14 Oct A Firewall Cannot Protect You Against
What can’t a firewall protect against
Firewalls differ in their functionality, and some provide greater security than others – hardware firewalls are more complex and include subscription services such as IPS (intrusion prevention system), which analyzes activity on ports that must be open (such as 80 and 443 for HTTP and HTTPS web traffic).
A firewall cannot successfully guard against social engineering, which involves someone disclosing login information or personal information to an unauthorized source (e.g. by clicking a link in an email or going to fake version of a site they use). Firewalls are extremely smart, and some may alert a user if anything does not appear to be quite right, but the issue is one of user awareness – it is preferable to educate people on internet safety than to rely only on technology.
The following threats are not protected by a firewall
Take a look at this!: 5 Mistakes Companies Are Making in the Digital Workplace
Malicious use of allowed services
For example, a firewall cannot prevent someone from utilizing an authenticated Telnet connection to infiltrate your internal computers, or from tunneling an unauthorized protocol via another, approved protocol.
Users who do not pass through the firewall
A firewall can only limit connections that pass through it. It cannot protect you from anyone who can circumvent the firewall, such as using a dial-up server behind the firewall. It also can’t stop an inside intruder from hacking into a system. A properly designed intrusion detection/prevention system may be required to identify and defeat various types of attacks.
If intruders use social engineering to get credentials they are not permitted to have or otherwise undermine authentication systems, the firewall will not stop them. For example, a hacker may phone your users and pose as a system administrator, asking for their credentials in order to “correct some problem.”
Flaws in the host operating system
The security of a firewall is only as good as the operating system on which it is placed. Operating systems include several weaknesses that a firewall cannot guard against. This is why it is critical to adequately safeguard the operating system and apply the essential security updates before installing the firewall, as well as on a regular basis afterward. It also explains why “appliance” firewalls, such as those offered by Nokia and NetScreen, which include a purpose-built, protected operating system, are gaining popularity.
All potential threats
Designers frequently respond to issues found by hackers, who are typically at least one step ahead of firewall makers.