Intrusion Detection (Stateful Inspection)

Previous page
Table of content
Next page

A stateful inspection device operates in a manner similar to a packet-filtering firewall in that it also examines the source and destination addresses of every packet that passes its way. However, a packet filter is never aware of the context of any communication. Each packet that passes through it is treated on an individual basis. A firewall that employs stateful inspection techniques attempts to keep track of requests and responses to be sure they match.

This type of firewall maintains tables of information about current connections so that it can determine whether incoming packets are unsolicited or whether they are in response to a request that was made by a user on the internal network. Another name sometimes used for this type of firewall is dynamic packet filter .

When a connection terminates, the firewall removes the reference from its internal table so that an external source cannot use it to gain entry again.

Many proprietary stateful inspection firewall products are on the market today. Study the documentation of this type of product before you make a purchase so that you can fully understand how it operates.


Previous page
Table of content
Next page
Upgrading and Repairing Networks
Upgrading and Repairing Networks (5th Edition)
ISBN: 078973530X
EAN: 2147483647
Year: 2003
Pages: 434
Authors: Scott Mueller, Terry William Ogletree, Mark Edward Soper
BUY ON AMAZON
VBScript Programmers Reference
Image Processing with LabVIEW and IMAQ Vision
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
The Java Tutorial: A Short Course on the Basics, 4th Edition
The Oracle Hackers Handbook: Hacking and Defending Oracle
DNS & BIND Cookbook
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy