- Posts: 1
- Thank you received: 0
What is Stateful Packet Inspection ?
20 years 8 months ago #2961
by zaq
What is Stateful Packet Inspection ? was created by zaq
hi ! I just want to know what is it for and how it is being implemented ?
thanx !
thanx !
20 years 8 months ago #2967
by Cheetah
Kind Regards,
<b>Cheetah</b>
<i>The outcome of devotion is, quality!</i>
Replied by Cheetah on topic Re: What is Stateful Packet Inspection ?
Hi
Stateful packet inspection is a feature in firewalls which inspects the state of the packets traversing through the firewall. Some of the states are NEW, RELATED, ESTABLISHED etc.
Stateful packet inspection is used in iptables.
Let me have a look on my "favorites" collection for giving you a nice link where you can find more details.
Regards
Cheetah
Stateful packet inspection is a feature in firewalls which inspects the state of the packets traversing through the firewall. Some of the states are NEW, RELATED, ESTABLISHED etc.
Stateful packet inspection is used in iptables.
Let me have a look on my "favorites" collection for giving you a nice link where you can find more details.
Regards
Cheetah
Kind Regards,
<b>Cheetah</b>
<i>The outcome of devotion is, quality!</i>
20 years 8 months ago #2973
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: What is Stateful Packet Inspection ?
Stateful inspection is what every half decent firewall these days uses.. basically in the old days, firewalls were dumb... they merely matched a packet with the ruleset and then either dropped or accepted it.. stateful inspect means the firewall maintains an internal state table which tracks the status of the connection.. it 'understands' that a packet is part of a previously established connection, and thus lets it pass... so lets say you tried to send an ACK packet past the firewall, it would be smart enough to know that this packet is not a part of a previously established connection so it will not let it go...
In short.. it tracks what connections are open and allows their packets to pass.. this can also save on processing time as if a packet matches a particular connection, it doesnt need to be checked against the other rules since that connection has already been allowed.
In short.. it tracks what connections are open and allows their packets to pass.. this can also save on processing time as if a packet matches a particular connection, it doesnt need to be checked against the other rules since that connection has already been allowed.
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
20 years 8 months ago #2978
by dreamer
Replied by dreamer on topic Re: What is Stateful Packet Inspection ?
Hi,
I'm sorry I know I'am new around here. But isn't there a difference between stateful packet inspection en stateful packet filtering? I believe that stateful packet inspection builds on stateful packet filtering (what has been defined above) and also has the ability to check payload within a packet. This allows to check that the content matches the expected service it is communicating with.
I'm sorry I know I'am new around here. But isn't there a difference between stateful packet inspection en stateful packet filtering? I believe that stateful packet inspection builds on stateful packet filtering (what has been defined above) and also has the ability to check payload within a packet. This allows to check that the content matches the expected service it is communicating with.
20 years 8 months ago #2986
by UHSsncmrm
A scapegoat is often as welcome as a solution...never memorize what you can look up.
Replied by UHSsncmrm on topic Re: What is Stateful Packet Inspection ?
My understanding is that inspection is looking for signatures of traffic flows, filtering takes it a step further and allows you to build rules to stop or permit certain flows.
A scapegoat is often as welcome as a solution...never memorize what you can look up.
20 years 6 months ago #3611
by nessagirl
~~~~~~ oOo ~~~~~~
"£ôve has nôthing tô dô with what yôu are expecting tô get,
it's what yôu are expected tô give -- which is everything."
"£ôve is patient and kind;
It is nôt jealôus ôr prôud;
£ôve is nôt selfish ôr irritable;
£ôve
Replied by nessagirl on topic Re: What is Stateful Packet Inspection ?
Stateful Packet Inspection is a packet filtering technique that intercepts packets until there are enough from a given location to determine the state of the incoming connection. Once enough packets have been gathered and are cleared, they are forwarded to the internal address, which allows communication directly between the internal and external addresses. Stateful packet inspection firewalls are generally faster than application-based firewalls.
~~~~~~ oOo ~~~~~~
"£ôve has nôthing tô dô with what yôu are expecting tô get,
it's what yôu are expected tô give -- which is everything."
"£ôve is patient and kind;
It is nôt jealôus ôr prôud;
£ôve is nôt selfish ôr irritable;
£ôve
Time to create page: 0.142 seconds