Packet Filters
Packet filters are host-based or appliance-based applications, which block or allow network traffic based on a set of rules defined by the administrator. They are the central piece of software in a firewall, and the terms firewall and packet filter are frequently used interchangeably. The term packet filter originated in the context of BSD operating systems.
Commonly used packet filters on various versions of Unix are ipf (various), ipfw (FreeBSD/Mac OS X), pf (OpenBSD, and all other BSDs), iptables/ipchains (Linux).
The administrator starts the packet filtering process on the device, composes the set of rules to which the incoming network traffic should be applied and those rules either permit or deny the traffic based upon those rules.
Modern packet filters can filter traffic based on many packet attributes like source IP, source port, destination IP or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, netblock of originator, domain name of the source, and many other attributes.
These functions mainly work on the 3. and 4. OSI- Layer.
| History of Firewalls | |||
| Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms... | |||
|
|
|||
| Computer Virus | |||
| A computer virus is a computer program that can copy itself and infect a computer without permission... | |||
|
|
|||
| Deep Packet Inspection | |||
| Deep packet inspection (DPI) is a form of computer network packet filtering that examines the data part... | |||
|
|
|||
| Intrusion Prevention System | |||
|
An intrusion prevention system is a computer security device that exercises access control to protect... |
|||
|
|
|||
| Morris Worm | |||
| The Morris worm or Internet worm was one of the first computer worms distributed via the Internet... | |||
|
|
|||
