I believe that the computer will know that there is a firewall function, then what is the firewall? What does it do? Today we will unveil the mystery of the firewall.
Firewalls are usually used for the following purposes: restricting access to the internal network, filtering out unsafe services and illegal users, preventing intruders from approaching your defenses, restricting access to special sites, and facilitating the monitoring of LAN Security.
Personal firewalls typically have the following features:
1, packet filtering
The principle of filtering technology (IP filtering or packet filtering) is to monitor and filter incoming and outgoing IP packets on the network and to refuse to send suspicious packets.
On the Internet, the information Packet Exchange network, all the information is divided into a number of packets of a certain length, the header information includes IP source address, IP destination address, Internal installation protocol (ICP, UDP, ICMP, or IP tunnel), tcp/udp Target port, ICMP message type , the packet entry interface and the outbound interface. When these packets are sent to the Internet, the firewall reads the recipient's IP and selects a physical line to send out, and the packet may arrive at its destination on a different route, which will be reassembled at the destination when all the packages arrive. The packet-filtered firewall checks all the IP addresses in the packet and filters the packets according to the filter rules given by the system administrator. If a firewall sets an IP as dangerous, all information from this address will be blocked by the firewall.
2, firewall security rules
The security rule is to set up the internal protocol of the LAN and Internet used by your computer so as to achieve the best security state of the system.
The security rules in Personal firewall software can be divided into two ways:
One is a well-defined security rule.
is to define security rules into several programs, generally divided into low, medium and senior three. This does not understand the network protocol users, you can according to their own needs flexible set of different security programs. For example: ZoneAlarm firewall.
There is also a user can customize security rules
That is, you can set up a single protocol individually, depending on the security state you need, as you know the network protocol very well.
3. Event Diary
This is the main function that every firewall software can not be less. Log the firewall software to hear all the events that occurred, such as the intruder's source, protocol, port, time, and so on. Logged events are determined by the capabilities of the firewall.
So what's the best kind of firewall? This is a question that netizens often ask.
I personally think that the use of firewalls, not necessarily the best, because the personal firewall is mainly aimed at the practicality of individual users to make, in addition to the above several functions, but also integrated some tools, such as tracking host name or IP address, detection Trojan horse, camouflage and so on. According to their different needs to choose, in the continuous learning to eliminate some simple firewalls. I divided the user roughly into five kinds:
1, do not understand the network protocol users, just to visit the Web page. You can use a fool-style firewall. For example: Intrusion detector, Intruder Alert ' 99
2, if you are on the Internet to chat or often attacked users, then you can choose: Protectx, LockDown2000 Two firewall, they have the ability to track IP. If you are attacked, you can trace it immediately.
3, often encounter to scan the user, using the Internet Firewall 2000, ANALOGX, Netalert. These two firewalls can block or monitor your open ports.
4, the Internet users in the LAN environment, then the firewall must support the NetBIOS settings function. For example: AtGuard, Zone Alarm, conseal pc Firewall, Skynet firewall, BlackICE.
5, their own network protocol users. The Norton Internet security V2.0 Personal Firewall has a very detailed custom network protocol with the AtGuard firewall.
Here is a description of the five user categories mentioned above, which are not required to be used in such a classification, except that they have the functional characteristics of that classification. For example, Zone Alarm, Skynet Firewall, these two firewalls also provide a security rule scheme for ordinary users, users who do not understand the network protocol can also be used freely.