Kinaro's Blog of Things

Firewalls

by Felix Kinaro About 2 min reading time

Firewalls are the most basic line of defense in a network.
There are two types of firewalls.

Firewall architectures

Packet Filtering Firewalls

The firewall inspects every packet entering the network and either allows it or drops it based on a set of predefined set of rules. This type of firewall is susceptible to IP spoofing attacks, where a malicious actor sends modified packets that seem to originate from a trusted host. Despite being fairly effective and transparent, packet filtering firewalls are difficult to set up.

Proxy server

A proxy server intercepts all incoming and outgoing traffic for a network, effectively hiding the network addresses for all devices. The most common type of proxy server is a NAT or Network Address Translation firewall. Incoming traffic is through a single IP address, and the same is true for all outgoing traffic. One downside of this is that if you have many devices using a single IP, online services may be blocked on suspiscion of being a Denial of Service(DoS) attack due to the large number of packets transmitted.

Next Generation Firewalls

They work by taking into consideration the applications running on a server or traffic to specific ports. They blend firewall features and Quality of Service functionalities in order to provide enhanced protection.

Follow me on Twitter @0xOOOOK