Hi guys, I've got a special tutorial this week. A friend of mine asked me what is a firewall and how do they work? I decided it would be a nice idea to make it into a tutorial. Computers, hackers, firewalls and the internet. How do they work?
The internet and your computer
So how does your computer interact with the internet? Your computer uses ports to allow programs to go in and out. Think of your computer as your company building, and your building has a lot of doors for your employees to come and go. Each employee is typically assigned a door. Bob usually comes in through door 1 and Susan uses door 2 to navigate.
You and your firewall
So how does your firewall work? Try to think of it as a security guard. He basically locks all the doors to your building and forces everybody who comes through to get authorization. If Bob comes in for work, he has to knock on the door because the security guard has locked it. The security guard phones the big boss upstairs (you) and asks if he should let Bob in. Sometimes you say yes and sometimes you say no, and sometimes you tell the security guard to allow Bob to come in without asking you. I'm not saying this is bad but it's sacrificing security for convience.
So what do hackers do? There are basically two types of hackers; ones that steal your information without you knowing, and ones that actually do damage to your computer. The latter is very rare for personal computers as it's not even worth the effort.
What if Bob was really a thief or a saboteur. First few months Bob comes in for work, you'll probably tell the security guard to inform you everytime he comes in. Bob probably knows you're watching him so he might continue to be the good employee. Eventually you'll believe that he's honest and you tell the security guard that he can stop asking you for permission and just unlock Bob's door from now on. Now Bob has an open door and he can come and go as he pleases. Suddenly large chunks of money dissappear, rival companies gain access to all your trade secrets, company equipment goes missing, or unexplainable "accidents" happen around the workplace. By the time you figure out what's going on, it'll be too late.
I don't use a firewall and I've never been hacked before
Correction: You don't know you've been hacked before. The example above is a little extreme. All hackers are smart, and they know most people are stupid. The main objective of most hackers is to steal information. They come in, steal passwords, and get out before you even know they were there. If you don't even know how they stole your information, you won't know how to protect yourself properly and they will have an easier time coming back for seconds.
So what can I do to protect myself?
The best solution is the one that doesn't allow the problem to happen in the first place. First of all, don't put any sensitive data on your computer; don't put your passwords in a text file. Also, don't download or install any weird programs. Try not to allow any program through your firewall unless you trust the program and it has a valid reason to access the internet. If you have to let the program through, use your firewall to track its movements for suspicious activity. If a program tries to access the internet, and you didn't ask it to, be on your guard. That's why you should try to avoid setting your firewall to "remember this program".
So I did what you asked. Am I safe?
Well, it all comes down to the age long question. Which is smarter? The cops or the robbers? How alert are the cops?
If it's a big public company, the boss might tell security to be on minimum alert and allow employees and customers through more easily.
If it's some high security organization, the boss might tell the guards to triple check with a patdown, x-ray and a cavity search before they even let you look at the door.
You should try to adjust your defence as high possible without driving you insane. The only way to be 100% secure is if you don't even open your company to the public. If you have really sensitive information on your computer, don't even connect to the internet. The best hacker in the world can't touch your computer if you don't have internet.
That's it for today. Next week will probably go back to PHP.