网络安全理论与技术09—防火墙解剖.ppt

  1. 1、本文档共106页,可阅读全部内容。
  2. 2、原创力文档(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。
  3. 3、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载
  4. 4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
查看更多
* Table 9.1, from the text gives some examples of packet filtering rule sets. In each set, the rules are applied top to bottom. The * in a field is a wildcard designator that matches everything. We assume that the default discard policy is in force. A. Inbound mail is allowed port 25 is for SMTP incoming , but only to a gateway host. However, packets from a particular external host, SPIGOT, are blocked. B. This is an explicit statement of the default policy, usually implicitly the last rule. C. This rule set is intended to specify that any inside host can send mail to the outside. A TCP packet with a destination port of 25 is routed to the SMTP server on the destination machine. Problem is that 25 as SMTP is only a default; an outside machine could be configured to have some other application linked to port 25. D. This rule set achieves the intended result that was not achieved in C. This rule set allows IP packets where the source IP address is one of a list of designated internal hosts and the destination TCP port number is 25. It also allows incoming packets with a source port number of 25 that include the ACK flag. This takes advantage of a feature of TCP connections that once set up, the ACK flag of a TCP segment is set to acknowledge segments sent from the other side. E. This rule set is one approach to handling FTP which uses two TCP connections: a control connection and a data connection for the actual file transfer. The data connection uses a different dynamically assigned port number for the transfer. Most servers, and hence most attack targets, live on low-numbered ports; most outgoing calls tend to use a higher-numbered port, typically above 1023. Rule set E points out the difficulty in dealing with applications at the packet filtering level. * A firewall is positioned to provide a protective barrier between an external, potentially untrusted source of traffic and an internal network. With that general principal in mind, a security administrator mu

文档评论(0)

5201394 + 关注
实名认证
内容提供者

该用户很懒,什么也没介绍

1亿VIP精品文档

相关文档