Free Essay About Securing Windows 8 Using Windows Firewall:
A host-based firewall is configured to filter traffic on an individual computer using specific customizable rules while a network based (perimeter) firewall is configured to filter traffic at a network level before it reaches individual computers.
Host-based firewalls offer several benefits over network firewalls such as mobility and firewall rule customization. Ease of mobility allows one to move a computer such as a laptop location X to Y without the need for firewall reconfiguration since the rules are saved on the local machine. On the other hand, firewall rule customization allows one to perform specific filters such as blocking a particular application from accessing the internet on that computer.
Traffic in a Windows (host-based) firewall is classified based on applications or port numbers. When traffic is filtered based on applications, the administrator can block a particular application from accessing the internet (blacklist) or add applications to the exceptions list (whitelist). Traffic classification based on port involves opening or closing a port to either allow or block traffic from processes that use the port. Filtering traffic based on applications is a better method than port-based filtering since port based filters can be bypassed by the use of non-standard ports, hopping traffic through various ports, and sneaking traffic through specific ports that are usually kept open such as port 80 and 443 used by the Transfer Control Protocol (TCP) and secure hypertext transfer protocol (HTTPS) respectively. Application filtering is also more secure since legitimate applications can be identified using process identifiers (PIDs), digital signatures, and protocol analysis e.g. use on encryption protocols such as SSH.
Share permissions are used when dealing with files and folders shared across multiple user accounts or a network. These permissions allow one to prevent or grant file and folder access on individual users, user groups or on a comprehensive basis (all users and groups). The permissions available in this set-up are “Read”, “Change” and “Full Control”. The Read setting allows a user or group to view folder contents. The Change setting allows users or groups to alter but not delete the contents of a folder while the Full Control setting is comprehensive of all other settings and allows for deletion of folder contents. Share permissions are mostly used in systems that have the FAT32 file systems, or systems that do no support NTFS.
NTFS (New Technology File System) permissions control file permissions over networks and local computers. When changing NTFS permissions for a particular folder, the administrator can select specific users, groups, or user account types e.g. administrators. NTFS permissions are more detailed since they focus more on system control rather than sharing control. These permissions include: “Read”,“Read and Execute”, “Write”, “List Folder Contents”, “Modify” and “Full Control”. The Read and Execute permission allows users to view files and run applications, the Modify setting allows users to change folder contents while the List Folder Contents setting allows one to view a list of folder contents. The Read and Full Control settings are similar to those in Share permissions while Write allows one to add new files.
Both NTFS and Share permissions can be used together since they work independently. However, when used together, both share and NTFS permission entries are considered, and the most restrictive permissions applied.
Password protection and file encryption add an extra security layer over NTFS and share permissions since passwords prevent someone with physical access to the computer from gaining access while file encryption protects data from both local and remote access. When data is encrypted, an intruder who manages to bypass NTFS permissions cannot read the encrypted files and folders.
- APA
- MLA
- Harvard
- Vancouver
- Chicago
- ASA
- IEEE
- AMA