minitutorials main logo the place to learn online

Sponsor This Site!
Sponsorship Details - miniTutorials is taking enquiries into various Sponsorship opportunities. Available NOW! Read More on our Sponsorship page.
Discussion Forums
visit the mini tutorial forums
For expert help and advice on any of our Tutorials or anything else .... visit the forums and ask away!!

Last Five Posts :-


Warning: include() [function.include]: open_basedir restriction in effect. File(/var/virtual/web/w1785/cgi-bin/db.php) is not within the allowed path(s): (/var/kunden/webs/w0003/:/tmp/:/var/www/syscp/:/var/www/roundcubemail-0.2-beta/:/usr/share/phpmyadmin/:/etc/phpmyadmin/:/dev/:/var/kunden/webs/:/var/lib/php5/:/etc/apache2/sites-enabled/) in /var/kunden/webs/w0003/archives/rightbar_archives.ssi on line 21

Warning: include(/var/virtual/web/w1785/cgi-bin/db.php) [function.include]: failed to open stream: Operation not permitted in /var/kunden/webs/w0003/archives/rightbar_archives.ssi on line 21

Warning: include() [function.include]: Failed opening '/var/virtual/web/w1785/cgi-bin/db.php' for inclusion (include_path='.:/usr/share/php:/usr/bin') in /var/kunden/webs/w0003/archives/rightbar_archives.ssi on line 21

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /var/kunden/webs/w0003/archives/rightbar_archives.ssi on line 24

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/kunden/webs/w0003/archives/rightbar_archives.ssi on line 27
Click on a Topic Title
Google Ads

Firewalls & Security

web design logo

 

Firewalls

 

Under the Bonnet of your Firewall - Part 1

A Safe Port in a Packet Storm

Part 1 - Page 1

 

Back to basics - what is a firewall dealing with?

Essentially it is data, usually being sent down a wire. The precise physical nature of how data is transmitted is beyond the scope of this article, but for our purposes let's assume it is a series of electronic 1s and 0s which make sense to a computer. Computers send data to each other as a series of discrete packets. So, to transmit an email message your computer will split the message into a series of smaller parts, add some extra information about where the data is headed and where it is from, and then send the data down the 'phone line as data packets.

So how do computers understand each other?

They use protocols: - in computer terms protocols are sets of rules which allow two or more computers to communicate, i.e. if comp A sends data in a standardised form to comp B, comp B will recognise it and know from the protocol to send back a certain response. In turn comp A recognises the reply and... you get the picture. There are hundreds if not thousands of protocols that have been developed over time to serve specific purposes. Like buses, they often come in bunches, (often called suites or stacks), and each protocol in a stack does a bit of the work before handing over to the next. The main stack in use on the Internet is called TCP/IP after the two main (but not only) protocols in the stack.

The IP bit (Internet Protocol funnily enough) is responsible for actually getting each packet of data from one side of the world (or room) to the next. To be able to do this every device that is directly connected to the Internet must have a unique publicly registered IP address. If you use a dialup connection to the Internet you will be assigned an IP address when you connect.

IP addresses can be written in a number of ways but by far the most common one is in dotted (or dotted quad) notation. They look something like 137.108.143.138, which is better known as, amongst other things, nobel.open.ac.uk, one of the OU's First Class servers. When computer A needs to send data to computer B over the Internet it puts computer B's IP address on the packet as the destination, and its own IP address as the source. Knowing the IP address of the computer the data is going to isn't quite enough though. A computer can run many processes, any number of which might be needing to send and receive data. Since all the data comes down the same wire (well, actually a bundle of wires but that's not important right now), how does a computer running, say a web browser and an email client know which data is intended for which program? This leads on to...

Ports. We're not talking ports as you may use for connecting your printer or external modem. We're talking software ports, basically, an area of memory in the computer that is temporarily associated with a process while that process is connected to the Net. When you tell your email program to pick up the mail, it in turn asks the operating system to assign it a port number. For a client (i.e. a process requesting data from another computer - a server) the port number assigned will usually be from 1024 upwards. 1-1023 are reserved for specific processes, usually running on servers. E.g. port 80 is the one commonly associated with a web server. The port number assigned to a client is usually whatever the next one available is when the client asks . So, if your browser was assigned 1024. your email client might be assigned 1025. The email client would then send its packets of data to your ISPs mail server using the server's IP address and probably port 110. The packets will show a source address as being your computer's IP address and port 1025. The combination of IP address and port number are called a socket and explicitly identify the email client process running on your particular computer.

Anyone still awake? OK, nearly there.

Your email client and your ISP's mail server establish a connection, (note, we're talking low level protocols here, so it's before anyone gets down to the messy business of usernames and passwords) and then when everyone's happy, the two can start communicating properly, i.e. authenticating and downloading mail. There is a more detailed description of this connection process in Part 2.

Incidentally, in theory a computer using TCP/IP can use all the ports numbered from 1 to 65535, but it would probably grind to a halt trying to run that many processes, all attempting to communicate.

So, your computer creates packets, bearing the IP address of the server your email client is trying to communicate with, and these packets are routed by the specialised computers which make up the infrastructure of the Net, until they arrive at the computer with that destination IP address.

We mentioned that protocols work in stacks. For instance IP is responsible for addressing and detecting whether packets have been damaged on the way (error detection). TCP works out whether any have been lost, sorts out such problems if they do occur (error correction) and actually establishes connections between computers. Further up the stack there are more specialised protocols that define how, for instance, email or webpages are sent and received.

[1][ 2 ] - [ Forward to Part 2 ]

 

About Us | Site Map | Privacy Policy | Accessibility |Contact Us | ©2003 - 2006 miniTutorials.com