Network Security Essentials - Notes10. Firewall
Network Security Essentials -- Notes10. Firewall
Firewall's Goals
1. All traffic must pass through the wall
2. Only authorized traffic is allowed to pass
3. Immune to penetration
Techniques
1.Service Control -- "This IP is blocked"
2.Direction Control -- "Currently we only allow outside traffic"
3.User Control -- "You are not allowed to get in"
4.Behavior Control -- "You can't send spams to me"
Types of Firewall
1.Packet-filtering Router -- Filtering based on info in TCP/IP headers, including
a.Source IP
b.Destin IP
c.TCP Port number
d.IP Protocol Field
e.Rooter's Interface (Interface for inside traffic or for outside traffic)
2.Application-level Gateway = Proxy, inspecting application-level messages
a.Advantage: More secure than packeting-filter
b.Disadvantage: Too much additional overhead
3.Curcuit-level Gateway
Firewall's Goals
1. All traffic must pass through the wall
2. Only authorized traffic is allowed to pass
3. Immune to penetration
Techniques
1.Service Control -- "This IP is blocked"
2.Direction Control -- "Currently we only allow outside traffic"
3.User Control -- "You are not allowed to get in"
4.Behavior Control -- "You can't send spams to me"
Types of Firewall
1.Packet-filtering Router -- Filtering based on info in TCP/IP headers, including
a.Source IP
b.Destin IP
c.TCP Port number
d.IP Protocol Field
e.Rooter's Interface (Interface for inside traffic or for outside traffic)
2.Application-level Gateway = Proxy, inspecting application-level messages
a.Advantage: More secure than packeting-filter
b.Disadvantage: Too much additional overhead
3.Curcuit-level Gateway