Welcome to中国防火墙网
Add to Favorites | Chinese
Hot Tags:
Hot Concern
Random Recommendation
Column list
Position:中国防火墙网>Solutions>
The classification of firewall and actor defect are summed up
From;    Author:Stand originally

Network safetyBecome current one of the most popular topics, a lot of enterprises were used to ensure oneself server or data safetyFirewall. As the development of science and technology, firewall also is accepted by masses place gradually. But, because firewall is to attribute high-tech result, a lot of people still are not understanding to this is very lucid. And the way that this article gave everybody to tell about firewall to work namely, and the ultimate cluster of firewall, and discussed the actor defect of firewall of avery kind of.

   One, the ultimate cluster of firewall

1. The bag filters firewall

generation firewall and firewall of the basiccest form check each network that carry to wrap, perhaps discard, or discharged, depend on an establishs regulation. This calls a bag to filter firewall.

Substantially, the bag filters firewall is much location, make clear it has two or adapter of two above network or interface. For example, the equipment that serves as firewall may have two nets to get stuck (NIC) , link in-house network together, connect common Internet together. The task of firewall, regard “ as communication police ” namely, the bag that how-to bag and cut stay in those having to endanger.

The bag filters firewall examination passes into a bag each times, the practicable in examining a bag is basic information (date of source address and destination location, port, agreement) . Next, compare these information and the regular appearance that create. If had established block to break Telnet link, and the purpose port of the bag is the word of 23, should wrap so can be discarded. If allow to pass into Web join, and purpose port is 80, wrap meet by discharged.

The combination of many complex regulation also is feasible. If allow Web link, but be aimed at specific server only, purpose port and destination location both must match with regular photograph, ability can let this packets pass.

Finally, when can deciding when the bag arrives, if do not have regulation to be defined to this packets, will produce what thing next. Normally, for safe for the purpose of, was discarded with the bag that passes into regulation not to match. If reason lets this packets pass, be about to build regulation to handle it.

Build a bag to filter the example of firewall regulation is as follows:

The bag of special to coming from network, allow to come from the bag of in-house location to pass only, because other parcel contains incorrect Baotou department information. The anyone that this regulation can prevent network interior passes the source address that cheats a gender to launch attack. And, if the hacker is opposite,in-house machine appliance had special network not to know to counterpoise from He Delai's visit, this kind filters means can prevent a hacker to launch attack from network interior.

In public network, allow destination location to be passed for the bag of 80 port only. The link that this regulation allows to pass into only is Web join. This regulation also allows to use the connection of identical port with Web join, so it is not very safe.
Previous12 Next

Previous:Firewall ABC and common and relevant term
Next:Firewall function index is described
About us | Legal Notices | Sitemap | Links | Partner