From LinuxReviews
Jump to navigationJump to search

A firewall is a computer "security" measure designed to keep the bad guys out while allowing the good guys in to use whatever resources they want.

The concept

A firewall basically blocks access from the outside to the inside. The idea is to "protect" the local area network on one side of the firewall from the rest of the Internet on the other side of the firewall.

The problem with this concept

The problem with this concept is that it provides false security.

There are so many non-computer related ways of getting by any firewall. You can dress up as a janitor, or say you are a consultant for a high-level executive, or send a nice guy from Italy named Gringo, and so on. These guys can, once on the inside, access any unsecured resource inside the firewall just as if they'd somehow managed to by-pass the firewall using technical means.

The working firewall

Forget about the concept "firewall". Secure each of the resources on the local network. It's quite easy to store passwords in most software programs.

For example, consider a printing server. It can be protected by a firewall and allow anyone who accesses it to print, or it can require each user who accesses it to identify himself using a username and a password. The first choice only requires someone to be in the building or by-pass the firewall, the second requires a working user-account and makes it that much harder to gain access to the resource.

Firewall every computer

It's a good idea to run a local firewall on every computer in order to make sure that services who are only intended to be available to the local user in fact are only available to the local user.

Again, securing every service on a network and securing every computer in a network makes much more sense than just putting up a firewall between the LAN and the Internet and then pray that does some kind of security job.