Chapter 2. Packet Filtering

Packet filtering is one of the oldest and most widely available means to control access to networks. The concept is simple: Determine whether a packet is allowed to enter or exit the network by comparing some basic identifying pieces of information located in the packet's header. Packet-filtering technology can be found in operating systems, software and hardware firewalls, and as a security feature of most routers.

The goal of this chapter is to explore the highlights and weaknesses of packet-filtering technology and how to implement this technology successfully. We discuss the basics of TCP/IP and how it applies to packet filtering, along with the rules of how to implement packet filters using Cisco router access lists. ...

Get Inside Network Perimeter Security, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.