BotNet News

A Firewall is either a hardware device or software application that protects your computer from attacks by acting like a 24/7 filter that inspects every piece of data that attempts to enter the network and blocks anything that looks malicious. It does this by examining the data at a specific level of the OSI protocol stack, scanning it for characteristics that can indicate potential threats, and then deciding whether to allow or deny access to your computer based on those criteria.

Packet filtering firewalls work at the lowest level of the OSI protocol stack, evaluating each packet of data to determine its location and destination by looking at Internet Protocol (IP) addresses, port numbers and packet types. These firewalls can be very effective, but since they only check a very low level of the data, they are relatively easy to evade by attackers.

Stateful inspection firewalls work on a higher level of the OSI protocol stack. They compare incoming data packets to a table of previously established connections and evaluate them according to the rules in that table. This helps them to prevent new connections from being accepted without prior approval, and it can also help block denial-of-service attacks, which exploit existing connections.

A unified threat management (UTM) firewall is an advanced firewall that provides multilayer monitoring, including application awareness and intrusion prevention. These features are often incorporated into a single software package or service, which may reduce complexity and costs.