Previous Page | Next Page

  1. Introduction
  2. Your Needs
  3. What to Protect
  4. Security Policies
  5. Security Policy Requirements
  6. Incident Procedures
  7. Security Categories
  8. Software Vulnerability Control
  9. Hostile Software
  10. Network Layout
  11. Traffic Filtering
  12. Mail
  13. Firewall Protection
  14. Network Intrusion Detection
  15. Network Port Scanning
  16. Network Tools
  17. Passwords
  18. Types of Attacks
  19. Protocol Use
  20. Entry Points
  21. Cost
  22. Application Level Protection
  23. System Protection
  24. User Issues
  25. Other Recommendations
  26. Terms
  27. Credits

Traffic Filtering

Traffic filtering is a method used to enhance network security by filtering network traffic based on many types of criteria.

Packet Filtering

Packet filtering is a method of enhancing network security by examining network packets as they pass through routers or a firewall and determining whether to pass them on or what else to do with them. Packets may be filtered based on their protocol, sending or receiving port, sending or receiving IP address, or the value of some status bits in the packet. There are two types of packet filtering. One is static and the other is dynamic. Dynamic is more flexible and secure as stated below.

Static Packet Filtering

Does not track the state of network packets and does not know whether a packet is the first, a middle packet or the last packet. It does not know if the traffic is associated with a response to a request or is the start of a request.

Dynamic Packet Filtering

Tracks the state of connections to tell if someone is trying to fool the firewall or router. Dynamic filtering is especially important when UDP traffic is allowed to be passed. It can tell if traffic is associated with a response or request. This type of filtering is much more secure than static packet filtering.

Source Routing

In source routing, packets contain header information describing the route they are to take to the destination. Source routing is a security concern when an attacker may gain access to a network that has access to yours without going through your firewall.

Source routing should be disabled on network routers, especially at the network perimeters. Hackers may be able to break through other friendly but less secure networks and get access to your network using this method.