Courses Home

Overview

  Day One

       The Wild, Wild, Web.

        Unsecured Base of the Internet

        Assume No Security

        Encryption

        Basic Encryption

        Know Who you are talking to

       Rambling Notes

       Day Two - Rambling Notes1

       Day Two - Rambling Notes2

       Reference Material

       Course Evaluation

Day Two Ramblings

  • A Router will generally act as a basic firewall to keep out un-invited traffic.
  • If you have a ISP supplied router, it will perform the same tasks.
  • If you are using a modem (including Broadband modems), you may not have this level of protection.
  • Lets review how an Internet connection is established.
  • An IP Address is a place on the Internet (Like the main phone number to a large office).
  • A port is a channel of communication, over that IP address (Like an extension number at the office).

  • Port 80 is the port used to request Web Pages (HTTP).

    When you use your Web Browser to browse the Internet, it 'calls' the other computer over Port 80. A 'Web Server' is waiting at the other end to answer that call. Just like a receptionist at a large office, The Web server transfers you to a free 'line' which frees up the main line for more incoming calls. This new 'line' could actually be any available port number. This is automatically negotiated between your computer and the Web server. You may have no idea that it happens.


  • Your router acts as your own receptionist.

    Imagine you work at a company that does not allow you to make outgoing phone calls. If you need to call someone, you must first call the receptionist, who can place the call for you, and then connect you. Once connected, you may continue the call as long as you need to, but if you hang up, you will need the receptionist to re-establish the call.

    This is basically what a home router does. You generally only have one IP address on a home Internet connection. The router allows multiple computers to share that IP address, just like a company may 'share' a main phone number. When you request a Web page, your computer requests the page from YOUR router. Your router will then place the request over the Internet. As far as the Internet is concerned, only your router is actually connected. Once a link is established with the site, your router will link a port on your computer with the port the web site is using. This link will remain until it is closed by either your computer, or by the Web site you are visiting.

    * This method of sharing one IP address is called Network Address Translation, or NAT *


  • NAT serves as a basic Firewall

    NAT, the receptionist living in your router, handles all incoming 'calls'. Unless you told NAT tht you are expecting a call at a certain Port, NAT does not allow the call through. This means that anyone out there who is trying to hack your computer, cannot do it without your computer's permission.

  • What is a 'Real' Firewall?

    There are a few advanced features that can be found on more 'professional' firewalls.

    • Packet Inspection

      This type of filtering is based on a list of known packet 'signatures' that may indicate bad, or maliciuos packets. If a 'bad' packet arrives, this type of filter will generally 'drop' the packet, not passing it on to your computer. Each packet that arrives is inspected 'in isolation'. By this, I mean that the filter does not pay attention to the 'stream' of packets that each packet is part of.

      This is similar to a Spelling Checker. Basic spelling checkers go through your document, and check each word against a dictionary word list. If the word is on the list, it is assumed to be spelled correctly. If the word is not on the list, it is flagged as being spelled wrong. A spelling checker of this type cannot tell if you spell a work correctly, but in the wrong context (Like in 'Billy was outside, gathering would for the fire.').