EASY TO EXPLAIN FIREWALL | WHAT IT IS GOOD FOR |IDENTIFYING-2020
WHAT IS FIREWALL?
Before answering this question let me ask you question, let me ask the question you How to be secure while using your device and while being online?
Is antivirus enough? Is a strong password enough?
No, they aren’t. a built-in tool or a function we all will be strictly needing right? So what is that built-in tool?
Yes a firewall, a firewall is that built-in tool in every device, that handles the security of our device. especially while using the internet it automatically identifies the viruses, trojan horses and malware, etc. it detects them and never lets them in our device.
This is the tool that always is between the user/device and the internet and the entire network the firewalls automatically disallow communication that is not secure or is unwanted.
It automatically reports a program or a transmission request to the user after making sure that it is safe and secure.
It keeps updating the user by adding some instructions into a file or by showing an error message on the screen.
WHAT IT IS GOOD FOR?/ WHY SHOULD IT BE USED?
The firewalls automatically identify the viruses, trojans, malware, etc. as we discussed before so let’s know how firewalls are good?
Our device can be the victim of the virus or a trojan etc. so let’s talk about the trojan attacks, how can they be performed? The trojans are a bit different than a virus for example; the virus self-replicates itself after entering your device but a trojan does not self-replicates it enters in our device it is a program or a little software that enters In too normal form but it’s not normal for the user at all let’s know about it through an example:
The Indian army performed the surgical strike but how?
They were about to make it an air-strike and they were about to get In enemy’s border using the fighter jet but at the same time they went through the underpass while this was happening on the Pakistani border the Pakistani army thought that the Indian army did their duty but actually happened something else.
Just like that, we can or we do think that a file is running in my device and that’s normal but actually that is unnormal and full of risk.
But we don’t need to worry about it because the firewall in our device detects viruses, trojan horses, and many malicious things like that (by the way the antivirus in our device can do it too) after it’s enabled.
https://therkprogrammer.blogspot.com/2020/10/what-does-network-operations-center-noc.html
BLOCKING OTHER TYPES OF TROJANS/VIRUSES AND WQROOMS:
Trojans are so bad that they can have their sight at all of the communications of your devices after they’re executed it automatically reports the program or communication and in the cyber world there is more than one type of trojans are exists they can enter in your device via email while trying to be in your device they use their own SMTP server they can be the password stealers and consume your internet faster.
IDENTIFYING/BLOCKING SPYWARES/ADBOTS?
Spyware is a malicious thing that is still not well defined and well known.
But specific spyware and adware(adware is the type of spyware that keep showing unwanted ads in our device after they are installed) adbots can also be installed in your device automatically and began to show the unwanted ads adbots uses the remote server and provides all the information about the victim to them.
In the world many companies pay adbots to show their ads, their product’s into the victim’s device.
How many ads they show or how long are they going to show ads??: the answer is “it depends on the user” if a user clicks on the ad the adbots will show the ads more and more to a user so a little mistake of a user can annoy the user a lot.
But the firewalls identify the adware and Spywares and removes them automatically.
BLOCKING ADS?:
As a hacker or a security researcher, we all know that all the ads can’t be secure to us. and that’s the common thing. The ads decrease the download ability of a website or a web browser and decrease the speed of the RAM too.
But a personal firewall has already blocked communication with a website that allows a lot of ads and that ting can increase the speed of our browser and device too.
PREVENTING COMMUNICATION TO TRACKING SITES:
As we all know that many web pages track our activity on themselves. But the question of how do they do that and how to prevent it.
https://www.thehackingera.com/2021/02/tcpip-model-layers-tcpip-full-form_7.html
How do they do that??:
The tracking websites that save a small file are known as cookies make websites to keep information about you and those cookies. Cookies are the only thing that makes the website track us.
But don’t need to worry about that because that website can know about your visits on it with the help of the cookies you accepted nothing else.
But after the website knows your IP and if a hacker or an attacker is running that site so it can be much risky.
And after tracking some websites can relate to an affiliate website that helps them to put and an attractive or a useful ad when you visit.
How to prevent??:
The personal firewall blocks that kind of tracking sites. Although not the perfect work that firewall does. But it can be the feature of the firewall.
There are two procedures with the help of those we can hack the device 1. RAT(as we discussed before) 2. Allowing NetBIOS communication.
NetBIOS was found a long time ago by Microsoft and IBM there are few communication that is related to NetBIOS.
The NBT(NetBIOS over TCP/IP) is the more easy and reliable on windows OS the main thing is that doing the communication the NetBIOS acts as a server and if you don’t have your firewall enabled to your device then your device will be work according to the commands of the NetBIOS and that can be risky.
And the main thing if NBT and file printing, sharing is enabled then you are more insecure because the remote user needs to know your password and the bigger problem is that many technicians don’t put any password.
In windows-95 the file printing option was enabled by default but after windows-98 came that was disabled this option by default.
Many technicians still use it and turn on the file printing, sharing option without being aware and many worms and viruses use it for their own benefits.
But personal firewall automatically blocks it and windows offer a public service named RPC. And firewall can identify the communication that is unauthorized and secure our device.
HIDING YOUR DEVICE ON THE INTERNET??:
Without a firewall, a computer can still be risky. Because an attacker or a remote user can anyhow approach your device. Gather information about your operating system. And do anything they want.
If a user is smart then a remote user can be failed but they can give more time to perform a successful attack.
But you can enable the firewall and the remote user won’t even able to know that they have approached your device and that remote user won’t give more time to attack your system.
THE NON-FIREWALL DEFENSE:
We discussed a lot about firewall securities and we know that in many situations our device can secure itself without a firewall.
