Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > firewall > Content
Hot Articles
Under Linux system firew
ESET NOD32+ wonderful ti
How the pronunciation an
The open firewall port r
Impediment firewall secu
Individual firewall's tr
20 model of most outstan
Discusses the firewall t
360ARP firewall's simple
Discusses the firewall c
The big spider collabora
One make the supercomput
Establishment firewall i
Deploys the firewall str
About firewall's classif
Recommend Articles
Knew that the Linux oper
Discusses the firewall c
How the pronunciation an
Lets Vista network secur
The big spider collabora
Under Linux system firew
Individual firewall's tr
Establishment firewall i
The network firewall mai
In network security fire
USBKill8.0 implementatio
Discusses the firewall t
Stops up the long-distan
Clearly recognizes the f
About low in high securi
New Articles
Helps you to become kill
The novice fosters the H
Under CMD establishes th
Installs firewall's 12 m
Public Sector organisati
McAfee announces compreh
AppGate adds support for
dns Managed Security Inf
Worthing Borough Council
Hackers use top news sto
Firewall test: From basi
Resists hacker's invasio
Resists the network atta
Takes 0% resources HOST
Teaches you to use the A
About firewall's classification and good and bad points summary
  Add date: 07/18/2008   Publishing date: 07/18/2008   Hits: 4
Total 7 pages, Current page:1, Jump to page:
 
The network security becomes now one of most popular topics, many enterprises to safeguard own server or the data security have used the firewall. Along with the technical development, the firewall gradually is also accepted by the populace. But, because the firewall belongs to the high tech product, many people are not regarding the understanding very thorough. But this article was narrated the firewall work way for everybody, as well as firewall's basic classification, and discussed each kind of firewall's good and bad points.

  First, firewall's basic classification

  1. package of filtration firewall

  The first generation of firewall and the most fundamental mode firewall inspects each through network package, either discarding, either allows to pass, is decided by set of rules which establishes. This is called the package of filtration firewall.

  Essentially, wraps the filtration firewall is the multiple access, indicated that it has two either two above network adapters or the connection. For example, possibly has two network card (NIC) as firewall's equipment, the company arrives at the internal network together, the company arrives at public Internet together. Firewall's duty, is the achievement “correspondence police”, directs Bao He to intercept these to have the harm package.

  The package of filtration firewall inspects each to spread to the package, examination package of available basic information (source address and destination address, port number, agreement and so on). Then, with the rule which sets up compares these information. If already set up has blocked telnet the connection, but wraps the goal port is 23, then this package will be discarded. If allows to spread to the Web connection, but the goal port is 80, then the package will be allowed to pass.

  Many complex rule's combinations are also feasible. If permits the Web connection, but only aims at the specific server, the goal port and destination address the two must match with the rule, only then may let this package pass.

  Finally, may be firmly settled when a package arrives, if to this package does not have the rule to define, will then have any matter. Usually, for safety, with spread to the package which the rule did not match to discard. If has the reason to let this package pass, must establish the rule to process it.

  The establishment package of filtration firewall rule's example is as follows:

  To comes from the private network the package, only allows from the dummy home address package to pass, because other pockets contain not the correct package forehead information. This rule may prevent the network interior anybody initiates the attack through the fraudulence source address. Moreover, if the hacker had to the private network internal machine had not known from where came the visit power, this filtration way might prevent the hacker to initiate the attack from the network interior.

  In the public network, only permits the destination address is 80 port's packages passes. This rule permits the connection which spreads is only the Web connection. This rule also permits and the Web connection use same port's connection, therefore it is not very safe.

 
Other pages: : 1 * 2 * 3 * 4 * 5 * 6 * 7 * Next>>
Prev:One make the supercomputer firewall Next:Understands the source Linux firewall generator

Comment:

Category: Home > firewall
Home