BotNet News

Firewall is software or dedicated hardware that restricts internet traffic in to, out of, and within a private network. It functions by selectively blocking or allowing data packets based on pre-defined rules. Firewalls help prevent malicious activity from spreading within your business or home computer network. They also help prevent unauthorized users from accessing and using your systems to attack other networks.

Each piece of data sent to your PC via the internet is formatted into a data packet. This packet has a source address, destination address and port number that designates which application the packet is meant for. Firewalls can read the characteristics of these packets at different levels of the OSI model. The more sophisticated firewalls can also examine the content of these packets.

Most traffic that reaches the firewall is one of the three major Transport Layer protocols TCP, UDP or ICMP. All these protocols have a port number that uniquely identifies them as they pass through the firewall. Each packet also has a type code that indicates the contents of the packet, such as a file, image, application or a command.

Firewalls can be configured with a series of technical statements that tell the firewall hardware or software what to do with each packet. A person implementing the firewall software or hardware, often known as a Firewall Administrator, will translate this policy into a set of rules (or filters) that tell the firewall what to accept and what to reject. Creating these rules requires an understanding of how a computer communicates. Boston University IS&T security staff can assist with writing complex firewall rules that cannot be created using the simple graphical interfaces like those available in Windows, Mac or Linux operating systems.