
	Where results make sense

Topic: Packet filter

Related Topics

electronic filter

low pass filter

digital filter

high pass filter

filter mathematics

pipes and filters

band pass filters

filter coffee

filter feeders

filter optics

Filter signal processing

Anti aliasing filter

In the News (Wed 9 Dec 09)

Northern Trust

Marvin Harrison

Peter Chernin

Gary Locke

Match Play

Penelope Cruz

Mickey Rourke

AR Rahman

Danny Boyle

Hugh Jackman

	GeodSoft How-To Harden OpenBSD Using Packet Filter
		Both Packet Filter and IP Filter's normal processing order is to evaluate all the rules and apply the last rule that matches a packet being checked.
		With IP Filter, a state rule applied to the firewall as a whole and once a stream of packets was allowed by a state rule on any interface it would pass through other interfaces, even if there were rules that otherwise would have blocked them.
		Packet Filter or IP Filter, running on a single host, can provide the same kind of strong firewall protection to that host, that one would normally expect from a dedicated firewall using Packet Filter or IP Filter.
	www.geodsoft.com /howto/harden/OpenBSD/firewall.htm (7343 words)

	Inside the Linux Packet Filter \| Linux Journal
		Packet reception is first dealt with at the network card's driver level, more precisely in the interrupt service routine.
		In the case of locally bound packets, this pointer is the address of the ip_local_deliver() function.
		A check is done to assess whether the packet belongs to a raw IP socket, in which case the corresponding handler (raw_v4_input()) is called.
	www.linuxjournal.com /article.php?sid=4852 (3109 words)

	March 2004 - Proxy vs. Packet Filter ... (Site not responding. Last check: 2007-10-22)
		The technology is so commonplace that packet filtering is built into $99 SOHO devices.
		With no IP-layer packets passing directly between the inside and the outside, proxies are inherently immune to most kinds of reconnaissance and spoofing attacks.
		While proxy-based firewalls were struggling to meet the needs of companies with their newfound Internet T1 lines, packet filters stepped up to the challenge and quickly dominated the market.
	infosecuritymag.techtarget.com /ss/0,295796,sid6_iss346_art662,00.html (468 words)

	Evolution of the Firewall Industry
		A dynamic packet filter firewall is a fourth-generation firewall technology that allows modification of the security rule base on the fly.
		Dynamic packet filter firewalls have the same advantages and disadvantages associated with first-generation packet filter firewalls with one notable exception: the advantage of not allowing unsolicited UDP packets onto your internal network.
		Packet filter firewalls generally provide the highest performance, followed by circuit level firewalls, dynamic packet filter firewalls, and application layer firewalls.
	www.cisco.com /univercd/cc/td/doc/product/iaabu/centri4/user/scf4ch3.htm (6515 words)

	BSD Packet Filter
		Packet filters are written in a simple stack-based language and inserted into the running kernel.
		The new filter mechanism is called MPF (Mach Packet Filter) and is an extension of the register-based packet filter [61].
		It replaces an instruction sequence in the register-based packet filter that is used to dispatch among various protocols.
	www.cs.unm.edu /~riesen/prop/node40.html (462 words)

	Linux 2.4 Packet Filtering HOWTO: So What's A Packet Filter?
		A packet filter is a piece of software which looks at the header of packets as they pass through, and decides the fate of the entire packet.
		Under Linux, packet filtering is built into the kernel (as a kernel module, or built right in), and there are a few trickier things we can do with packets, but the general principle of looking at the headers and deciding the fate of the packet is still there.
		Telling the packet filter not to allow any packets to or from the addresses owned by doubleclick.net solves that problem (there are better ways of doing this though: see Junkbuster).
	www.iptables.org /documentation/HOWTO/packet-filtering-HOWTO-3.html (714 words)

