The computing term ‘firewall’ originated from using a continuous wall between buildings built close together to prevent a fire from spreading from one to another. It was then used in the construction of vehicles to protect the cabin from the engine compartment.
A network firewall is a barrier that protects a network you trust from a network you don’t. Your home network is one you trust, while the internet is a network that can’t be trusted. Firewalls exist as software on your computer or as a network device that filters all of your traffic.
Essential nuances are involved in how a firewall works, which the owners of large networks need to consider. For large corporations with big IT departments, there are three main types of firewalls available today. Thankfully, for the home user, things are nice and straightforward.
Why You Need a Network Firewall
A firewall of some kind is an essential investment in protecting the devices on your home network. Let me give an example. When I was first playing with computers and networks, I thought playing with the Linux operating system would be fun. And it was.
However, I spent a significant amount of time downloading the operating system and getting it installed. Then, before I powered it up for the first time, I connected it directly to the internet. Once I pressed the power button, I lost all control of it in less than a minute. Someone had found it, hacked it, and permanently locked me out that quickly. I was stunned.
After giving up on the Linux adventure, I played with a software firewall on my Windows computer. I was again connected directly to the internet. Interestingly, this tiny software firewall could report all of the attempted connections to my PC.
It was able to show me all of the attempts to hack my machine as they happened! But, unfortunately, I found that the list of actively attempted hacks happening right in front of my eyes was scrolling so quickly that it was hard to read.
After searching online a little, I found that a router can provide some protection from online attackers. So the next day, I bought a router, which includes the packet filtering found in a packet filtering firewall.
I connected it and checked the software firewall for attacks. There were none! At that point, I became a staunch advocate of using a separate firewall device to protect computers.
These routers are very economical and provide a significant amount of protection from malicious actors on the internet. Today, most people get this protection by accident because everyone wants WIFI routers, which do the same thing. Back then, it wasn’t as commonplace.
Even so, make sure when you’re setting up a home network that you have your router, WIFI enabled or not, connected between your devices and your live internet service.
Firewall #1: Packet Filtering Firewall
Let’s dive a little deeper. The packet filtering firewall provides the most rudimentary firewall functionality. Thankfully, this is most often enough to protect a home user’s computer from the internet. It works by using rules to filter out undesirable connections.
The main feature is a rule that allows connections out of the network. Connections that start from inside the network while blocking connections into the network from outside. This will address most of the risks posed by malicious actors on the internet.
The good news continues. Packet filtering firewalls are inexpensive and commonly found in your local computer supply store in the form of a network router or WIFI router. They come with a default configuration with the filtering rule needed to protect your home network from the internet.
If you like, you can set up additional rules to allow for exceptions. I’ve never had to do this. The only time I’ve seen it used is to accommodate certain video games.
Better yet, the budget models are just as effective as the premium models, so there’s no reason to spend the extra money unless you need some additional features. For example, a good budget WIFI router will protect your computer and home network like an expensive version.
Even for gamers, the costly WIFI router isn’t necessary. These companies spend time, money, and effort to sell you the most expensive option, but it just isn’t required in most scenarios.
Setting up Your Packet Filtering Firewall
The routers you can buy from your local computer supplier come set up and ready to go right out of the box. The most critical filtering rules are in place, and you can unbox it, hook it up, and hit the web with no configuration changes.
However, I would change the passwords on it. There are two types of passwords that you should consider—the password for getting into the configuration and the password or passwords for your WIFI. (Some routers have more than one WIFI channel)
The password for your configuration needs to be changed using the current user name and password to access the router configuration. The instructions to access it should come with your router.
Before you change it, take a quick look at what the password is. Is it long enough? Does it have some capitals, numbers, and maybe some punctuation? If yes, then perhaps you don’t need to change it.
If you decide to change it, you should click through the configuration menu to find the administrator password tool. The password tool for your WIFI password or passwords will also be in the configuration menu. You should be able to find it/them by looking for sections on wireless or WIFI.
Something else to verify is, is the ability to log into the configuration is enabled only on the inside of your network. You don’t want attackers on the web to access the user name and password page for your router, even if you set up a super-strong password.
A Word on Passwords
Passwords don’t have to be impossible to remember, but they do have to be difficult to guess. One of the easiest ways around this is instead of using a complicated password, use a passphrase. A passphrase is a phrase that you use instead of a password.
It can be anything unique and easy to remember. It usually isn’t good practice to write down passwords, but it’ll be fine if you have a safe place to keep them. I don’t know anyone who doesn’t do this. Just don’t write it on a paper that gets pinned to the wall where you can see it outside your home through a window!
Example 1: The brown Dog b4rks!
Example 2: Tr1ck or Tr3at, sm3ll my f33t!
It’s good to add some capitalization, numbers, and punctuation, but it isn’t a requirement. What makes a passphrase strong is the length. When someone tries to guess your password, it isn’t easy to guess a random phrase. It’s also nearly impossible for a password cracker to crack it if it’s over 20 characters long.
Firewall #2: Application Firewall
An application firewall steps things up by detecting which application is trying to cross the firewall and allowing you to create access rules based on what you want to allow or block.
Depending on the application, you may or may not want particular connections to it. Application firewalls can also report on application statistics and usage data, giving a window into how people use the network.
Anyone can buy an application firewall, but they’re pretty advanced, and most home users don’t need something so sophisticated. So it’s usually relegated to use in the IT departments of large companies.
Firewall #3: Packet Inspection Firewall
A packet inspection firewall does just what you think it might. It inspects each packet or package of data as it moves through the firewall, looking for problems.
Inspection raises a few issues. For one, this introduces a measurable amount of delay slowing down your connection. It takes time to open all of the data, assemble it, and attempt to make decisions based on what’s there.
Two, this raises privacy issues. If the firewall can open up all the data and inspect it, what is it doing with that information? Is it filtering it? Is it redirecting it? These machines aren’t for spying, and typically, there isn’t anything nefarious going on. Still, if the capability exists, it’s hard to believe that there isn’t someone out there ready to abuse it.
That’s all I have to say on firewalls for the moment. Good luck!