Welcome to Bucaro TecHelp!

Bucaro TecHelp
Maintain Your Computer and Use it More Effectively
to Design a Web Site and Make Money on the Web

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Each year 1.5 million shelter animals are euthanized (670,000 dogs and 860,000 cats). Source: ASPCA. The solution is not to shelter unwanted pets, but to SHUT DOWN THE PET MILLS. Anyone who wants a pet will just have to adapt a great pet from a shelter.

Firewall Rules

The purpose of a network firewall is to protect computer and IT resources from malicious sources while allowing internal network users to access the Internet. Today networks use "stateful" firewalls. A stateful firewall monitors the dynamic state of data flow and makes decisions on whether to block or allow data to pass based upon advanced rules.

But in the past all firewalls were "stateless" and made decisions on whether to block or allow data to pass by examining individual packets against the firewall's Access Control List (ACL). This type of firewall was also called a "packet filtering" firewall.

An ACL uses IP address masks to specify what should be permitted and denied. ACL masks are opposite normal IP address masks in that an 0 indicates that the address bits must be an exact match and a 1 in the mask is a "don't care". You can create an ACL masks by subtracting the IP addresses normal mask from

permit ip any
permit ip any
permit ip any
permit ip any
deny ip any any

An ACL then is a list of rules with statements to permit or deny the passage of packets with specific ranges of IP addresses. The rules can be applied to either the inbound or the outbound traffic. At the end of the ACL, by default, there is an implicit deny rule that blocks all traffic for which there is not a rule.

A packet filter firewall alone cannot detect some attacks from the transport layer and application layer, such as TCP SYN flooding and malicious Java applets. The Application Specific Packet Filter (ASPF) specification was proposed to address these issues. An ASPF firewall implements application layer and transport specific packet filtering.

More Network Security Articles:
• How a Firewall Provides Network Security
• NMAP (Network Mapper) Port Scanner
• How to Protect Your Business From a Cyber Attack
• Types of Computer Security Threats
• ARP, MAC, Poisoning, and WiFi Security
• How to Secure Your Small Business Network
• Designing Physical Network Security
• Denial of Service Attack (DoS) Detection and Mitigation
• Network Security Model - Defining an Enterprise Security Strategy
• Wireless Network Security

RSS Feed RSS Feed

Follow Stephen Bucaro Follow @Stephen Bucaro

Computer Networking Sections

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2018 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268