8 firewall, 1 threat analysis, 1 the dangers – Lancom Systems LCOS 3.50 User Manual
Page 104: Firewall
LANCOM Reference Manual LCOS 3.50
̈
Chapter 8: Firewall
104
Fi
rew
a
ll
8 Firewall
For most companies and many private users a work without the Internet is no
longer conceivable. E-mail and web are indispensable for communication and
information search. But each connection of the workstations from the own,
local network to the Internet represents however a potential danger: Unau-
thorized users can try to see your data via this Internet connection, to modify
it or to manipulate your PCs.
Therefore this chapter covers an important topic: the firewall as defensive
measure against unauthorized access. Besides a brief introduction to the topic
of Internet security, we show you which protection a LANCOM is able to offer
you by right configuration and how to make the needed specific settings.
8.1
Threat analysis
To plan and to realize suitable measures to guarantee security, it is advisable
to know first all possible sources of danger:
̈
Which imminent dangers exist for the own LAN resp. the own data?
̈
Which are the ways intruders take for the access to your network?
We denote the intrusion into protected networks in the following as
“attack” according to the general usage, and the intruder thus as
“attacker”.
8.1.1
The dangers
The dangers in the Internet arise in principle from completely different
motives. On the one hand the perpetrators try to enrich themselves personally
or to damage the victims systematically. By the ever increasing know-how of
the perpetrators, the “hacking” became already a kind of sports, in which
young people often measure who takes at first the hurdles of Internet security.
Regardless of the individual motivation, the intention of the perpetrators
mostly leads to the following aims:
̈
Inspect confidential information such as trade secrets, access information,
passwords for bank accounts etc.
̈
Use of LAN workstations for purposes of the attackers, e. g. for the distri-
bution of own contents, attacks to third workstations etc.
̈
Modify data of LAN workstations, e. g. to obtain even further ways for
access.