Packet Filtering, Application Level Awareness, Inbound and Outbound Rules and Network Address.

packet-filtering firewall examines each packet that crosses the firewall and tests the packet according to a set of rules that you set up. If the packet passes the test, it’s allowed to pass. If the packet doesn’t pass, it’s rejected.

Packet filters are the least expensive type of firewall. As a result, packet-filtering firewalls are very common. However, packet filtering has a number of flaws that knowledgeable hackers can exploit. As a result, packet filtering by itself doesn’t make for a fully effective firewall.

Packet filters work by inspecting the source and destination IP and port addresses contained in each Transmission Control Protocol/Internet Protocol (TCP/IP) packet. TCP/IP ports are numbers that are assigned to specific services that help to identify for which service each packet is intended. For example, the port number for the HTTP protocol is 80. As a result, any incoming packets headed for an HTTP server will specify port 80 as the destination port.

Port numbers are often specified with a colon following an IP address. For example, the HTTP service on a server whose IP address is 192.168.10.133 would be 192.168.10.133:80.

Literally thousands of established ports are in use. A few of the most common are in the following list.

The rules that you set up for the packet filter either permit or deny packets that specify certain IP addresses or ports. For example, you may permit packets that are intended for your mail server or your web server and deny all other packets.

Or, you may set up a rule that specifically denies packets that are heading for the ports used by NetBIOS. This rule keeps Internet hackers from trying to access NetBIOS server resources, such as files or printers.

One of the biggest weaknesses of packet filtering is that it pretty much trusts that the packets themselves are telling the truth when they say who they’re from and who they’re going to. Hackers exploit this weakness by using a hacking technique called IP spoofing, in which they insert fake IP addresses in packets that they send to your network.

Another weakness of packet filtering is that it examines each packet in isolation without considering what packets have gone through the firewall before and what packets may follow. In other words, packet filtering is stateless. Rest assured that hackers have figured out how to exploit the stateless nature of packet filtering to get through firewalls.

In spite of these weaknesses, packet filter firewalls have several advantages that explain why they are commonly used:

  • Packet filters are very efficient. They hold up each inbound and outbound packet for only a few milliseconds while they look inside the packet to determine the destination and source ports and addresses. After these addresses and ports are determined, the packet filter quickly applies its rules and either sends the packet along or rejects it. In contrast, other firewall techniques have a more noticeable performance overhead.

  • Packet filters are almost completely transparent to users. The only time a user will be aware that a packet filter firewall is being used is when the firewall rejects packets. Other firewall techniques require that clients and/or servers be specially configured to work with the firewall.

  • Packet filters are inexpensive. Most routers include built-in packet filtering.

Well-Known TCP/IP Ports
PortDescription
20File Transfer Protocol (FTP)
21File Transfer Protocol (FTP)
22Secure Shell Protocol (SSH)
23Telnet
25Simple Mail Transfer Protocol (SMTP)
53Domain Name Server (DNS)
80World Wide Web (HyperText Transport Protocol; HTTP)
110Post Office Protocol (POP3)
119Network News Transfer Protocol (NNTP)
137NetBIOS Name Service
138NetBIOS Datagram Service
139NetBIOS Session Service
143Internet Message Access Protocol (IMAP)
161Simple Network Management Protocol (SNMP)
194Internet Relay Chat (IRC)
389Lightweight Directory Access Protocol (LDAP)
396NetWare over IP
443HTTP over TLS/SSL (HTTPS)

Comments

Post a Comment

Popular posts from this blog

What is a Firewall and How Does It Work?

Image
  What is the firewall? Firewall is a protective layer. Based on the pre-configured rules, it monitors and controls each packet passing through it. Broadly there are two types of firewall; hardware firewall and software firewall. Hardware firewall In this type of firewall, firewall is installed in a dedicated device. This device only runs the firewall. Since all resources of the device are available only for the firewall, it filters the traffic blazingly fast and accurate. It also offers several additional security features such as encryption and logging. Hardware firewalls are complex in configuration. Only experienced network administrators can configure these firewalls. Besides configuration, hardware firewalls also cost a lot of money as they use dedicated device. Fast speed and max accuracy are the advantages of the hardware firewall while high cost and complex configuration are the disadvantages of this firewall. Software firewall In this type of firewall, firewall is install...
Read more

Hardenign Host security measures

PC are now pretty much synonymous with the internet, and the internet is also associated with a wild world of hackers, threats, and scams. If you know what it's like to deal with a PC that's in trouble because of a lack of security, you likely never want to experience it again. Even if you haven't yet had to deal, you'll have a much better chance of keeping your PC secure if you follow these tips. 1. Ensure Windows Defender is operating properly The Windows Defender Security Center is a native Windows 10 app that includes an antivirus, firewall, and more. These tools are designed to keep unwanted malware from getting onto your computer, to cleanse your PC when an infection occurs, and to keep malware that has made it onto your PC from communicating with the open internet. There are, of course,  plenty more antivirus options out there , but Windows Defender is a strong option. No antivirus is 100-percent effective, but it should give you some peace of mind knowing that ...
Read more