A firewall is a system that secures a network by filtering inbound and outbound network traffic based on a set of user-defined rules. In general, the goal of a firewall is to reduce or eliminate the occurrence of unwanted network traffic, while all legitimate traffic is free. In most server infrastructures, firewalls provide a significant layer of security that, along with other measures, can prevent attackers from gaining access to your servers in malicious ways.
This guide will discuss how firewalls work, focusing on state-of-the-art software firewalls such as iptables and Firewall because they involve cloud servers. Let’s start with a brief explanation of TCP packages and different types of firewalls. We will then discuss various topics related to stateful firewalls. Finally, we provide links to other tutorials to help you set up a firewall on your own server.
TCP Network Packages
Before we look at the different types of firewalls, let’s look at what Transport Control Protocol (TCP) network traffic looks like.
TCP network traffic passes through a network of packets, that is, packets that contain a packet header it contains control information such as start and destination addresses and packet sequence information. And data (also known as payload). While the control information in each packet helps ensure the proper transmission of related data. The elements in it also provide firewalls with different ways to pair packets against firewall rules.
It is important to remember that successfully receiving incoming TCP packets requires the recipient to send outgoing acknowledgment packets back to the sender. A combination of inbound and outbound packet management information can be use to determine the state of the connection between the sender and recipient.
Types of Firewalls
We will then discuss three basic types of network firewalls: packet filtering (stateless), stateful, and application layer.
Packet filtering, or stateless firewalls, work by checking individual packages individually. As such, they are unaware of connection status and can only allow or deny packets based on individual packet headers. Stateful firewalls are able to determine the connection status of packets, making them more flexible than stateless firewalls. They work by collecting the appropriate packets until the connection state is determine before all firewall rules are apply.
Application firewalls go one step further by analyzing the data being transmitted, which allows network traffic to be linked to service-specific or application-specific firewall rules. They are also called proxy-based firewalls.
In addition to the firewall software that is present on all modern operating systems, hardware devices, such as routers or firewall devices, can also provide firewall functionality. Our discussion will again focus on state-of-the-art software firewalls running on the servers they are suppose to protect.
Firewall Rules
As mentioned above, network traffic through a firewall is link to rules that determine whether or not it should be allowed. A quick way to explain what firewall rules look like is to look at a few examples.
Assume that you have a server with this list of firewall rules that apply to inbound traffic:
Reduce inbound traffic from non-technical staff IP addresses in your office to port 22 (SSH)
Receive new and deployed inbound traffic from your office’s IP range to the private network interface on port 22 (SSH)
Note that the first word in each of these examples is accept reject or abandon. Specifies the action that the firewall should take if part of the network traffic matches the rule. Accepting means allowing traffic, refusing means blocking traffic. But responding with an “unreachable” error and discarding means blocking traffic and not sending a response. The rest of each rule is a condition that each packet is link.
SEE: Best Online Banking for Business – Online Business Banking
As it turns out, network traffic is associated with a list of firewall rules in sequence, such as a string. More specifically, if a rule is override, the action applies to the network traffic in question. In our example, if an accountant tries to establish an SSH connection with the server, it will reject it under rule 2 before rule 3 can be further tested. However, the system administrator will be accept it because they only meet rule 3.
Standard Policy
Usually for a string of firewall rules that do not explicitly cover all possible conditions. For this reason, firewall missiles should always have a default policy set, which consists of only one action.
If there is a computer outside your office that is trying to establish an SSH connection with the server. Traffic will decrease because it does not meet the conditions of any of the rules. If the default policy is set to Accept, anyone other than your own non-technical staff will be able to connect to any open service on your server. This is an example of a misconfigured firewall, as it only restricts a subset of your employees.
Incoming And Outgoing Traffic
If network traffic can get in or out from the server’s perspective, the firewall maintains a different set of rules for each case. Traffic coming from elsewhere, incoming traffic, is treated differently from outgoing traffic sent to the server. It’s just that the server allows the most outbound traffic, because the server is usually reliable in itself. However, an outbound policy set can be use to prevent unwanted communication. If a server is attack by an attacker or a malicious executable file.
To maximize the security benefits of your firewall. You must identify all the ways in which you want other systems to interact with your server. To create rules that explicitly allow them, and then abandon all other traffic. Note that appropriate outbound rules should be in place for the server to allow it to send outbound identifiers to all relevant future connections. Because the server often has to start its own outbound traffic for various reasons. Such as downloading updates or connecting to a database it is important to include instances in the outbound rules.
SEE: Quotes For Homeowners Insurance – All You Need To Know
