1. Technology
You can opt-out at any time. Please refer to our privacy policy for contact information.

Computer Security 101 (tm)

~ Lesson 3 Continued ~

By

If you do want to host a web site, or allow files to be downloaded from your computer using FTP or allow other computers to connect to yours for online gaming, you would need to open the respective port. For example, to host a web server you would configure your firewall to block all incoming UDP and TCP traffic on all ports except port 80. On most basic home Cable / DSL routers the port-blocking firewall can be configured to allow traffic through a port to a specific host so that your other computers would still be protected from this sort of traffic, but external hosts would be able to access your web server or game connection or whatever else you wanted.

This sort of basic firewall has some issues that can be exploited by hackers and malicious programmers to sneak through which is why there are more advanced firewall systems. I mentioned that with this sort of port blocking, communications in response to connections initiated by your computer would be allowed through even on ports you were blocking. Using this knowledge, a hacker can forge the packet to make it look like it is a reply rather than an initiation of a connection and the firewall will allow it through.

Even on connections that ARE initiated by your computer, a malicious programmer can still exploit weaknesses in the system to sneak packets through. To guard against some of these weaknesses there are other types of firewalls- stateful inspection packet filters, circuit level gateway and application level gateways to name a few. For more details on firewalls see the article What Is A Firewall?.

Another consideration for firewalls is that it is not always enough to monitor or block inbound traffic. You may get a virus or Trojan horse program through a connection you initiated, thereby bypassing the firewall, or through email. These malicious programs can open ports and initiate connections FROM your computer once they are planted there. Most software based firewalls like Zone Alarm or Sygate (Top Software Firewall Products) or more advanced hardware based firewalls will monitor outbound connections as well.

That does it for Lesson 3. We have completed an overview of ports and some of the common uses, the TCP and UDP protocols and a quick look at how firewalls work. In Lesson 4 we will cover email security, email borne viruses, hidden file extensions and email spoofing. Come back soon.

©2014 About.com. All rights reserved.