Last part of the article series connection to the Internet. In this article I talk about how firewall is so crucial and what it basically does. Also I give some useful tips how to check your network status with command line, in this case, Windows command line cmd.
Firewall
So what is firewall?? You can thing firewall as a barrier that shields your base during all traffic around Internet. But there is way more that it does.
Firewall mission is to prevent all not wanted traffic from Internet to internal network or to workstation. It can also work other way around, it can disallow all connection from workstation to Internet. Well you can block even more things but usually firewall only used block connection from web to computer.
There are three ways firewalls read out-coming connections. They are:
- Accept, this is used when firewall knows that connection is tried to create from inside using TCP for example. When the answer message comes firewall let it go through so the connection can be created
- Deny, means basically it doesn’t let connection to be created. Some one is trying to send data from ominous way or some programs want to make connection to web
- Drop, means that firewall drops the coming data package so the sender doesn’t even know is Internet connection used.
Usually in big corporation there is many computers but only one Ip-address to public network. Hey hang on?!? Why there is only one public Ip-address to Internet eventhought there are more than one computer? Should everyone has it own public Ip-address? The answer is: no.
This all is explained by the NAT-protocol, Network Address Transition where the firewall changes interior Ip-address to public Ip-address.
Example: 172.1.1.1 <–firewall NAT–> 80.54.122.37
This increases security and makes it harder to find out the real Ip-address. Still it is possible to hack computer even thought NAT-protocol is used.
In Windows 7 the firewall is stateful packet-filtering firewall. This means that all connections that come from outside are processed by Ip-addresses and ports (example port 80 reads HTTP). Default setting to all messages and connection you are trying to create are allowed to pass.
Windows command line basic checks
There are plenty of useful commands that you are able to use to check your Internet settings. To see what you are able to do with them add ” /? “ that mark to end of command. Let me introduce you to:
- ipconfig, this is used to quick view all the necessary details about your network.
- ping, one of the quickes way to see is network connection to another computer in the same network working. Basically you need to ping Ip-address or web address. Here is couple solution to problems if you get this kind of message
Request timed out. Data is send but nothing is get back. Reasons are that firewall block coming ping request or the receiver doesn’t know where the sender is. Reason for this is incorrect subnetmask or Ip-address could’t be find in that network back to sender.
Destination Unreachable. This means that there no longer exist anything.
Couldn’t find the host. You might have typed the Ip-address or web-address. Also DNS could be down or there is no current connection to server. This still means that there should be working DNS-server
- tracert (traceroute), this is used to track the route where data is going. This could be used to track miss connections, like if you are in big corporation where are many switches and routers if something is broken.
- arp, tells us all the mapped Ip- and MAC-addresses.
- route, shows us all routers in the network. If there is more than one router, you are able to use this command to change, delete or create new connection. Basically used in big corporations to scatter workstations.
- hostname, tell’s us workstation name.
- netstat, is used to show us statistics about UDP-, TCP-, Ip- and ICMP-protocols, where data is send, where data is received and if there has been errors it is also showed.
-Tuomas Törmä
Sources
- Studies in Haaga-Helia spring 2013 Course Basics of Computers and networks Teacher Petri Hirvonen
Tuomas Törmä 