RAT(remote access trojan): as we all discussed RAT deeply, we studied that the RAT does not self-replicates itself just like a virus does but it’s not 100% true in many cases. RATs can delf-replicate themselves too. But you can ask how is it possible?? The answer is those RATs come from different online resources like newsgroups, some random anonymous resources. Etc. and they can infect your devices but they can be recognized by a firewall and can be deleted.
On the internet, there are a lot of websites and tools which can help to delete RATs. (they can for it) e.g; telnet, netset, MSConfig.
but an updated antivirus will help to be secure against them too.
WHAT FIREWALL CAN’T DO??:
There’s a myth in many people’s minds that a firewall can 100% secure them. Many technicians think like this too which is stunning, but it’s not true.
Even good and updated antivirus can’t say that it can secure you 100% from online security threats.
DIFFERENCE AGAINST EXPLOITATION OF HOLES??:
What about the programs that automatically run while you turn the internet on? Are they safe?
When we will think deeper about it the answer will be no because we all know that the firewall can detect and conforms and deletes the type of transmission that is unwanted but what about the security hole in our special browser? A malicious site can enter some malicious data into your device and it can ruin the battery of your device, it can ruin the performance of your device, and can slow down your internet speed. So is the personal firewall enough? The answer can be no. because the firewall won’t always successfully delete some malicious activities.
But in some of the latest firewalls, the options of trojan deletion comes already added but they aren’t proven 100% workable. But these are the tasks an antivirus can successfully perform. And a better result for a user can be possible.
Some tools online are also useful and anti-trojan programs can help too.
TRICKS TO BYPASS OR DISABLE THE PERSONAL FIREWALL.??:
As we all know and studied today we can think to bypass the firewall is hard we can say yes in some situations but not always yes. in many situations, the firewall can be disabled just like an internal program that transmits the data with outside malicious or a platform that is already attacked due to unawareness. Can put something strongly malicious which can disable personal firewalls too.
How does this happen?:
While using the internet an outbound which uses the nonstandard transmission to network adapters. Attacking on the different components of an OS which are supposed to continue the transmission with the internet. The firewall can be bypassed with trolleys, which use the internet explorer as a messenger to transmit the outside.
But this not goes successfully every time because most of the personal firewalls are secure.
FIREWALLS CANNOT DECIDE WHICH TRANSMISSION IS LEGAL OR WHICH IS NOT.
In a personal firewall, you are not able to simply install or you can count it to work which is one of the biggest problems with personal firewalls began to identify which transmission should take place and which one should not.
Once the firewall is enabled in your device it will start to work automatically it will allow the needy transmissions and auto-block the transmissions which are unwanted According to the firewall. But every time the same thing can make me tired. There are many of the .exe files and many of the programs that are not allowed.to our device but in real life we all know that that it’s installable and executable so that’s the problem with the firewalls.
But in many cases, the things really happen according to firewalls that communicate with the user’s home servers. And give your information to outside platforms. To get paid.
So both of the sides are right but this issue is gonna exist until the internet is in the world.
COMMON PROBLEMS AND DEFENSE REGARDING PERSONAL FIREWALLS?:
This kind of problem arises when you don’t have enough knowledge about firewalls in some situations you can disallow some of the important transmissions and put yourself in trouble.
At the same time, we are stressed because of the knowledge of the firewalls because of the lack of knowledge of the firewalls and some malicious websites, programs can take advantage of it. It will install some illegal programs that seem to be legal.
And in this kind of situation, the behavior of our device does not change it becomes harder to identify the problem and It can cause a big risk.
On the other side if you well know you can secure your computer without firewalls too. It will easier to know about the wanted and unwanted programs.
In this situation being a geek can help a lot we’ll discuss further topics.
A FALSE SENSE OF SECURITY:
If a user does a higher job or a business then it’s important to be more secure than normal devices are.
But we also learned that the firewalls are not always secure because they can be bypassed against something too malicious. (a program or a script)
Many people think that a firewall will secure them and it’s stunning to meet these people which can be the reason for unawareness
But a firewall and the updated anti-virus will do the most.
A FALSE SECURITY THREAD:
As we all know that an enabled firewall provides a lot of security but In a brand new when device when you see that many of the transmissions are automatically blocked because the firewall is enabled by default they start to give some transmission instructions to the user but you need to ignore if you are practically secure.
If your device is never infected with viruses, malware, trojans, etc. and if your device has not enabled a NetBIOS over the TCP/IP and the file-sharing is also disabled then your device is almost secure from those malicious security threads.
While normal situations some personal firewalls announce with pride that they can block even bigger security threats such as SubSeven they do announce that they alert users by giving notifications about it too.
But personal firewall gives false announcements to impress the user and shows their importance than it really is.
BLOCKING THE IMPORTANT TRANSMISSIONS:
No firewall is enough smarter to recognize if the transmission is wanted or unwanted
It can’t recognize the legal program trying to reach the user and notify them about something or an illegal latest version of that program trying to reach the server.
If the user is not knowledgeable and they can allow some unwanted program in their device and the sensitive information like passwords and important files can be stolen if the user is not knowing they can by mistake block even their ISP and their internet speed goes down and user ends up doing unwanted efforts fixing it.
BEING TRICKED BY TROJANS BB:
A less knowledgeable user may be instructed by a firewall to block even the wanted transmission they are also supposed to be tricked by a trojan horse having a similar name to wanted data can be downloaded into user’s device, should more aware of it
HEAVY SOFTWARE BUGGY SOFTWARE:
Until now we learned a lot about firewall knowledgeable and not knowledgeable user but sometimes buggy software is downloaded by mistake
And it slows down the internet speed and it slows down the noticeability of a device just like you use a new computer you see a problem of lacking and slow internet but if you bring the older device you can that it works faster than the latest one it happens because of you find a personal firewall into it.
Post a Comment