Advantages and Disadvantage of Packet Filtering firewall   Advantages One screening router can help protect entire network One key advantage of packet filtering is that a single, strategically placed filter can help protect an entire network. If there is only one router that  connects organization site to the Internet, then it provides great advantage on network security, regardless of the size of the site by doing packet filtering on that router.    Packet filtering doesn’t require user knowledge or cooperation Packet filtering does not require any custom software or configuration of client machines. When a packet filtering router let a packet through, the router is indistinguishable from a normal router. This transparency means that the packet filtering can be done without the cooperation and often without the knowledge of users.  Disadvantages  Current filtering tools are not perfect  The rules of packet filtering are hard to configure and once configured, they seem hard to test. The packet filtering capabilities of many products are incomplete and the implementation of certain types of filters is almost impossible. Packet filtering packages may have bugs in them that might fail packet filtering implementation. This may allow few packets to pass into private network without proper checking.    Some rules can’t readily be enforced by normal packet filtering routers The information available to packet filtering router is limited. Packets have information about their host but they cannot tell about the user. So, generally no restrictions can be enforced on particular users. Restriction can be enforced on the users who could access the ports through high level protocols. These protocols ensure that no other user is accessing that port. But that kind of control can easily be subverted. Posted Date: 9/13/2012 5:58:35 AM | Location : United States

Ask an Expert

Your posts are moderated

Write your message here..

Related Questions

Web accessibility initiative standards, Australian government sites were ma... Australian government sites were mandated to conform to at least single 'A' level of the World Wide Web Consortium (W3C) Web Accessibility Initiative (WAI) standards, by the end of

Ipv6 addressing, IPv6 ADDRESSING IPv6 has 128-bit addresses. A 128-bit... IPv6 ADDRESSING IPv6 has 128-bit addresses. A 128-bit address adds network prefix and host suffix. An benefit of IPv6 addressing is that there is address classes i.e. prefix/s

Rsa block and vernam stream ciphers, RSA Block and Vernam Stream Ciphers ... RSA Block and Vernam Stream Ciphers This assignment involves writing two small Python scripts and a report. Before you start you must download the ?le summarysheets.zip from th

Vulnerability scanners, VULNERABILITY SCANNERS Active vulnerability scan... VULNERABILITY SCANNERS Active vulnerability scanners scan networks for detailed information, it initiate traffic to determine security holes. This scanner identifies usernames a

Explain the rsa algorithm, Question: (a) What is the minimum length of... Question: (a) What is the minimum length of a password that could be considered to be "strong" in the context of today's computing power? (b) The security of a PIN system,

Corresponding access control matrix, Consider a computer system with three ... Consider a computer system with three users: Alice, Bob and Cindy. Alice owns the file alicerc, and Bob and Cindy can read it. Cindy can read and write the file bobrc, which Bob ow

Plaintext, how to encryt the data in plaintext cipher how to encryt the data in plaintext cipher

Example of an attack against a windows, The objective of this example is to... The objective of this example is to demonstrate the steps required for a successful attack against a vulnerable Windows XP SP2 system. It will show: a) how Nessus can be used to di

Nstissc security model, NSTISSC SECURITY MODEL The NSTISSC Security Model ... NSTISSC SECURITY MODEL The NSTISSC Security Model provides a detailed perspective on security. While the NSTISSC model covers the 3 dimensions of information security, it removes

Discuss five alternative testing techniques, QUESTION Testing of a Busi... QUESTION Testing of a Business Continuity Plan (BCP) does not need to be costly or to interrupt the daily operations of the business. The result of the test should also be look