A firewall constructs a barrier between your computer and the Internet in an effort to safeguard your computer and the information in it. When you start looking to purchase the software or hardware that can guard your system, a checklist of questions to find answers to is a useful tool. Because a firewall protects from potential dangers on the Internet, you need to know a little about the ports, protocols, and IP addresses used to connect to it. And, you need to stay on top of current threats, which a variety of Web sites can help with.
>
>
Firewall Shopping Checklist
When you’re shopping for a firewall to protect your computer and the information on it, you want the firewall hardware and/or software to be effective and appropriate for your needs and system. The following list poses questions to address before you purchase:
| Is the firewall ICSA-certified? | Does it support NAT? |
| Is the firewall easy to configure? | Does it support a DMZ? |
| Are there remote management options? | Does it support VPN? |
| Does it match the current expertise of your firewall administrators? | Does it support new protocols and plug-ins? |
| Which OS platform and what hardware does it require? | Does it detect common attacks and intrusion attempts? |
| Does it require client software? | Does it have adequate logging options? |
| What are the licensing options and costs? | Are real-time monitoring options available? |
| Does it support application-level rules? |
>
>
>
Firewall-Friendly Web Sites
Installing a firewall is a security measure, but it’s just the first step. To maintain your security and your firewall, you have to stay vigilant. The links in the following list are to Web sites that can help you stay on top of Internet security issues:
CERT: Studies Internet vulnerabilities and posts security advisories on discovered security threats
Information System Security: A security portal with news and forums
Internet Assigned Numbers Authority: Shows a comprehensive listing of protocol port numbers
SANS: Offers many security-related resources, including training
SecurityFocus: Gives the latest information on security vulnerabilities
>
>
>
Ports, Protocols, and IP Address Ranges for Firewalls
If you’re building or installing a firewall to protect your computer and your data, basic information about Internet configurations can come in very handy. The following tables give you the facts on IP protocols, ports, and address ranges.
| Protocol | Name |
|---|---|
| 1 | ICMP (ping) |
| 6 | TCP |
| 17 | UDP |
| 47 | GRE (PPTP) |
| 50 | ESP (IPSec) |
| 51 | AH (IPSec) |
| Protocol | Port | Name |
|---|---|---|
| TCP | 20 | FTP data |
| TCP | 21 | FTP control |
| TCP | 23 | Telnet |
| TCP | 25 | SMTP (E-mail) |
| TCP/UDP | 53 | DNS query |
| UDP | 67/68 | DHCP (Dynamic IP address configuration) |
| TCP | 80 | HTTP (Web) |
| TCP | 110 | POP3 (E-mail) |
| TCP | 119 | NNTP (Newsgroups) |
| TCP | 143 | IMAP4 (E-mail) |
| TCP | 389 | LDAP (Directory service) |
| TCP | 443 | HTTPS (Web SSL) |
| UDP | 1701 | L2TP (Virtual Private Networks) |
| TCP | 1723 | PPTP (Virtual Private Networks) |
| A | 10.0.0.0 to 10.255.255.255 (10.0.0.0/8) |
| B | 172.16.0.0 to 172.31.255.255 (172.16.0.0/12) |
| C | 192.168.0.0 to 192.168.255.255 (192.168.0.0/16) |
| APIPA | 169.254.0.0 to 169.254.255.255 (169.254.0.0/16) |
>
>
dummies
Source:http://www.dummies.com/how-to/content/firewalls-for-dummies-cheat-sheet.navId-323648.html
No comments:
Post a Comment