I'm very interested in Internet security and enjoyed your article very much. It was great reading about the two types of firewalls. D. Lynn Walker walkerlynn37@xxxxxxxxxxxxx "To ask a hard question is simple," W. H. Auden > [Original Message] > From: Vally Sangeetha Balakrishnan <vally_balak@xxxxxxxxx> > To: <cisb102sp04@xxxxxxxxxxxxx> > Date: 2/21/2004 9:06:31 PM > Subject: [cisb102sp04] cisb 102 Lesson 3 QS.6 > > From Vally Balakrishanan vally_balak@xxxxxxxxx > > URL : http://www.freebsd.org > > The topic I chose is firewalls > > There are currently two distinct types of firewalls in common use on > the Internet today. The first type is more properly called a packet > filtering router. This type of firewall utilizes a multi-homed machine > and a set of rules to determine whether to forward or block individual > packets. A multi-homed machine is simply a device with multiple network > interfaces. The second type, known as a proxy server, relies on daemons > to provide authentication and to forward packets, possibly on a > multi-homed machine which has kernel packet forwarding disabled. > > Sometimes sites combine the two types of firewalls, so that only a > certain machine (known as a bastion host) is allowed to send packets > through a packet filtering router onto an internal network. Proxy > services are run on the bastion host, which are generally more secure > than normal authentication mechanisms. FreeBSD comes with a kernel > packet filter (known as IPFW). > > People often think that having a firewall between your internal network > and the ``Big Bad Internet'' will solve all your security problems. It > may help, but a poorly set up firewall system is more of a security > risk than not having one at all. A firewall can add another layer of > security to your systems, but it cannot stop a really determined > cracker from penetrating your internal network. If you let internal > security lapse because you believe your firewall to be impenetrable, > you have just made the crackers job that much easier. > > > > __________________________________ > Do you Yahoo!? > Yahoo! Mail SpamGuard - Read only the mail you want. > http://antispam.yahoo.com/tools