Firewalls And Malware Security Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

In the IT world of 21th century, with the advanced of technology computer and internet are a device we use in our daily life. With the convenient of internet usage we can easily search for information, downloading stuffs and connecting with the others. While we are using the internet for our daily use, we might encounter some unwanted internet threat such as viruses, malware, spyware or even hacker.

Well of course, nowadays there are also many ways to protect your precious computer for being hacked or your data being stole. One of the many ways was to turn on the firewall. In this report , it will tell you something about firewall.

History of Firewall

When compared to the rest of the computing industry, the firewall technology is quite an adolescent. The 1st generation of firewall architectures was called packet filter firewalls. It was first appeared around 1985 courtesy of the IOS software division of computer networks giant Cisco.

Three years later, the first paper for firewall technology was published, authored by Jeff Mogul of the Digital Equipment Corporation (DEC). However, during1980-1990, Dave Presetto and Howard Trickey of AT&T Bell Laboratories were developing the second firewall generation - circuit level firewalls.

In 1990 and 1991, the third generation of firewalls papers was published by Bill Cheswick, Marcus Ranum, and Gene Spafford, it is call called application layer firewalls This triumvirate researched and developed the third generation independently of each other, with Ranum receiving the most attention for his work.

In year 1991, the DEC released the first firewall commercial product, named "SEAL".SEAL was based on the work of Marcus Ranum. At the following year, Bob Braden and Annette DeSchlon from University of Southern California began to develop their own fourth generation firewall system, called "Visas". It was the first system that used a visual integration, interface and full of colors and icons. Which it could be easily implemented on a computer with the operating system such as Microsoft's Windows or Apple's MacOS. FireWall-1 was a commercial product that released in 1994 by Isreali company Check Point that was formed by the basis of Visas.

In 1996, Scott Wiegel of the Global Internet Software Group began his work on the fifth generation of firewall, it was called the Kernel Proxy architecture. After a year later, Cisco released the first commercial product that was based on the Kernel Proxy technology,and it was named the Cisco Centri Firewall.

Function of Firewall

If you had been using internet at any length of time or working in a big company and browse the Web while at work, you may find yourself heard the term firewall is used. For example you will often hear people say things like "I can't enter that site because they won't let it through the firewall". This is because the firewall had blocked any potential site that maybe a threat to the user that set it.

Basically a firewall work as barrier that keeps the destructive force away from your property. It is a gateway between your private network and the Internet. It will filter out any unauthorized network and ensure nothing private goes out. A user can set up rules for FTP servers, Web servers, Telnet servers and so on. In addition, the user can control the connection to Web sites, whether files are allowed to leave the computer over the network and so on. A firewall gives a user tremendous control over how people use the network.

A firewall is important, if a computer does not have a firewall, is like a house without a door, anyone can enter your house even thief and robbery. This go the same for your computer and imagine leaving your computer without a firewall is like letting any network come in and goes out of your computer without your authorization. Without a firewall a hacker can easily break in your computer and steal information or rip your computer apart.

Picture shows how a firewall works.

Types of Firewall

There are several types of firewall depending on where is the communication is intercspted and where the communication is placed plus the state that is being traced.

Packet Filter

The packet filter is also known as network layer firewall, it operate at a relatively low level of the TCP/IP protocol stack, not allowing any packet to pass unless they fulfill the rule that had been set. Packet filtering may appear in a bridge, a router or even an individual host and operates at the network layer. It is configured with rule to block or filter protocol and addresses and it is installed at the external network gateway. Internal users usually have direct access to the internet while most access to site system from internet is blocked.

Application Layer

Application layer gateway is a program that will provide a safety barrier between the internal user and the internet. These programs lead the internal user to connect to the application level gateway instead of the Internet directly such as World Wide Web browser. The application level gateway will then establishes the connection with the required World Wide Web server on the internet and acts as a go-between for the session.

An application firewall is much more reliable and secure compare to a packet filter firewall because it work on all seven layers of the OSI reference model, all the way from application down to the physical layer. One of the goo example of an application firewall is the ISA (Internet Security and Acceleration) sever. An application firewall can filter higher-layer protocols. For example, if a campus wants to block every information that related to "game" then the content filter can be enabled on the firewall to filter out website that relate to the particular word. Software-based firewalls are much slower than a stateful firewalls.

Stateful Firewall

A stateful firewall can hold a significant attributes of each connection in memory, from the begin to the end. These attributes, which are collectively known as the state of the connection, may include details such as the IP addresses or the ports involved in the connection and the sequence numbers of packets traversing on the connection. The most CPU intensive checking is performed on the time of setup of the connection. All packets after that will processed rapidly because it is fast and simple to determine whether it belongs to an existing, pre-screened session. Once the session has been ended, its entry in the state-table is discarded.

There are many stateful firewalls are able to track down the stat of flows through the connectionless protocols, like UDP. By keeping the track of the connection state, statefull firewalls can provide added efficiency in terms of packet inspection.


A proxy device either on dedicated software or as hardware on a general-purpose machine can act as a firewall by responding to the input packets in the manner of an application, whilst blocking other packets.

A lot of schools, work places and colleges restrict the web sites and online services that are available in their buildings. This is all done by either with a specialized proxy, called a content filter or by using a cache-extension protocol such as ICAP, that are allows plug-in extensions to an open caching architecture.

Assuming that the requested URL is acceptable, the content will then be fetched by the proxy server. At this point a dynamic filter may be applied on the return path. For example, JPEG files can be blocked based on fleshtone matches, or language filters could dynamically detect those unwanted language. If the following content is rejected, therefore an HTTP fetch error is returned and nothing is cached.


Internet help us in our daily life a lot, it is fast and easy to be use. City citizen used internet everyday no matter checking internet or using facebook, it also help us to connect with other people. But is also our responsible to protect our own computer away from the threat that come from internet. Therefore we should set up a firewall to help to protect our computer.

A firewall is a device of that separates and protects your network - in most cases, from the Internet. It can restrict traffic to only what is acceptable to you, and allows monitoring to see what is happening. Is also very important to remember about firewalls is that they enforce a security policy by allowing a single point for security decisions to be made. They also limit your exposure to the internet, and allow you to log traffic.

Firewalls can be implemented in either hardware or software, or a combination of both. Firewall is frequently used to block unauthorized internet user for entering user's private network connection. All messages entering or leaving the internet will pass through the firewall, and examines each message and block those that don't meet the specified security criteria. Firewall allow user to control the internet connection that come in or goes out the computer.


Name: Yee Kang Ching

Student ID: j10007728

Subject: CSC1100 Principle of Information Technology

Title: Firewall


To identify different types of firewall.

To understand how a firewall works

To determine the history of firewall