Firewall’s Goals
1. All traffic must pass through the wall
2. Only authorized traffic is allowed to pass
3. Immune to penetration
Techniques
1.Service Control — "This IP is blocked"
2.Direction Control — "Currently we only allow outside traffic"
3.User Control — "You are not allowed to get in"
4.Behavior Control — "You can’t send spams to me"
Types of Firewall
1.Packet-filtering Router — Filtering based on info in TCP/IP headers, including
a.Source IP
b.Destin IP
c.TCP Port number
d.IP Protocol Field
e.Rooter’s Interface (Interface for inside traffic or for outside traffic)
2.Application-level Gateway = Proxy, inspecting application-level messages
a.Advantage: More secure than packeting-filter
b.Disadvantage: Too much additional overhead
3.Curcuit-level Gateway