-
March 7th, 2005, 12:45 PM
#1
Member
types of fire walls
N00B Q
so hope u guys dont flame me for it but what are the different types of firewalls as in differrent ways they work in for eg:
the one in my univ works on the basis of certain letters or words in the URL which it blocks internal access to are there different ways of doing the same thing
thanx in advance for any info provided
anything that doesn\'t kill you or your dreams only makes you stronger
-
March 7th, 2005, 12:57 PM
#2
Primary functionality of firewalls is to block&filter in/out going tarffik,packets.
1) software firewalls that you are installing on local pc.
2) server based firewalls that installed on servers
3) hardware firewalls like router with build in firewall
3.1) hardware firewalls like router with build in firewall and antivirus
Other adds like clear cookies is just added mudules - makes a suite of software -> few function in one program set.
// too far away outside of limit
-
March 7th, 2005, 12:57 PM
#3
Junior Member
Re: types of fire walls
Originally posted here by ark_templar
N00B Q
so hope u guys dont flame me for it but what are the different types of firewalls as in differrent ways they work in for eg:
the one in my univ works on the basis of certain letters or words in the URL which it blocks internal access to are there different ways of doing the same thing
thanx in advance for any info provided
If it's filtering based on content, then it's more than likely an application layer proxy, not technically a firewall. The terminology has become more than a little skewed as perimeter devices become more and more integrated, but traditional firewalls did not have the ability to make these kinds of decisions. Traditionally, firewalls work only on network layer information, such as IP addresses and ports. Today, though, people commonly refer to any device that filters at the perimeter as a firewall. There are basically as many types of these as there are layers in the OSI model. The only differentiation is the amount of the packet that is processed.
For example, it doesn't take long for a traditional firewall to process a packet up to the network layer and make a decision based on an IP address. It takes much more time for a packet to be processed to the application layer, it's actual content, and have a decision made on the actual payload. The benefits are usually worth it, though. A network layer firewall can say "Don't allow this traffic in on port 81, because I'm only accepting web traffic on port 80." An application layer firewall can say "Don't allow this traffic in on port 80 because I only allow web traffic in, and the payload of this packet does not contain HTTP traffic."
Hope this helps.
\"I would like to electrocute everyone who uses the word \"fair\" in connection with income tax policies.\"
- William F. Buckley Jr.
-
March 7th, 2005, 01:23 PM
#4
It seems we are continuing to see more questions like this.
Though I am drunk, ( disclaimer here, I've been working on something else, AFTER working 12 hours ) I am glad to see someone make the distinction between “ firewall “ and some type of filter ( “ proxy “ ).
I hope pennconservativ's response makes as much sense when I'm sober as it does when I am drunk!
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
-
March 7th, 2005, 03:37 PM
#5
Re: types of fire walls
Originally posted here by ark_templar
N00B Q
so hope u guys dont flame me for it but what are the different types of firewalls as in differrent ways they work in for eg:
the one in my univ works on the basis of certain letters or words in the URL which it blocks internal access to are there different ways of doing the same thing
thanx in advance for any info provided
try this: http://www.google.com/search?hl=en&q...all+definition
and you will be surprised how many good info you will receive.
After some reading, please return here and bring your doubts
Meu sítio
FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
If I die before I sleep, I pray the Lord my soul to encrypt. If I die before I wake, I pray the Lord my soul to brake.
-
March 7th, 2005, 03:49 PM
#6
I did that while you were writing this post I think ..
Anyway if you follow this link and read the entire article , I'm sure you'll know the difference by then ... so as "cacosapo" said , if you have any more questions don't hesitate.
Gr33tz,
C.
Back when I was a boy, we carved our own IC's out of wood.
-
March 8th, 2005, 03:48 AM
#7
Brief Descriptions of Some Firewall Technologies:
Circuit-Level: Allows packet flow by approved IP’s, ISP’s, networks, etc. After the session is established, all other packets flow unchecked.
Application-gateway: Filters by IP and the specific application, while it may be busy blocking some apps – it will also allow approved apps to be executed.
What is an XML-application firewall?
“XML-application firewalls are a line of defense created to secure Web services.”
“…works at the application level using an in-depth knowledge of the Web services, service requestors, and message content.”
http://insight.zdnet.co.uk/software...,2129443,00.htm
Stateful Inspection: examines and analyzes the entire packet for the purpose of determining what type of data is attempting to pass through the firewall.
