Enable Your Firewall

Always enable your firewall.

A firewall is a system designed to prevent unauthorized access to or from a private network. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet (i.e., the local network to which you are connected) must pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

Several types of firewall techniques exist:

Packet filtering
The system examines each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
These have characteristics similar to those of packet filtering firewalls, except they usually interact with the operating system and installed software to open and close ports on the firewall on-the-fly depending on the application's needs. These can be both helpful and dangerous. Helpful because your machine may only have ports open when it's using them; dangerous because you may not be as aware of which ports and/or protocols your computer is using at which times.
Circuit-level gateway implementation
This process applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
Acting as a proxy server
A proxy server is a type of gateway that hides the true network address of the computer(s) connecting through it. A proxy server connects to the Internet, makes the requests for pages, connections to servers, etc., and receives the data on behalf of the computer(s) behind it. The firewall capabilities lie in the fact that a proxy can be configured to allow only certain types of traffic (e.g., HTTP files, or web pages) through. A proxy server has the potential drawback of slowing network performance, since it has to actively analyze and manipulate traffic passing through it.

In practice, many firewalls use two or more of these techniques in concert. A firewall is considered a first line of defense in protecting private information. It cannot be considered the only line, however, since firewalls are mostly designed to protect network traffic and connections, and therefore do not attempt to authenticate users (i.e., determine who is and who isn't allowed to use the computer the firewall is protecting, or see the traffic coming to it).

Security & Policy Blog Posts

  • The GHOST vulnerability allows an attacker to remotely take control of a system.
  • Drupal announced the availability of a patch to fix a critical SQL injection vulnerability in Drupal 7.