Common Computer misconceptions we are harboring as a Regular PC User. I’m trying to concentrate over the misconceptions only. So, not all of them has solution here. You can check my other articles for the solution. I’m sure you will get it. If you don’t have that much patience. Please ask in the comment I will answer it for you.
1. A firewall will prevent your server from being hacked.
If configured correctly, a firewall can certainly prevent traffic from reaching say, the SSH port on your servers. But it cannot prevent someone from brute forcing a login (which is why having the most secure password you can is important).
2. A firewall will protect against bad code.
A classic example of a way to compromise a server is referred to as a ‘SQL injection attack’. In cases where applications are written in a specific way, it’s possible for an attacker to execute arbitrary SQL commands against a database, and a firewall won’t be able to help.
This is because of the way traffic on the internet is structured. Think of a packet like a multi-layer cake, with the firewall only able to view the first few layers. Attacks of this type occur at layers past what the firewall can ‘see’.
3. A firewall will protect you against Denial of Service (DoS) attacks.
DoSs of yesteryear were relatively easy to mitigate due to their size. However, with the number of compromised hosts on the internet and the advent of ‘bot controllers,’ hundreds or thousands of hosts can be used to launch attacks many gigabits per second in size. In March of 2013, one company was targeted with a DoS that tipped the scales at 300 gigabits per second. No hardware firewall is capable to standing up against a fusillade of that size.
4. A firewall will provide absolute security.
No single application or appliance can guarantee perfect security, and that applies to firewalls as well. There is no magic bullet when it comes to protecting your servers – defense in-depth is the name of the game.