What does a firewall actually block?

Discussion in 'other firewalls' started by Clayman101, Nov 25, 2017.

  1. Clayman101

    Clayman101 Registered Member

    Joined:
    Nov 25, 2017
    Posts:
    1
    Location:
    Ireland
    I am writing an article about servers within a LAN, and the importance of installing a firewall. I found myself wondering though what it is that a firewall actually blocks. I get that they obviously connections to ports, but if there is nothing listening on that port, what is the risk? Take for instance a LAN based web server with services (SSH & HTTP) listening on ports 22 and 80. What additional protection is the firewall offering by blocking connections to all other ports if there is nothing listening on those ports?
     
  2. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,848
    Location:
    Slovakia
    It all depends on your rules. I block everything by default, so I allow only DNS requests to my preset DNS, that prevents DNS hijacking.
    By default, I allow ports 80/443, if my browser wants to access various ports for video and downloads, it gets blocked, unless I allow it.

    You can get even more restrictive, if you allow only specific IPs or IP ranges for those, to prevent an unauthorized access.
     

    Attached Files:

Loading...