Explain Packet-Filter Firewalls?

Firewalls – Packet Filters: Simplest, fastest firewall component

  1. foundation of any firewall system
  2. examine each IP packet (no context) and permit or deny according to rules
  3. hence restrict access to services (ports)
  4. possible default policies
    • that not expressly permitted is prohibited
    • that not expressly prohibited is permitted

Untitled

Untitled

Attacks on Packet Filters:

  1. IP address spoofing
    • fake source address to be trusted
    • add filters on router to block
  2. source routing attacks
    • attacker sets a route other than default
    • block source routed packets
  3. tiny fragment attacks
    • split header info over several tiny packets
    • either discard or reassemble before check

Leave a Reply

Your email address will not be published. Required fields are marked *