Low Graphics Version - WAI level AA and Bobby 508
Who and what - about us, and how we can help On-line guides - detailed guides on how eCommerce can help you SMEs in Wales - news, features and business success stories Resources - comprehensive help, search facilities, and more Forum
Opportunity Wales - home page
A Web site developed in partnership with BT
Fersiwn Cymraeg Render this page in a larger font size Render this page as compatible for A4 Portrait paper On-line Support Contact Opportunity Wales Site map Click this link for an advanced search. For a simple search, use the text box to the right.
On-line Guides
Partner link As featured on NewsNow.co.uk


You are here: Home > On-line Guides > Banking and Security > Firewalls > Introduction
Page 1 of 4   Next Page .. How Port Scanning works
 

A Simple Guide to Firewalls for SMEs


If you connect to the Internet via an office network or an individual computer using an “always-on” connection then you are potentially exposed to all sorts of nastiness out there in Cyberspace, such as hackers, thieves, viruses etc.  To protect in particular from electronic theft or intrusion, SMEs (Small and Medium-sized Enterprises) should consider using what is known as a firewall.

A firewall sits between your PC (or office network) and Internet connection and guards against any attempts at unauthorised access. All data from the Internet must pass through the firewall, which looks at the data and tries to determine if it’s legitimate; all data that fails to meet the criteria is blocked.  

Traditionally only office networks connecting to the Internet used firewalls.  However with the increase in “always-on” broadband connections such as ADSL (Asymmetrical Digital Subscriber Line) or cable modem, single Internet connected computers are also using firewalls.  

Why single Internet connected computers warrant a Firewall with the onset of ADSL and Cable

Many Welsh SMEs still use “dial up” Internet Connections which are less likely to be the target of hackers and unauthorised users.  This is because they are not always connected to the Internet, and are likely to be given what is known as a dynamic IP (Internet Protocol) address which is different each time they do connect.  Many Internet Service Providers ( ISPs) limit the number of static IP addresses they allocate by temporarily dealing out an IP address to a computer from a pool of IP addresses that they own.  The temporary IP address is called a dynamic IP address.

Computers that are permanently connected to the Internet via ADSL or Cable, do have a static IP address making them likely to be targeted by hackers and unauthorised users.  Computers use IP addresses to locate and talk to each other on the Internet, similar to a telephone number.

When an ISP allocates a dynamic IP address to a computer it does so only for the length of the connection.  Once the user disconnects the dynamic IP address goes back into the IP pool, ready to be assigned to another user.  Even if the user reconnects immediately, odds are they will not be assigned the same IP address.  This means a hacker only has a very small window of opportunity to attack a PC connecting in this way.

Although users of “dial up” Internet connections are unlikely to be hacked, you can never completely rule out the possibility, especially as many ISPs are now providing subscribers with packages that cost a flat fee per month and allow a user to connect to the Internet for as long as they want, at no extra fee.  This encourages the user to connect for longer, and the longer you are connected each day, the more opportunity a hacker has to gain access to your machine and with the massive increase in viruses, worms and Trojans out there on the Internet, we would advocate that even dial-up users use a firewall between their PC and the Internet.
 
Office networks that allow connected PCs access to the Internet via a “Dial up” Internet connection definitely need a firewall.  The reason being, that all users on the network have access to the Internet, which means that one or more people are likely to be connected to the Internet at any one time during office hours.  As we mentioned in the previous paragraph the longer the connection time the more likely a hacker will find your computer and access it.  
Another reason is that we are not just protecting information on one machine but multiple machines, thus increasing the need to protect from unauthorised access.


Users connecting to the Internet via an “always on” ADSL or Cable connection are particularly at risk.  Due to the computer having the same IP address each time they connect to the Internet and being connected 24 hours a day seven days a week, makes the computer an easy target for unauthorised access.

Hackers can use widely available automated "port scanner" software to look for vulnerable computers.  This is a popular method hackers use to find an open door into a computer or network that is connected to the Internet. Once such a door is found it can be exploited to gain unauthorised access.  A firewall can help protect against this.
Next Page .. How Port Scanning works



Project part-financed by the European Union (European Regional Development Fund) Welsh Assembly Government © 2001-2007 Better Business Wales (Holdings) Ltd
Client Directory / Terms and conditions / privacy policy Access Keys RSS feeds
 W3C - WAI accessibility level A. Low Graphics Version accessibility level AA and Bobby 508. W3C - Cascading Style Sheet compatibility Rich Site Summary (RSS) feed