Post cover image

June 15, 2026

PRIMARY CONTACT — Firewall

Easy to Hack!!!

Wafeeq Syed

4 min read

In the face of world where people think Cyber Security is all about hacking, How do you think assets are still safe, may it be a corporate environment or might be a organizational network. For a digital asset to be safe requires layers of protection. Of which firewall is your first layer.

If you are a fresher for the cyber security industry, this handle for you, In todays writing we will be solely focusing on FIREWALLS.

So first things first

WHAT IS A FIREWALL?

A firewall is a network security device or software application that monitors, filters, and controls incoming and outgoing network traffic based on a predefined set of security rules. It acts as a barrier …..and more

simply put it is your front door guard to your house, he is the one who decides whether to send a particular person inside or kick back(deny).

Well duh! to allow or deny someone from getting into my house, The guard must first know whom to send and block from entering right?

Here comes my directions to the guard, as the owner of the house I instruct the guard on whom to block and whom to allow in.

For example : Any person who is tall and wearing a mask — Don't allow. Any person with no mask — Allow.

Basically this is the working of the firewall. Where Guard ==>Firewall, Instructions ==> Rules.

Now lets get a bit technical,

A firewall is a network security device or software application that monitors, filters, and controls incoming and outgoing network traffic based on a predefined set of security rules.

So, as for the working of it,

None

External network is the internet and internal network represents your assets or company or org…etc.

prerequisite — Packet(Think of it as a request or some message)

WORKING:

Whenever a packet attempts to enter or leave a network, it passes through the firewall before reaching its destination. The firewall examines the packet and compares its characteristics against a predefined set of security rules.

Stage 1 : Traffic Arrives

Stage 2 : Inspection

Stage 3 : Rule evaluation

Step 4 : Action

These are self explanatory but lets see a bit more, shall we.

Traffic arrival :

A packet reaches the network boundary where the firewall is deployed.

This traffic may originate from:

. The Internet . Another network . An internal device . A remote user etc..

For example, when a user visits a website, packets containing the request travel through multiple networks before reaching the web server.

Packet Inspection :

The firewall examines the packet header.

Looks for:

  • Destination IP address
  • Source IP address
  • Source port number
  • Destination port number
  • Protocol type (TCP, UDP, ICMP, etc.)
  • Connection state information

Example: Src_ip : 203.0.113.5 dest_ip : 192.168.1.10 Protocol : TCP Destination Port : 443

This information hepls the firewall determine the nature and the purpose of the packet or request.

Rule evaluation:

The firewall compares the packet against its configured security rules.

Example rules may include: Rule 1: Allow TCP Port 443 Rule 2: Allow TCP Port 22 from Admin IP Rule 3: Block All Other Traffic

Action: After checking the rules it will decide to either allow or deny the packet.

Logging, this is like a history of the firewall activity. It stores every firewall activity of allowing or denying including timestamps.

Well now as we have seen the surface of the firewall lets go a bit deeper

None

As for the types of firewalls there are many, as following Network firewall

  • Host-based firewall
  • Hardware firewall
  • Software firewall
  • Internal firewall
  • Distributed firewall
  • Perimeter firewall
  • Next-generation firewall (NGFW)
  • Packet filtering firewall
  • Circuit level gateway
  • Web application firewall
  • Proxy firewall
  • Stateful inspection firewall

HOST BASED FIREWALL: A host-based firewall is software installed on a single endpoint (like a laptop, server, or mobile device) to monitor and control its incoming and outgoing traffic. It acts as a strict gatekeeper, protecting the device from malicious or blocked traffic.

Windows Defender Firewall, iptables, and macOS Application Firewall are premier examples of host-based firewalls.

HARDWARE FIREWALL: Hardware firewalls are dedicated physical appliances positioned between a local network and the internet to inspect all incoming and outgoing network traffic.

Cisco ASA/Firepower, Palo Alto PA-Series, and Fortinet FortiGate are premier examples of hardware firewalls.

INTERNAL FIREWALL: An internal firewall is deployed inside the local network to segment different departments.

_example: _Isolating high-value production servers from testing and development environments.

PACKET FILTERING FIREWALL: The most basic, "stateless" form of firewall. It inspects individual data packets independently, checking only the packet headers (source/destination IP addresses, port numbers, and protocols) against a static set of access control rules. It does not look at the packet data or the context of previous packets.

simply put, it just checks the packet on rules, does not regard the relativity to the previous packet to the current one.

CIRCUIT LEVEL GATEWAY: This firewall operates at the Session layer (Layer 5) of the OSI model. Instead of looking at individual packets, it monitors the virtual handshakes (like a TCP handshake) between local and remote hosts to verify that a network connection session is legitimate before allowing traffic to pass.

STATEFUL INSPECTION FIREWALL: A dynamic firewall that monitors the entire state and context of active network connections. It records open outbound connections in a "state table". When an inbound packet arrives, the firewall checks the table to see if it is a part of an established, safe conversation, blocking unsolicited traffic automatically.

WEB APPLICATION FIREWALL: A highly specialized firewall designed exclusively to protect web servers and web applications. It monitors, filters, and blocks malicious incoming HTTP/HTTPS traffic. It focuses specifically on application exploits like Cross-Site Scripting (XSS), SQL Injection, and cookie poisoning.

NEXT GENERATION FIREWALL: An advanced network security device that merges traditional firewall features (like stateful inspection) with sophisticated, intelligent capabilities. These include Deep Packet Inspection (DPI) to read packet payloads, application awareness to control specific apps, built-in Intrusion Prevention Systems (IPS), and cloud-hosted threat intelligence.

These are the main types of firewalls there are some other firewalls also, depending on the requirement the type to be used is varied.

That's all for the Primary contact — Firewall,

For any queries feel free to DM me @ wafeeqsyed303@gmail.com

NOTE: Some of the contents in the writing are taken from published sources for credibility, They are Palo Alto Networks, Cisco. BONUS: For starters you can try to complete a certification on FIREWALL by Fortinet.

Thankyou for reading.