Security Flashcards
How does a firewall work?
It sits between a trusted and untrusted network.
The firewall attempts to stop malicious traffic entering the network.
It can also be configured to prevent certain types of data leaving the network.
In what ways can a firewall protect a network?
Blocks/Allows specific ports.
Blocks/Allows specific IP addresses.
Blocks/Allows certain types of packet.
Maintains information about current connections an only allow packets relevant to these connections through.
Identifies unusual behaviour from a host (sending unusually large amounts of data).
It can act as a proxy server (where all devices retrieve external information from it).
What is a proxy server (firewalls)?
Computers in a network use proxy servers to access external information (web pages, emails etc.)
This means only one is exposed to the outside network.
What are the advantages of using a proxy server?
Only allows proxy services through.
Protocols can be filtered and manipulated.
The rule set is less complex than packet filtering.
What are the disadvantages of using a proxy server?
Protocols are more complex and require multiple authentication steps.
Editing protocols can affect other traffic.
Expensive to implement.
What is packet filtering (firewall)?
The firewall checks IP addresses and port headers sent from the internet against a set of filters to determine whether the packet should be allowed through.
What is state inspection (firewall)?
The firewall examines the content of packets.
It is able to keep a track of the state of connections across the network.