A firewall is a network device, or software running on a computer, which inspects network traffic passing through it, and denies or permits based on a set of rules.
A firewall's basic task is to prevent network intrusion to the private network. Without proper configuration, a firewall can often become worthless. Standard security practices dictate a "default-deny" firewall ruleset, in which the only network connections which are allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration requires detailed understanding of the network applications and endpoints required for the organization's day-to-day operation. Many businesses lack such understanding, and therefore implement a "default-allow" ruleset, in which all traffic is allowed unless it has been specifically blocked. This configuration makes inadvertent network connections and system compromise much more likely.
Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. The predecessors to firewalls for network security were the routers used in the late 1980s to separate networks from one another. The view of the Internet as a relatively small community of compatible users who valued openness for sharing and collaboration was ended by a number of major internet security breaches, which occurred in the late 1980s.:
- Clifford Stoll's discovery of German spies tampering with his system
- Bill Cheswick's Evening with Berferd" 1992 in which he set up a simple electronic jail to observe an attacker
- In 1988 an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues that read,
| “ | We are currently under attack from an Internet VIRUS! It has hit Berkeley, UC San Diego, Lawrence Livermore, Stanford, and NASA Ames. | ” |
The Morris Worm spread itself through multiple vulnerabilities in the machines of the time. Although it was not malicious in intent, the Morris Worm was the first large scale attack on Internet security; the online community was neither expecting an attack nor prepared to deal with one.
Firewall Generations
First generation - packet filtersFirewall Generations
Second generation - "stateful" filters
Third generation - application layer
We'll discuss about this is in next article.
