In building construction, a firewall is a physical barrier to help prevent the spread of a fire from one room to another. The home network equivalent is well named. The software and/or hardware that constitutes a firewall makes it more difficult for dangerous programs or unauthorized users to access your system.

Firewall protection has two directions. In some cases, you want to prevent data and/or programs from leaving your computer. This helps prevent any virus you contract from spreading to other systems on the network or the Internet. In the more usual case, your firewall is configured to prevent unauthorized programs and visitors from accessing your system from the outside.

That unauthorized access can come from different sources, typically the Internet, but also other machines on your home network. A drive-by hacker with a wireless enabled laptop, for example, can access your network and implant a virus. Blocking certain types of access can make his job harder, even though his system is temporarily inside your network.

But blocking all types of traffic from all possible sources in both directions would defeat the purpose of having a network at all. So, network security always strives for a compromise between locking out and opening up. Where to strike that balance is sometimes a gray area.

However, there is a fairly standard list of items that anyone will want to focus on. Keep in mind, the two most common protocols used: TCP and UDP. TCP is bi-directional, UDP is a broadcast that doesn’t require a two way connection. Though, UDP traffic can travel in either direction, such as when you ping. Opening up a port on your firewall often involves specifying both the number and the protocol.

The default idea should be to close anything you don’t know you will need. This means only open a port or protocol in the direction you need and only once you’re sure you need it. The default should be ‘closed in both directions’.

HTTP – This is the protocol used for all standard Internet data requests, whether sending (uploading, for example) or receiving (such as accessing a web page). Configure your firewall to leave open Port 80. For secure transactions that use HTTPS, such as many banking sites, open Port 443. 8080 is also often used.

FTP – Many people still use FTP to transfer files to and from computers over the network. That requires opening Port 20.

SMTP – Most email programs use SMTP to send and receive emails. Thus, open Port 25 to allow this function to operate.

POP3 – POP3 is also part of many email functions, so open Port 110 for incoming traffic.

DNS – In order to translate names to IP addresses, DNS has to be able to send and receive packets. That requires opening Port 53 for traffic in both directions.

DHCP – For Internet access in which your IP address is dynamically assigned and if you use this feature in your home network, open Port 68.

DOOM – The popular networking game Doom requires Port 666. If you don’t play it, don’t open it. Remember, the default should always be ‘closed in both directions’ for any service you don’t use.

There are many other standard ports, such as 1433 for Microsoft SQL Server use. Each program should provide documentation about any and all ports it needs, the protocol used and the direction. Proceed with care.

Related posts:

1. Home Networking Security Issues and Guidelines
2. Home Networking – Connecting to the Internet
3. Home Networking – Protocols Made Easy
4. Home Networking – Setting Up and Using a Shared Printer
5. Home Networking Options

Give us your rating of this article below!

Trackback URI | Comments RSS