5. Stateful and stateless packet filtering

A packet filter is a multi-port system placed between two networks and responsible for filtering IP packets using filtering rules. The filtering rules implemented in packet filters are commonly referred to as ACLs, for Access Control List.

Filtering is based on the information usually found in the header of IP and TCP packets [7] :

protocol numbers ;
source and/or destination IP addresses ;
source and/or destination port numbers (included in the TCP or UDP (User Datagram Protocol ) message);
TCP connection flags ;
other options.

This filtering is implemented in the network layer, i.e. in the kernel of an operating system (§

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed? Log in!

Ongoing reading
Stateful and stateless packet filtering

Previous
page Filtering at a glance

Application-level gateway (proxy and reverse-proxy)

Article included in this offer

"Security of information systems"

( 86 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Bibliography

(1) - ANSSI - Recommandations pour la définition d'une politique de filtrage réseau d'un pare-feu. - mars 2013 https://www.ssi.gouv.fr/uploads/IMG/pdf/NP_Politique_pare_feu_NoteTech.pdf

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed? Log in!