Network and Infrastructure , Security

Firewall in Place to Protect Our Network

by S. K. Tsui

Everyday, when you are working with your PC in your office drawing up important documents, and utilizing resources offered by the campus network, have you ever wondered if your data is 100% safe or whether there is protection of any sort to prevent intrusion from outsiders? In order to untangle some of your concerns, the following article will give you some ideas on what has been done to protect our campus network and what you can do to enhance the security of your own PC.

Perimeter Firewall

As long as your PC stays connected on the Internet, you are never completely secure. A perimeter firewall, which is a security system installed behind the Internet gateway, is therefore necessary to protect our internal network from external threats such as unauthorized access to our network, to enforce the data flow between the campus and the Internet conforming to our security policy.

Currently, the mission of the firewall is to protect our network from:

  1. Denial of service attacks
     
    Denial of service attacks attempt to make servers or network devices unavailable to users by consuming most of their processing time by flooding them with thousands of requests or sending misbehaved packets to try and make them crash. The firewall protects our network by limiting the number of such requests allowed to get through from the Internet and discard those misbehaved packets from entering our network.
     
  2. Unauthorized access to certain hosts and unregistered services
     

    According to individuals' requirements, one's computer may be configured to provide various network services, such as Microsoft file sharing, FTP and SMTP services, for personal or internal use. Unfortunately, some of these services may have been misconfigured or not well protected which made these systems easy targets for the hackers. For example:
     
    • FTP (File Transfer Protocol) and NetBIOS over TCP/IP (Microsoft file and print sharing)

      FTP server and Microsoft File Sharing service provide convenient ways to upload and download files over the Internet. Unfortunately, if the FTP or the Microsoft file service is misconfigured, such as allowing anonymous logins or open accounts, hackers could easily hack into the server, download valuable data, create back doors and even gain control to the server. If the server allows file uploads, hackers could upload viruses, share pirated files and programs through the server.
       
    • SMTP (Simple Mail Transport Protocol)

      Depending on the version of the SMTP server being used, hackers can utilize the buffer overrun vulnerability to execute malicious code in order to crash or gain access to the server. Moreover, if a SMTP server has the relay feature turned on, the attackers may utilize this feature to launch a SPAM attack on other SMTP servers.
  • Fortunately, our firewall can prohibit these hacking activities by blocking unauthorized access to these unregistered services from the Internet.
  1. Network probes and scans

    The most common types of network probe are ping sweep and port scans. Intruder sends a set of ICMP ECHO packets to a range of IP addresses and collects the response. Once live hosts are identified, the intruder will then perform port scanning looking for services running on these hosts and then issues attacks on any vulnerable ones found. In this respect, the firewall can protect our hosts by identifying these intruders and denying their traffics from entering our network.

Personal Firewall

The perimeter firewall mentioned above aims to protect our entire network from attacks coming from the Internet, but it cannot prohibit attacks from the internal network. Furthermore, the policies set in the perimeter firewall may not be able to provide sufficient protection to a particular host with special requirements. If you need additional protection on a particular host, you may consider installing personal firewall.

A personal firewall is normally a software loaded with the operating system to protect a single computer. You can define more tightened security policies yourself to govern all the data entering and leaving your computer.

Anti-virus Program

Most firewalls can do little to protect your PC against computer viruses. More than 95% of computer viruses are spread through opening e-mail attachments, downloading software, visiting malicious URLs, and exploiting security holes in the operating system.

To prevent your computer from being infected by computer viruses, you must install an anti-virus program, and be sure to keep your anti-virus software up-to-date. Also, the latest security patches and updates of your operating system should be applied frequently so that security holes can be eliminated.

Finally, even though you have firewall, anti-virus program to safeguard your computer, you still need to backup your data periodically to prevent data loss due to unpredictable events such as hardware failure and human mistakes.