Firewall's, part two.

Back to our partition wall....

Our child is trained not to talk to strangers.

What if our stranger says something like "Yeah OK"

There might be an inclination for the child to respond back, "Eh, sorry you talking to me ??"

Using a simple trick the child has responded, thinking that he/ she has missed something said earlier.

Or if the stranger says "Thanks for that" or "Here you go, this is what you asked for" or some such statement that makes it appear that there was in fact a conversation going on.

The firewall will allow you to start a "conversation" with another computer, it will allow outbound traffic.

It will allow inbound traffic that is in response to your outbound traffic, this is our two way conversation.

But to be any good it must be able to stop traffic that is inbound and made look like it was part of a "conversation" that you initiated but did not!

You can see things can start to get a little tricky!

There are many good "scanners" that can do this Nmap being one such.

From the attackers view point it's pretty easy to set the "scanner" to scan thousands of computers and await the results.

He can see the computers that "talk back" and further scan them using a variety of different scanning techniques which can be difficult for the computer being scanned to detect.

In the hands of a useful hacker he can fully scan a single computer over day's and the computer being scanned will not know it.

This is only really useful and economic in terms of time if the computer being scanned is worthy, IE a corporate server or the like.

A hacker is not going to spend several day's scanning Mr Joe Bloggs home computer!

Their are millions of Mr Joe Bloggs computers sitting out there with no firewall, no nothing, just wide open.

So a good firewall is really a simple and effective method of hiding from prying eyes.

  Firewall's -  Part 1 |   Part 2  | Part 3 |