Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > firewall > Content
Hot Articles
The open firewall port r
Explains the specialized
ESET NOD32+ wonderful ti
How the pronunciation an
Discusses the firewall c
Under Linux system firew
Individual firewall's tr
360ARP firewall's simple
How does Firewalking-- s
Eurotech releases indust
Impediment firewall secu
Under CMD establishes th
Netintelligence awarded
Lets Vista network secur
20 model of most outstan
Recommend Articles
Knew that the Linux oper
Discusses the firewall c
How the pronunciation an
Lets Vista network secur
The big spider collabora
Under Linux system firew
Individual firewall's tr
Establishment firewall i
The network firewall mai
In network security fire
USBKill8.0 implementatio
Discusses the firewall t
Stops up the long-distan
Clearly recognizes the f
About low in high securi
New Articles
Over 150,000 metric secr
Check Point Positioned i
The must-have requiremen
safe browsing Trusteer B
Kaspersky Personal Secur
X6 VirusBarrier antiviru
Patelco Credit Union For
Panasonic Network System
Malware infections are a
Redscan rebrand as Red B
Wei?book contains?lt gui
Kaspersky Personal Secur
Imperva and Qualys Partn
The H?half of the studen
F-Secure Internet Securi
About firewall's classification and good and bad points summary(2)
  Add date: 07/18/2008   Publishing date: 07/18/2008   Hits: 5
Total 7 pages, Current page:2, Jump to page:
 


  Discarding package which spreads from the public network, but these packages have in your network source address, thus reduces the IP fraudulence attack.

  Discarding contains the source routing information the package, reduces the source route attack. Must remember, in the source route attack, the pocket which spreads including the routing information, it covered the package to adopt the primary route through the network, possibly will bypass the existing safety procedure. Through neglects the source road 2. condition/dynamic examination firewall

  The condition/dynamic examination firewall, attempts to track through firewall's network connections and the package, such firewall may use the standard which a group attaches, by determined whether to permit and refuses to correspond. It is in used the basic package to filter in firewall's correspondence to apply some technologies to do this some.

  When the package of filtration firewall saw that a network package, the package is the isolated existence. It will not have the history which or the future the firewall cared. The permission and a rejection package of decision are decided the information which completely own contains in the package, like source address, destination address, port number and so on. In the package has not contained any describes it in the information flow position information, then this diaper thought that is the non-condition; It is only the existence.

  Not only has the condition package of inspection firewall track is the information which in the package contains. In order to track a package of condition, the firewall also record useful information helps the recognition package, for example the existing network connections, the data spread the request and so on.

  For example, if spreads pocket including video frequency data stream, but the firewall already had possibly recorded the related information, was about is located at the specific IP address the application procedure to send out the package of source address request video signal recently the information. If spreads the package is must pass to sends out the request the same system, the firewall carries on the match, the package may allow to pass.

  A condition/dynamic examination firewall may interrupt the correspondence which all spreads, but permits the correspondence which all spreads. Because the firewall track interior exits the request, possesses the data which spreads according to the request to allow to pass, is closed until the connection. Then has not been requested to spread the correspondence to interrupt.

  If is moving a server in the firewall, the disposition will become slightly complex somewhat, but a condition package of inspection will be very powerful and the compatible technology. For example, may dispose the firewall Cheng Zhi to permit the correspondence which enters from the specific port, only may pass to the specific server. If is moving the Web server, the Web server which the firewall only spreads to 80 ports the correspondence which sends assigns.

 
Other pages: : <<Prev * 1 * 2 * 3 * 4 * 5 * 6 * 7 * Next>>
Prev:One make the supercomputer firewall Next:Understands the source Linux firewall generator

Comment:

Category: Home > firewall
Home