set of rules to close down everything other than what you want to be open coming into you. A good firewall will shut down EVERYTHING coming into it. So if someone trys to get into your system , they need to do it over a port that you have open. Fortunately, with these ports dedicated for the most part, in 99.999% of the cases they can't successfully try to do something over one of the other ports. So this firewall can be hardware or software and have different levels of sophistication. Best to use a hardware router (like a Linksys BEFSR41) with a built in firewall if you have several computers connecting to the internet thru a cable modem as this will both give the other computers a private address which makes it harder to attack and the firewall portion can prevent more malicious attacks from coming in. These hardware boxes like the Linksys also do something call NAT - Network Address Translation where the hardwars device assumes the public IP address given to you by your ISP and that device gives you a hidden, private number that is not seen on the Internet. This shows up as almost a "stealth mode" becuase the hardware device really doesn't use any ports, it justs sends out the requests that your PC wants. A software firewall (like Symantec's Internet Security or Zone Alarm) is good for most single PC hookups... I realize that wasn't probably the best way to put it but I just do them and not talk about them too much 2 things to check out: http://grc.com/su-firewalls.htm a quick read on firewalls... and the link I put up earlier on the same site for the shields test: http://grc.com If you show up under a scan or probe as having ports open, you're looking for trouble I'll try to answer what else someone asks... Last edited by JohnR; 11-29-2002 at 07:34 PM..
	~Fix the Bait~ ~Pogies Forever~ Striped Bass Fishing - All Stripers Kobayashi Maru Election - there is no way to win. Apocalypse is Coming: