A firewall can protect you from any cyber-attack – or
can it? The mythbuster takes on the firewall.
The myth
Firewalls monitor network-traffic and
block data packets that do not traverse secure channels. This keeps you safe
from cyber attacks.
The truth
Firewalls monitor the system by
watching ports: ports are like doors that steer incoming and outgoing network
traffic onto organized tracks. So several programs can wait at the more than
65,000 doors and process the data that reaches the ports – this prevents data
jams. A firewall basically shuts down almost all the ports, in order to prevent
unwanted packets from getting into the PC. The data packets can only use the
ports that have been explicitly approved. So something like the most well known
port (80), which carries all HTTP packets, must be open for the browser,
otherwise you won’t be able to surf at all – and this is exactly where the
firewall’s biggest problem lies. Attackers use this perpetually-open port to
get into the system. One of the most successful tricks is the so-called
‘cross-site scripting’. This method involves using ‘innocent’ websites that
allow HTML commandinputs from the user to launch attacks. Instead of simple
commands like greased scripts, attackers could, for example, install Javascript
codes in small advertisement. Such a code then passes the user data stored in
the cookies on to the hacker, who can then surf the internet under somebody
else’s identity and access that person’s account data. It’s very hard to defend
yourself against an attack of this nature. You could simply deactivate
Javascripts, but many websites won’t work properly if you do. The website
operator has to adopt the appropriate protective measures, and the users have
no alternative but to put their trust in them.
There are also other types of attacks
that can penetrate software firewalls. A large number of modern cyber attacks
use new methods, instead of just using ports that have accidentally been left
open. Malicious software can find its way into a computer via e-mail
attachments, internet downloads or storage media. Or it can directly attack the
firewall itself, by using legal protocols to tunnel into it or simply replacing
the firewall’s executive file. However, a careful user can give himself a
certain measure of protection against these attacks by relying on verified
downloads and anti-virus software. One, thing, however, is very clear: the myth
is overwhelmingly false.
A firewall offers security
Conventional cyber attacks use open
ports to infiltrate malicious software into a PC. Firewalls can work in such a
scenario, if they are configured correctly.
A firewall offers no security
Many attacks use ports that need to be
open all the time (like port 80 for HTTP, i.e., internet access) to bypass a
firewall’s protective function
