Traffic Filtering
Traffic filtering is a method used to enhance network security by filtering network traffic based on many types of criteria.
Packet Filtering
Packet filtering is a method of enhancing network security by examining network packets as they pass through routers or a firewall and determining whether to pass them on or what else to do with them. Packets may be filtered based on their protocol, sending or receiving port, sending or receiving IP address, or the value of some status bits in the packet. There are two types of packet filtering. One is static and the other is dynamic. Dynamic is more flexible and secure as stated below.
Static Packet Filtering
Does not track the state of network packets and does not know whether a packet is the first, a middle packet or the last packet. It does not know if the traffic is associated with a response to a request or is the start of a request.
Dynamic Packet Filtering
Tracks the state of connections to tell if someone is trying to fool the firewall or router. Dynamic filtering is especially important when UDP traffic is allowed to be passed. It can tell if traffic is associated with a response or request. This type of filtering is much more secure than static packet filtering.
Source Routing
In source routing, packets contain header information describing the route they are to take to the destination. Source routing is a security concern when an attacker may gain access to a network that has access to yours without going through your firewall.
Source routing should be disabled on network routers, especially at the network perimeters. Hackers may be able to break through other friendly but less secure networks and get access to your network using this method.
No comments:
Post a Comment