Network+

Скачать в pdf «Network+»


8.4 A hacker denied by a dynamic state list


FIGURE



State List


Session between A & B: Last packet #1238 Next packet #1239


Server sending packet #1239

Hacker is denied access because the State List says the firewall should expect packet #1239 next, but instead is receiving #1211, so it rejects the packet.


Client expecting packet #1239


Hacker attempts to get in using packet #1211

Proxy Servers


Proxy servers (also called proxies, for short) act on behalf of a network entity (either client or server) to completely separate packets from internal hosts and from external hosts. Let’s say an internal client sends a request to an external host on the Internet. The request is first sent to a proxy server, where it is examined, broken down, and handled by an application. That application then creates a new packet requesting information from the external server. Figure 8.5 shows the process. Note that this exchange is between applications at the Application layer of the OSI model.



Proxies are good firewalls because the entire packet is dissected, and each section can be examined for invalid data at each layer of the OSI model. For example, a proxy can examine a packet for information contained in everything from the packet header to the contents of the message. Attachments can also be checked for viruses. Messages can be searched for keywords that might indicate the source of a packet.

Скачать в pdf «Network+»