Packet-filtering gateways
Packet-filtering firewalls use routers with packet-filtering rules to grant or deny access based on source address, destination address, and port. They offer minimum security, but at a very low cost, and can be an appropriate choice for a low-risk environment. They are fast, flexible, and transparent. Filtering rules are not often easily maintained on a router, but there are tools to simplify the tasks of creating and maintaining the rules. Filtering gateways do have inherent risks, including the following:
- The source and destination addresses and ports contained in the IP packet header are the only information that is available to the router when deciding on whether to permit traffic access to an internal network.
- They don't protect against IP or Domain Name Server/Service (DNS) address spoofing.
- An attacker will have direct access to any host on the internal network once access has been granted by the firewall.
- Strong user authentication isn't supported with some packetfiltering gateways.
- They provide little or no useful logging.
In this tutorial:
- Firewall Security Policy
- Firewall protection
- Firewall architectures
- Multi-homed host
- Screened host
- Screened subnet
- Types of firewalls
- Packet-filtering gateways
- Application gateways
- Hybrid or complex gateways
- Routing versus forwarding
- IP spoofing
- DNS and mail resolution
- Intranet
- Network trust relationships
- Virtual private networks
- Qualification of the firewall administrator
- Remote firewall administration
- Firewall backup
- System integrity
- Physical firewall security
- Firewall incident handling
- Upgrading the firewall
- Revision/update of firewall policy
- Examples of service-specific policies