Skip to Content
Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition
book

Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition

by William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin
February 2003
Intermediate to advanced
464 pages
12h 50m
English
Addison-Wesley Professional
Content preview from Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition

Chapter 11. Firewall Engineering

Once upon a time, all firewalls were hand-constructed, perhaps from software obtained from various pioneers at DEC and TIS. For these early gateways, packet filtering was easy, but not very sophisticated, which meant that it was not very safe. There were no tools to keep track of TCP sessions at the packet level. (Two of us, Steve and Bill, designed a dynamic packet filter in September, 1992, based mostly on off-the-shelf components, but the implementation looked complex enough that it scared us off.)

Gateways back then were mostly at the application level. We built filters for FTP and SMTP access. Circuit gateways allowed modified clients to make connections to the Internet without IP connectivity—between intranet ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

You might also like

Firewalls Don't Stop Dragons: A Step-by-Step Guide to Computer Security and Privacy for Non-Techies

Firewalls Don't Stop Dragons: A Step-by-Step Guide to Computer Security and Privacy for Non-Techies

Carey Parker
Network Security First-Step, Second Edition

Network Security First-Step, Second Edition

Thomas M. Thomas, Donald Stoddard

Publisher Resources

ISBN: 020163466XPurchase book