Basics of Firewalls

-Firewalls-
Ok most hackers should know how to get around and tweak a windows based firewall. If not this is the right guide. First you will learn what

TCP
UDP
MTU
Packet Filtering
Port

What those listed above are. Ok lets get started. The whole point of a firewall is to protect the computer from incoming packets that could be harmful.It also encrypts out going packets and decrypts incoming. A packet is a bit of data that is carrying other data to a destination. They also check outgoing packets.Firewalls can help keep Malware of your pc, trojans and viruses if configured right.

Ok TCP stands for (Transmission Control Protocol ) TCP deals with how data is put into packets.It is what is mostly used to when packets are sent somewhere. TCP doesn't care what the packet contains it just makes sure it gets to it's destination.This is also more reliable when visiting a website, it is more stable then UDP. TCP drops packets but not as much as UDP

UDP (User Datagram Protocol) This is used at times when TCP isn't the best bet.Your PC would use this when you are watching a video say like on youtube. If your computer was to use this instead of TCP when visiting a site, you would never reach that site because UDP is not as stable as TCP. IT constantly drops packets, which is ok under the right circumstances.

MTU (Maximum Transmission Unit) This is used when a firewall is receiving to many packets of data. Say a firewall can only accept packets up to sizes of 250. Well say your packet is 200 bits of data. The firewall would automatically block this.The packet has two options either drop or split into smaller packets.UDP would probably drop the packets. If it splits it would split the packets evenly so all your packets size would decrease to 50. This wouldn't be a problem because when they get to their destination they automatically reform.This also makes the firewall work a lot harder. Constantly doing this would DDos the system,so this could be used for malicious intent.


Packet filtering
This is what all firewalls do. They check the packets heading, to make sure that the packet is headed to the right direction.It checks,for viruses, and trojans, Malware too. They are easy to bypass because they don't check the whole packet just the basics. This is a serious security issue, which could if not thoroughly checked could allow in a trojan or malware.

Port
These are used to allow packets to travel through, sort of like roads.They act as tunnels and can be breached a lot by hackers(hehehe) or exploited to carry in spoofed packets to the users cp. There is 65,535 ports that are used. Most of these are used to allow you web access etc. Port 80 is for http:// which is for websites.

Malicious Intents

Spoofing packets
This can be use to hijack packets and spoof or fake another cp's IP address. This can be used to activate a trojan on the system or sometimes start a DDos attack.

DDos (Distributive Denial Of Service)
You may have heard of this from sites like twitter, myspace and facebook frequently having it happen.This is used a lot to stop legitimate users from accessing a site. Works by flooding an IP with so many packets the MTU works harder.