BotNet News

A firewall is one of the essential cybersecurity tools for any organization or individual. Combined with antivirus software and threat detection technology, firewalls help block critical cyber threats such as ransomware, viruses, worms, Trojan horses, spyware, adware, and malware. However, not all firewalls are created equal and it’s important to understand how different types of firewalls function before deploying them in your network.

Firewalls act like security guards that protect your home or car from intruders by preventing fires from spreading between floors or rooms, and also analyzing incoming traffic to stop unauthorized access. A basic firewall, also known as a packet filter, looks at data sent from your PC to other computers and networks on the internet to determine whether it’s safe or not based on a set of rules that you create (or have been configured).

As a result, each packet of information that comes into your computer has its own unique identity, including its source address, which designates your computer on the internet, and its destination IP address or port number, which indicates which application the data is supposed to be for (e.g., a web browser connecting to a website uses TCP port 80). The firewall then decides whether the packet should be allowed in or denied based on its destination and origin.

A more advanced type of firewall, a stateful firewall, is more than just a guard at the border that examines each packet. Stateful firewalls maintain a history of what has been permitted and denied, so they can look at the details of each packet to better predict which ones are likely to be a problem. This can help mitigate attacks such as port scanning, where malicious packets send forged requests to ports that have been opened or scanned for vulnerabilities.