Learning About Computers and the Internet
Tips Blog WinXP Internet Computing Downloads Vista/7 Home

How a Computer Firewall Works

How computer firewalls use packet filtering and packet inspection to protect your system from intruders and malware is explained.

Packet filtering

Information sent over the Internet uses a system that divides the data into discrete bunches called "packets". This is a technique that provides better and safer transmission. A firewall checks the packets that come to and from the computer for certain properties. Various rules for allowing or blocking transmission of packets with specific properties are set on the computer, either by default or by the user. Depending on the firewall software, various options will be available to the user.

Commonly checked packet attributes are these:

These properties are compared with criteria set on the user's computer to establish which packets might be blocked. A very important additional check is discussed next.

Stateful inspection

In addition to checking the various properties of a packet, a firewall will check to see if it comes from a source that you requested. When you enter an URL in your browser or click on a link, the firewall makes a note of the IP of the site that you have requested in a "state table". Whenever your computer receives incoming packets, the firewall checks its table to see if the packet is from someplace where you asked to be connected. If it is not, the packet is blocked.


 <<  Home page ©2002- 2010 Victor Laurie    Home page >>