Packet-Filtering: allows communications only with specific IP’s by monitoring the packets.
***Note: Some firewalls combine several technologies to accomplish their goal. Why not build your own?
Cheers
Connection refused, try again later.
-
March 8th, 2005, 05:21 AM
#8
Hi
"Newbie Questions" often are fruitful, because they might force
you to think about it once more - and more carefully. Some good
statements have been made here already, but allow me to go
through it myself. Cemetric's link, although I just scanned it,
seems to be excellent.
The firewall is a type of a gateway (in its broader sense), like
router, authentication server etc. Its function is to apply a
set of predefined rules in order to allow, discard or redirect
packets - or even repackage them.
There are (ordered by functionality)
- packet filters, on network layer,
which use access control lists. They are application-independent,
they look at the header only, what makes them fast, but has low
security, since it does not look at the content nor does it remember
the state of the connection.
- proxy firewall, works on several layers,
which, first of all, breaks the direct connection (security measure!),
and second, also decides base on some kind of list.
- proxy firewall circuit-level proxy, works on the network layer,
and decides based on header information only. However, due to the explicit
breaking of the connection, the circuit-level proxy is more than just a packet filter.
- proxy firewall application-level proxy, works up to the application level,
since it also checks the content of the packet. Nevertheless, these are quite
complicated to configure properly, since in-depth knowledge of the
protocols is often needed.
- statefull firewalls[1], can go up to the application layer,
which in addition to checking header and data, also keeps track of the
state of the communication (CLOSED, LISTEN, SYN-SENT/RCVD,ESTABLISHED),
even for UDP.
Next step: How do you setup/chain firewalls on you network.
Cheers
[1] http://www.samspublishing.com/articl...?p=373120&rl=1
If the only tool you have is a hammer, you tend to see every problem as a nail.
(Abraham Maslow, Psychologist, 1908-70)
-
March 8th, 2005, 09:46 AM
#9
Not exactly sure where other people have pulled their firewalls from, however plan on taking the CISSP exam the following information will be most useful to you.
In order of generation/order developed:
[list=1][*]Packet Filtering : A basic ACL firewall operating at the Network or Transport level.[*]Application Level : These are typically proxying firewalls and run in level seven of the OSI model. Circuit Level firewalls are a variation on the application level that maintains a virtual circuit between the client and the firewall server[*]Stateful Inspection : These operate at the network level and analyze traffic at all OSI levels. By using a state table and operating at a lower level than the application firewalls this firewall is able to offer better performance, a more complete scan of the packets and tracking of "connectionless" protocols like UDP and RCP based applications.[*]Dynamic Packet Filtering : a dynamic firewall that enables real time rule changes, mostly used to provide UDP support. It remembers all UDP traffic for a short time and makes judgements (based on rules of course) on what to and not to allow.[*]Kernel Proxy : a modular, kernel based, multi-layer firewall that runs in the NT executive and utilizes dynamic and custom TCP/IP based stacks to inspect traffic and enforce applicable security policies.[/list=1]
Additionally you have new firewalls like Sidewinder G2 which uses multi-level labeling and strong typing to go along with its filtering.
Also you have "application firewalls" this is different to "application level" firewalls. These "firewalls" do not filter network traffic and are more technically refered to as "sandboxes" though they do offer improved functionality over traditional sandboxes via advanced input and output filtering.
Lastly, there is no such thing as a "hardware firewall" no reputable vendor uses this term. The correct term is "dedicated firewall" or "appliance firewall" because the firewall runs on a stripped down system that is designed to be as minimalistic as possible and only function as one of the four firewall types (not application level of course) listed above. Essentially single function systems like this which lack a general purpose OS are called "applicances," you wouldn't say "hardware webserver" (like bodacion HYDRA for example) so why say "hardware firewall.
cheers,
catch
-
March 8th, 2005, 10:59 AM
#10
""A firewall is a set of related programs, located at a network gateway server, that protects the resources of a private network from users from other networks. Basically, a firewall, working closely with a router program, filters all network packets to determine whether to forward them toward their destination. A firewall is often installed away from the rest of the network so that no incoming request can get directly at private network resources. There are a number of firewall screening methods. A simple one is to screen requests to make sure they come from acceptable (previously identified) domain names and IP addresses. For mobile users, firewalls allow remote access in to the private network by the use of secure logon procedures and authentication certificates""
i hope that this is helpful definition...
i wonder how to set up a fire-wall on different levels
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|