A firewall is used by Anti Virus Support to prevent unwanted access to network services. It is geared to the address of the communication partners ( ie, “who is allowed to access what “). As a rule, can not prevent the exploitation of a vulnerability in the Network Service.
When utilizing the backward path, it cannot protect against access to vulnerabilities, if the communication partner can access the vulnerable areas of the program. Therefore, programs that are intended for network access, must be kept up to date to close known vulnerabilities. Some firewalls provide filters that limit the remote access to the used network service by, for example, the filtering of vulnerable ActiveX objects from web pages.
The browser can then no longer access embedded Web page objects, which also means that it can not be attacked via these objects. Alternatively, this behavior can also be reached through the configuration of the browser.
Depending on the type, a firewall can draw attention to the network access of a secretly installed malicious software at best, and sometimes even prevent their network access. Such success, however, is strongly influenced by the complexity of the harmful software. The exploitation of bugs in the networking implementation of the operating system can outsmart a firewall at best.
The effectiveness of a firewall can be compared with the safety of a car, for which there are also scenarios where it is unable to protect the driver. It is useful to put on the belt and at the same time not to drive carelessly with the knowledge of its limitations, so there must be an active Anti Virus Support on your computer.
Anti Virus Support: Filtering technologies
The simple filtering of data packets based on the network address is the basic function of all firewalls (in a TCP/IP network, meant for more accurate filtering of the ports and the IP address of the source and target system).
This stateful filtering is an advanced form of packet filtering. In order to restrict access to an established connection in more detail and better protect unauthorized access to the internal network.
A proxy filter is representative of the requesting client, it connects to the target system and forwards the response from the target system to the actual client. As it leads the communication itself, it can not only see, but also influences. Specializing in a particular communication protocol, such as HTTP or FTP, it can analyze the contiguous data, filter requests and make, if necessary, any adjustments.
Sometimes it serves to cache certain answers for faster processing of recurring requests. On a single device, often several such filters are used in parallel in order to serve different protocols.