Talk:Firewall (computing)

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Another old comment[edit]

After you install a firewall, you should perform a Firewall Test to make sure your configuration is correct.

Application-layer firewall[edit]

The Article Application_layer_firewall should benefit from all the info given here. or maybe merged completely/made into a redirect. --Deelkar (talk) 22:58, 31 Jan 2005 (UTC)

I agree. Merging a bunch of tightly-related short article to one decent one could make a decent feature. Do we need to propose a vote somehow? I'd merge into this article both Application layer firewall and Network layer firewall. I'd even consider adding Personal firewall (without the vendor list), Demilitarized zone (computing), the proposed XML Firewall, and anything useful from Bastion Host. --ScottDavis 11:19, 26 Feb 2005 (UTC)

This is more like a How-To[edit]

It feels much more like a HOWTO page rather than an encyclopeda article


Can someone find a link to a rendered animation about the workings of a firewall. From memory it's about 100Mb in size [no it isn't, it's about 73Mb] and shows the journey of packets into and through a firewall [at the very least]. Very educational. Sure is! Great work 'Warriors of the Net' ! thank you. I just can't remember where I saw it and I've searched with clusty and google images. Much appreciated for finding the link if someone could. Fret no more; go get it from here: Warriors of the Net —Preceding unsigned comment added by (talkcontribs) 03:46, August 20, 2006

Morris Worm[edit]

This statement describes this virus/worm as still being a current problem today -- is this accurate?

"This virus known as the Morris Worm was carried by e-mail and is now a common nuisance for even the most innocuous domestic user." —Preceding unsigned comment added by (talkcontribs) 16:31, September 23, 2006

Consumer Product Definitions of Firewall Types[edit]

I'm a consumer looking at the firewall descriptions of various DSL modems and routers, trying to compare different products and figure out what firewall features are available that I should look for. This Wikipedia article hasn't really clarified the situation for me.

One product says "Advanced security from hacker attacks with Stateful Packet Inspection (SPI) and Network Address Translation (NAT) firewalls".

Are those vague general terms, or exact specifications of firewall techniques that will be the same for any product that claims to do them? Statefully inspecting the packets for what -- the same things in any product that implements this? Is NAT really an active firewall, or just that the nature of a shared IP at the router device has this benefit?

One says "Protects PCs from Ping of Death, SYN Flood, Land Attack, IP Spoofing, and other DoS (Denial of Service) Attacks", another says protects against DoS attacks. Is product A better?

Etc. —Preceding unsigned comment added by (talkcontribs) 22:46, September 24, 2006

First to Second Generation Timegap?[edit]

"The first paper published on firewall technology was in 1988, when..." "From 1980-1990 three colleagues from..." The two beginnings of the paragraphs concerning first and second generation firewalls. So the second generation firewalls was already eight years in development when the first virus attack occured and the first paper on the topic was published?! Anyone got references for this?

Third generation: application layer -- Inaccuracies[edit]

This section would be better titled: Third Generation: NGFW. This is the standard name in the industry today.

Additionally, there's a statement that I believe to be irrelevant to the article.

...Web Application Firewall (WAF). WAF attacks may be implemented in the tool “WAF Fingerprinting utilizing timing side channels” (WAFFle).

The citation (13) references WAFs. WAFs are _not_ the same as network security gateways AKA firewalls. They are a very specific security gateway that protects webservers and focuses on HTTP/HTTPS protections.

This is entirely different from a "regular" firewall. Thus, this portion should be removed. There should really be a separate article dedicated to WAF technology. It is that important and relevant in the industry today.

Firewalls are not VPN and DHCP servers[edit]

The page introduction currently states that Firewall appliances may also offer other functionality to the internal network they protect, such as acting as a DHCP[3][4] or VPN[5][6][7][8] server for that network..

This seems to be patently incorrect, since firewalls, DHCP servers, and VPN servers are all distinct services (the fact that specific products may package them up together should be irrelevant to this article). Indeed, citations 5, 6, 7 & 8 all concur - treating VPNs and firewalls as entirely distinct functions. I suggest that this sentence be removed. --Liam McM 21:25, 19 December 2017 (UTC)

The sentence you have quoted explicitly says "Firewall appliances" not "Firewall", meaning that it is not talking about a service, distinct or otherwise.
A server computer can run firewall, DHCP and VPN services at the same time. In fact, Windows Server Essentials and the now-discontinued ISA Server do that.
Best regards,
Codename Lisa (talk) 04:53, 20 December 2017 (UTC)
Codename Lisa is right but this was unnecessary detail in the lead. I have moved it to the body. Some of those citations may be unnecessary. ~Kvng (talk) 15:52, 22 December 2017 (UTC)
Hello, Kvng. That's actually a good idea. Thanks. Best regards, Codename Lisa (talk) 16:44, 22 December 2017 (UTC)
Good call for both of you, thanks for helping. --Liam McM 21:13, 23 December 2017 (UTC)