Which of the following are characteristics of a packet filtering firewall ?
c. Filters by session
d. Filters by URL
e. Filters IP addresses, but not ports
The Correct Answer for the given question is Option b. Stateless
Packet Filtering Firewall
Packet filtering firewalls show how the filtration is carried out on the firewall. Packet filtering firewalls use access control lists (ACLs) to separate packets based on protocol IDs, source and destination port numbers, source and destination IP addresses, and packet transmission routes.An ACL specifies the source and destination IP addresses, source and destination port numbers, as well as protocol IDs that should be examined in a packet filtering firewall. By checking the IP, TCP, or UDP headers, the firewall determines whether to accept or decline the packet based on the ACL. The firewall may allow fragment packets if the information in the header matches the ACL. Furthermore, it contains a default method, set by the users, that permits packets to pass even if they do not qualify for the ACL.
A packet filter protects a local network from unwanted intrusion according to predefined rules. Packets of information traverse the Internet in the form of small, independent pieces known as packets. Only small packets that match predefined filtering rules will travel through a node, otherwise they are dropped. A packet filtering firewall’s filtering rules defined at the network layer prove to be highly effective in providing security mechanisms.
Advantages of Packet Filtering Firewall
- One router is all you need:
A major advantage of packet filtering is the fact that you only need one screening router to cover your entire network.
- Fast and highly efficient:
Depending on the destination and source ports and addresses, the packet filtering router is very fast and effective. Other firewall methods, on the other hand, operate more slowly.
Without user knowledge or cooperation, packet filtering operates independently. It won’t be known that packets have been sent until there is something that has been rejected. By contrast, other firewalls require users to install custom software, configure their machines, or undergo specific training.
- Integrated packet filtering in routers:
There are built-in packet filtering capabilities in a number of commonly used routing products. In addition, most sites now have packet filtering capabilities built into their router itself, which makes this technique the most affordable.
Disadvantages of Packet Filtering Firewall
- Filtering based on IP address or port information:
Packet filtering has the biggest disadvantage that it works on IP addresses and port numbers and not on other information such as context or application.
- Stateless packet filtering:
One of the biggest disadvantages of packet filtering is that it does not keep track of past invasions or filtered packets. Because it tests every packet individually and is stateless, hackers are able to easily break the firewall.
- No protection against address spoofing:
By introducing fake IP addresses in packets, hackers can sneak into networks through packet filtering. However, packet filtering doesn’t stop IP spoofing.
- It’s not a perfect solution for all networks:
Putting in highly desirable packet filtering firewalls is a time-consuming and difficult task. The configuration of ACLs can sometimes prove challenging.
Firewall Quiz/ MCQs
Which software prevents the external access to a system
D) Virus checker
Which of the following is a firewall function
b) protocol conversion
c) frame filtering
d) FTP hosting
e) packet filtering
Which of the following are true of a circuit proxy filter firewall
a) Operates at the Session layer and Verifies sequencing of session packets.
b) Operates at the Network and Transport layers.
c) Operates at the Application layer.
d) Examines the entire message contents.
You have a router that is configured as a firewall. The router is a Layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
a) IP address
b) MAC address
c) Session ID
d) Username and password
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
c) Packet filtering
d) VPN concentrator
How does a proxy server differ from a packet filtering firewall?
a) A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network layer.
b) A proxy server includes filters for the session ID as well as the IP address and port number.
c) A proxy server can prevent unknown network attacks, while a packet filtering firewall can only prevent known attacks.
d) A proxy server is used to create a DMZ, while a packet filtering firewall can only be used for screened subnets.