Browse by Subject
Abbreviations
Actors
Aircraft
Architecture
Computer Viruses
Costume
Dictionary
Food & Drink
Gazetteer
General Information
Heraldry
Language
Latin
Medicine
Money
Movies
Music
Mythology
Nature
People
Recreation
Rocks & Minerals
SciTech
Shakespeare
Ships
Slang
Warfare

Downloads
e-Books

The Probert Encyclopaedia of Science & Technology

FIREWALL

In computing, a firewall is a system that is set up to control traffic flow between two networks.
Firewalls are most commonly specially configured Unix systems, but firewalls have also been built out of many other systems, including systems designed specifically for use as firewalls. The most common firewall today is CheckPoint FireWall-1, but competitions such as Cisco's PIX are quickly catching up on CheckPoint. One type of firewall is the packet filtering
firewall. In a packet filtering firewall, the firewall examines five characteristics of a packet: Source IP address Source port Destination IP address Destination port IP protocol (TCP or UDP) Based upon rules configured into the firewall, the packet will either be allowed through, rejected, or dropped. If the firewall rejects the packet, it sends a message back to the sender letting him know that the packet was rejected. If the packet was dropped, the firewall simply does not respond to the packet. The sender must wait for the communications to time out. Dropping packets instead of rejecting them greatly increases the time required to scan your network. Packet filtering
firewalls operate on Layer 3 of the OSI model, the Network Layer. Routers are a very common form of packet filtering
firewall. An improved form of the packet filtering firewall is a packet filtering firewall with a stateful inspection engine. With this enhancement, the firewall 'remembers' conversations between systems. It is then necessary to fully examine only the first packet of a conversation. Another type of firewall is the application-proxy firewall. In a proxying firewall, every packet is stopped at the firewall. The packet is then examined and compared to the rules configured into the firewall. If the packet passes the examinations, it is re-created and sent out. Because each packet is destroyed and re-created, there is a potential that an application-proxy
firewall can prevent unknown attacks based upon weaknesses in the TCP/IP protocol suite that would not be prevented by a packet filtering firewall. The drawback is that a separate application-proxy must be written for each application type being proxied. You need an HTTP proxy for web traffic, an FTP proxy for file transfers, a Gopher proxy for Gopher traffic, etc. Application-proxy firewalls operate on Layer 7 of the OSI model, the Application Layer. Application-gateway firewalls also operate on Layer 7 of the OSI model. Application-gateway firewalls exist for only a few network applications. A typical application-gateway firewall is a system where you must telnet to one system in order telnet again to a system outside of the network. Another type of application-proxy firewall are SOCKS firewalls. Where normal application-proxy firewalls do not require modifications to network clients, SOCKS
firewalls requires specially modified network clients. This means you have to modify every system on your internal network which needs to communicate with the external network. On a Windows or OS/2 system, this can be as easy as swapping a few DLL's.
Research Firewall

 
  
Home  Publishers  Quiz  Products  FAQ  Privacy Policy  Add URL Contact  Site Map