Relationship between Firewalls and Protection against DDoS
A firewall is a barrier that is intended to thwart the spread of a destructive agent which can include extreme damage such as distributed denial of service (DDoS) online. One of the most popular. Windows Firewall, is a software component of Microsoft Windows and is meant to provide firewalling and packet filtering functions. So, why do so many experts insist that individuals and organizations use a third party firewall instead of the world’s most famous and used firewall, the built-in Windows Firewall in Windows XP, Vista and Windows 7?
Kelvyn Taylor at Computer Active says, “GFI’s new Easy Install system automatically checks for conflicting security products and removes them … on our Windows 8 PC it disabled the built-in Windows Defender security software and the Windows Firewall.”
In addition, Bradley Mitchell, a computer professional with 20 years experience in network software development, project management, and technical writing such as with Cisco Press, notes, “When running, ICF (Windows Internet Connection Firewall) can interfere with Internet connection sharing through a home network router. If such a conflict arises on your Windows XP computer, you might find that it cannot connect to the Internet through the router …”
Oddly enough, anti-virus software companies such as Kaspersky and Norton and as well as the opposite of them … malware … can disable Windows Firewall, and there is a relationship between firewall management and one of the Internet’s most destructive tactics … distributed denial of service (DDoS).
A checklist to follow first in making the best choice of a firewall:
1. Make sure it is capable of protecting the Internet device against bad packets and potential exploits.
2. Make sure it does not leak data.
3. Make sure enables the necessary individuals to manage which applications can make a connection and also the ones that cannot. One’s technical team whether local or remote should be able to do this.
4. Make sure it can defend the Internet device processes from being stopped by malware.
A 2010 Forrester Research desktop operating systems study North American and European companies and found Windows 7 was used on 10% of all commercial desktops, 75 % with Windows XP, and 7 % with Vista. In March 2013, Desktop OS Market Share on Net Applications show over 44 % use Windows 7, over 38 % use Windows XP, just under 5 % use Windows Vista and the rest use OS X, Windows 8, Linux or other.
One does not want the Windows Firewall or any type of firewall to be compromised in any way that will harm the device, processes, and data. It should keep the bad guys out and keep one’s own information from leaking out. Windows Firewall has been known to leak data. On the other hand, Windows Firewall in Windows 7 (still a rather new Windows OS) lets you create inbound and outbound firewall rules.
Consequently, even if a firewall passed the leak tests, such is not necessarily enough. Organizations and individuals affected need to know if the firewall can block all hacking attempts, block network ports from being scanned, and block unsolicited requests.
Data can leak out in many ways, so one’s firewall data protection plan should keep in mind mass data transfer, copying to devices that can be removed such as USB thumb drive, file extension association to apps; copying and pasting via Internet, texting and email; encryption of mobile devices and also even Wikileak protection.
If the device, network or system is infected, and it is using Windows XP Firewall, that firewall will not be able to block outside malware connections. It does not include outbound monitoring. One’s Internet service provider usually has automatic alerts showing which devices on its network are being used to send out malware, but the period of time between their alert and your knowledge of it may take quite a long period of time.
On the other hand, Windows Firewall in Vista has the option to let one enable outbound protection (leaks). If there is a vulnerability in the security of the Windows components, processes, or services that the firewall needs in order to operate, a third party firewall might offer better protection until a Windows security update is released for patching and updating.
Managing one’s firewall, no matter what type, is a crucial part of protecting against DDoS (distributed denial of service attacks.) Protection services against DDoS are provided by companies such as Prolexic, CloudFlare, DosArrest, Verisign, BlockDos, and Sophos. These companies who provide Internet security-related services often provide a list of IPs or IP ranges to the business client whose network is in danger. The IPs should be white-listed in the firewalls. The customer typically changes the record of the domain from their DNS (or blockdos DNS) to the Proxy IP of the anti DDoS company. Traffic is often routed to the same company. Good traffic is kept and routed where needed to do “business as usual.” Attack or bad traffic may be discarded or the bad IP may be sent back to the router to add in a temporary block list. During the mitigation and clean up process, it may be recommended to block all the traffic at firewall and allow only certain IPs.
Check with trusted firewall management and anti DDoS service providers to be proactive against destructive distributed denial of service attacks. Sometimes scores of devices around the world are being used in the attacks without the owners knowing about it. In fact, nowadays, the coordination may even include the use of web servers instead of just lone devices which makes the attacks even scarier and more effective than ever to take place.