Network Tallahassee
Support Menu

Billing

How to Connect
DSL Information
Email Information

Spam Control

Website Hosting

VoIP

Internet Security

Windows 10
Windows 8.x

Microsoft Support for Windows XP Ended April 8, 2014

Software Downloads

Miscellaneous

Contact Info

Your IP Address:
  54.198.221.13

11/17/2017 2:30:17 PM

Internet Security
Basic Firewall Information

Topics

Disclaimer

Network Tallahassee does NOT offer technical support for setting up firewalls or fixing incorrectly configured / misbehaving firewalls. The information below provides limited information about firewalls and some tips that may be of use to you. If the information here doesn't help you, you will need to contact the manufacturer of your firewall solution.

What is a firewall?

A firewall is a device or software that filters network traffic based on various criteria including IP addresses, protocols, ports, etc. Firewalls, when properly configured, can reduce the likelihood of computers and other network devices being attacked or hacked/hijacked by other people.

Generally speaking, there are two types of firewalls:

What is NAT firewalling?

NAT firewalling is a term sometimes used to refer to a pseudo-firewall that works by obscuring the IP addresses of computers that are within a network connected to the internet through DSL/Cable/ISDN modem/routers. These modems/routers often have a public IP address on the WAN (internet side) of the router, but have a private IP address (see RFC 1918 - Address Allocation for Private Internets for more information) on the LAN (local area network) side. The other computers on the LAN also have IP addresses within this same private IP address range. These NAT-configured routers typically prevent the outside world from communicating directly with devices/machines on the LAN unless the communications were actually initiated/established by the machines on the LAN. Machines on the public IP space of the internet are not able to distinguish machines behind NAT because they all appear to have the same public IP address that is actually assigned to the routing device. NAT references:

RFC 3022 - Traditional IP Network Address Translator (Traditional NAT)
RFC 2663 - IP Network Address Translator (NAT) Terminology and Considerations

Where can I get a firewall?

Here are some common software-based firewall applications (not listed in any particular order):

It's generally not a good idea to run more than one firewall application on a single computer; they may interfere with one another and cause unpredictable behavior.

Many DSL/Cable/ISDN modems and many routers have built-in firewalls that filter connections before they reach your computer, often eliminating the need for software-based firewalls on computers that are connected to the internet via a DSL/Cable/ISDN modem/router. Refer to your hardware documentation or manufacturer's website for information.

What ports should I leave open?

Many firewalls are configured by default with certain TCP and/or UDP ports open for OUTBOUND connections (connections that are initiated by your computer). The listing below contains some common ports and their use (port number, port type (TCP and/or UDP), purpose/usage). This list does NOT mean you should assume you need to leave all of them open!

Common Port Numbers (see IANA Service Name and Transport Protocol Port Number Registry for a "master" list)
PortTypeProtocolUse
20TCPFile Transfer Protocol (FTP) dataused for the actual data transfer during an FTP session
21TCPFile Transfer Protocol (FTP) connectionused for transferring files back and forth between computers on the internet (e.g.: ftp://ftp.example.com)
22TCPSecure Shell (SSH) Transport Layer Protocolused to interactively log into systems that support terminal sessions via encrypted authentication
23TCPTelnetused to interactively log into systems that support terminal sessions
25TCPSimple Mail Transport Protocol (SMTP)used for transferring mail between mail servers
53UDP/TCPDomain Name System (DNS)required for your computer to "resolve" names like "support.nettally.com" into computer-usable IP addresses
80TCPHypertext Transfer Protocol (HTTP)World Wide Web (http://www.example.com)
110TCPPost Office Protocol version 3 (POP3)used for retreiving mail from a POP3 server
123UDPNetwork Time Protocol (NTP) / Simple Network Time Protocol (SNTP)used for time synchronization
143TCPInternet Message Access Protocol (IMAP)used for interacting with mail on an IMAP server
443TCPHTTP protocol over TLS/SSL (HTTPS)example: https://www.example.com/login
587TCPMessage Submission for Mailused by mail programs to submit mail to SMTP servers
1723TCPPoint to Point Tunneling Protocol (PPTP)virtual private networks (VPNs)
3389TCPRemote Desktop Protocol (RDP)Remote Desktop (terminal services), Remote Assistance

Some firewalls may or may not block one or more types of ICMP traffic that can be used by the ping and traceroute utilities (very useful for researching network problems).

Does Network Tallahassee have a firewall?

Network Tallahassee does perform limited firewalling in our border router that connects our network (and customers) to the outside world. Virtually all of the firewalling at this level is to prevent attacks and other forms of unauthorized access to our servers and network equipment.
We do NOT filter traffic to/from our customers with the following exceptions:

Troubleshooting firewall configuration problems

If you're encountering problems with your firewall, you will need to consult the software's documentation and/or manufacturer for help. Troubleshooting information can typically be found in help files on your computer or in printed material that came with your firewall product. Information may also be available on the manufacturer's web site (typically in a Support section.
The following may be of help: