*** Welcome to piglix ***

Host-based firewall


In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet.

Firewalls are often categorized as either network firewalls or host-based firewalls. Network firewalls filter traffic between two or more networks and run on network hardware. Host-based firewalls run on host computers and control network traffic in and out of those machines.

The term "firewall" originally referred to a wall intended to confine a fire within a building. Later uses refer to similar structures, such as the metal sheet separating the engine compartment of a vehicle or aircraft from the passenger compartment. The term was applied in the late 1980s to network technology that emerged when the Internet was fairly new in terms of its global use and connectivity. The predecessors to firewalls for network security were the routers used in the late 1980s.

The first reported type of network firewall is called a packet filter. Packet filters look at network addresses and ports of packets to determine if they must be allowed, dropped, or rejected. The first paper published on firewall technology was in 1988, when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. This fairly basic system is the first generation of what later became a highly involved and technical Internet security feature. At AT&T Bell Labs, Bill Cheswick and Steve Bellovin continued their research in packet filtering and developed a working model for their own company based on their original first generation architecture.

Packet filters act by inspecting packets which transfer between computers on the Internet. When a packet does not match the packet filter's set of filtering rules, the packet filter either drops (silently discards) the packet, or rejects the packet (discards it and generate an notification for the sender). Conversely, when a packet matches one or more programmed filter rules, it is allowed to pass. Elements that can be defined in a packet filter rule include a packet's source and destination addresses, protocol, and source and destination ports. The bulk of Internet communication in 20th and early 21st century used either (TCP) and (UDP) in conjunction with well-known port, enabling firewalls of that era to distinguish between, and thus control, specific types of traffic (such as web browsing, remote printing, email transmission, file transfer), unless the machines on each side of the packet filter used the same non-standard ports.


...
Wikipedia

...