Andy Green's Blog

A web-workers world…

Firewalls – Hardware Versus Software

The system that provides the barrier between the outside world and your computer is the firewall. The firewall examines all of the traffic that your computer sends and that comes to your computer. It will only open its gates if the traffic is on an allowed list of traffic sources and destinations. This vital computer system is nearly a requirement on all computer systems in order to protect them from viruses, worms, Trojans, and other threats. The question becomes: Should one choose a hardware firewall option, or a software option?

To better decide, it is beneficial to talk about what a firewall does. The firewall is a computing device whose sole purpose is to monitor and filter traffic. Internet communication is a process not unlike a major highway system. When you enter a address into your browser, your computer sends a signal along a network route (numbered by a port number) to another computer (described by an IP address). The port number can be between 1 and 65535, while the IP address is four numbers each between 0 and 255. The firewall will note the port and IP of each request, and based upon a set of rules the firewall will either allow or block the request. At the minimum, it will record the numbers of traffic going either way, giving a log of traffic for later review.

The difference between a hardware and software firewall arises from where the firewall sits and the mechanism it works with. A hardware firewall is a separate computing device which sits between the computer and the outside world. When the computer sends a request and the outside world replies, the firewall will review and log the request before it passes the firewall. A software firewall sits on the computer being protected reviewing all requests on the software level. Both work to protect the computer from threats entering the computer, and an infection sending data into the outside world.

The hardware firewall has the benefit of separating your computer from the process. It will review the traffic before it reaches the computer. This extends a protection that the software does not possess. The hardware firewall also has the benefit of its own resources. The firewall can also hold intelligence, filtering packets by not only where it said they came from, but where they actually came from, and their contents to an extent. The hardware firewall can also protect a number of computers on the network, as multiple computers can be on the computer side.

The shortcoming of the hardware firewall is that it does not look as hard at outgoing traffic. This can be a big problem, as some malicious programs could transmit data or launch attacks from your computer. Also, if too many computers are on the network, then the firewall will get bogged down with traffic requests, slowing the entire network down.

Software firewalls work on the individual computer. The user can choose specific programs to allow sending traffic to the outside world, and the protocol for other programs. It can be configured to deny everything but what is listed on a safe list, or it can prompt you to decide of you want to keep the site on the safe list. The big problem with the software filter is that it will only protect the computer it is on. As a result, if there are a number of computers on the network, each will need its own firewall, making it more complex to setup the network.

The question of which is better is a challenging one. Each has its own strengths. The hardware firewall is good at blocking direct intrusions and any incoming malicious code. The software firewall is better at identifying Trojans and email viruses trying to turn your computer into a zombie terminal (one that launches denial of service attacks or spam messages).

The minimum amount of protection that should be had is a hardware firewall. Upgrades and additions to your computer and its network will not affect your network security and firewall. To boost the protection, supplanting the hardware firewall with the addition of a software firewall will give a near complete protection passage. No protection is perfect; so long as there is an internet connection, then there is a possibility for someone who is highly skilled getting into your computer. The addition of firewalls will deter most attackers and block automatic, malicious scripts.


December 5, 2008 Posted by | Online Security | , , , | Leave a comment

How to Perform a Reverse IP Lookup

If you are the owner of a website or blog, you may want to keep track of your visitors, so that you can find out the reach of your website. Otherwise you may simply want to know who sent an anonymous email message to you, and hence you may often have wondered if there is any way to find out more about a person using only their IP address. There is a way to get some such information using a process known as Reverse IP Lookup.

In order to perform a Reverse IP Lookup, you first need to obtain the IP address of the person you want to trace. The IP address or the Internet Protocol address is usually a twelve digit number, unique to every computer connected to the internet. When you connect to the internet, your Internet Service Provider assigns a number to your computer, which acts as your universal address on the internet.

So, how do you find a person’s IP address? If you own a website or blog, then your server will usually have a log file containing a list of all visitors to your website. This log will have the person’s IP address recorded in it.

If you want to find the IP address of a person who sent you a mail, then you will need the full headers of the email message. Usually, there will be a button on the mail page which says “View Full Headers” or something similar to that. Clicking this button displays a large amount of extra information near the subject line of the email. The IP address of the sender will also be listed here.

So now that you have the IP address, what’s next? You will have to visit a site which offers IP lookup services such as Visual Route. There are a lot of free IP lookup services on the internet. Once you find a website of your choice, enter the IP address into the site, and it will perform a lookup. Once it is done, the results are displayed to you.

So now that you know how to perform a reverse IP lookup, can you find the address of the person who’s been spamming you all week? No, you can’t. Though some useful information can be obtained by doing a reverse IP lookup, there are some pieces of information that cannot be found using a reverse IP lookup. The name and address of the person are some of the information which cannot be obtained (unless you belong to a law enforcement agency that is).

Though you cannot obtain the name and address of the person, you can obtain some moderately useful information from a reverse IP lookup. Most sites offer various details about the IP address such as Internet Service Provider name, location, the time zone of the person, the international phone code. You can also obtain the state in which the person resides as well as a satellite map of the location.

Thus a reverse IP lookup yields a lot of useful information, which can be used to enhance the reach of your website or blog, or simply assist in helping pin down a spammer.

October 3, 2008 Posted by | Online Security | , , | Leave a comment