Firewall types -Short tut
Not really a tutorial but some nice info.
Packet Filter Firewalls
Packet filters determine whether packets can enter or exit a network. The firewall examines the TCP/IP header and accepts or rejects it. Packet filters are based on a set of predefined rules.
-does not impede traffic (network performance does not suffer)
-simple to implement
-provide logging facilities
-transparent to end users
-cannot prevent ip spoofing
-are passable by crackers/hackers
-poor config/rules can allow access
application gateways are also known as a proxy. these proxies restrict network traffic to a specified application. ie http or ftp.
-data is transferred to specific applications
-provides no direct connection to the internet from within a network (ie business or school)
-a proxy must be built for each app
-can impose a small overhead on a network
-if the proxy fails then access is lost
Circuit Level Gateways
they use a proxy, but can only filter on the basis of header information in the IP packets. TCP connections are relayed to determine whether they are authorized. Packets are not filtered or processed.
Stateful Inspection Firewalls (Dynamic packet filters)
Packet filtering rules are used. All the data in the packets from the network layer up to the application layer is examined. These firewalls verify if the connection is legitimate. They also remember port numbers used by applications; once an application is closed the firewall closed the open port.
combination of Stateful Inspection and Application Gateway firewalls.