	Burning Void--Infrequently Asked Questions for Sysadmins: Packet Filter vs. Proxy Firewalls
		Typically, the comparison performed by the packet filter involves the source address, the source port, the destination address, and the destination port.
		The problem is even greater with UDP; assuming the packet filter permits UDP DNS queries to port 53, the attacker may send UDP packets from port 53 to ports on machines behind the firewall.
		On networks with packet filters, a connection is formed directly between the client and the server.
	www.burningvoid.com /iaq/firewall-type.html (1374 words)

	bpf(4) - Berkeley Packet Filter
		Whenever a packet is received by an interface, all file descriptors listening on that interface apply their filter.
		the number of packets which were accepted by the filter but dropped by the kernel because of buffer overflows (i.e., the application’s reads aren’t keeping up with the packet traffic).
		This is the minimum of the truncation amount specified by the filter and the length of the packet.
	www.gsp.com /cgi-bin/man.cgi?section=4&topic=bpf (1960 words)

	Ethereal Capture Filters
		Filters based on byte offset notation are the most powerful but confusing filters to design.
		Filters based on this notation can capture packets based on any value in any location within the packet.
		This filter is designed to look at the standard offset into the tcp header (tcp[20]) and match the payload with your filter string.
	home.insight.rr.com /procana (1337 words)

	What is Berkeley Packet Filter? - A Word Definition From the Webopedia Computer Dictionary
		The Berkeley Packet Filter (BPF) is a new architecture for user-level packet capture.
		All packets on the network, even those destined for other hosts, are accessible through this mechanism.
		The BSD Packet Filter (BPF) uses a new, register based filter evaluator that is up to 20 times faster than the original design.
	www.webopedia.com /TERM/B/Berkeley_Packet_Filter.html (252 words)

	dynamic packet filter - a Whatis.com definition (Site not responding. Last check: 2007-10-22)
		A dynamic packet filter is a firewall facility that can monitor the state of active connections and use this information to determine which network packets to allow through the firewall.
		With a static packet filter, you would need to permanently allow in replies from all external addresses, assuming that users were free to visit any site on the Internet.
		This kind of filter would allow an attacker to sneak information past the filter by making the packet look like a reply (which can be done by indicating "reply" in the packet header).
	searchnetworking.techtarget.com /sDefinition/0,,sid7_gci212023,00.html (269 words)

	Feature: Porting The PF Stateful Packet Filter (Site not responding. Last check: 2007-10-22)
		Of course, as a pf developer, I'm convinced pf is superior to the other available packet filters, and the fact that ports are done is a sign of appreciation for our work.
		A complete overview of the packet filter including the new features can be found in these slides from Daniel's recent presentation at LinuxForum in Copenhagen, Denmark.
		Packet filter rules assign packets to queues, which saves a separate evaluation of a classification ruleset, and the state engine in pf can use that state entries to assign connections to queues statefully.
	kerneltrap.org /node.php?id=627 (2636 words)

	Packet Filtering
		The Windows 2000 Packet Filtering Interface provides a mechanism that allows a user-mode application or service to specify a set of "filter descriptors" that are used by lower-level TCP/IP components to filter packets.
		Filtering is controls pass/drop of packets based on IP source and destination address and port numbers (and port number range).
		Both techniques for filtering TDI require a thorough understanding on Windows NT device driver programming techniques as well as a thorough understanding of the TDI API that is to be filtered.
	www.ndis.com /papers/winpktfilter.htm (1003 words)

	The BSD Packet Filter: A New Architecture for User-level Packet Capture - McCanne (ResearchIndex) (Site not responding. Last check: 2007-10-22)
		This copying can be minimized by deploying a kernel agent called a packet filter, which discards unwanted packets as early as possible.
		The original Unix packet filter was designed around a stack-based filter evaluator...
		The BSD packet filter: A new architecture for userlevel packet capture.
	citeseer.ist.psu.edu /mccanne92bsd.html (415 words)

	IT Observer - Understanding OpenBSD's Packet Filter
		The pf packet filter drops, passes and modifies packets according to the rules defined in this file [pf.conf].
		For each packet inspected by the filter, the set of rules is evaluated from top to bottom, and the last matching rule decides what action is performed.
		This goal of this document will be i) to introduce the theory of the Packet Filter firewall system and ii) to provide a practical approach to setting up a three-legged firewall for use in a home lan.
	www.ebcvg.com /news.php?id=1942 (308 words)

	ONLamp.com: OpenBSD PF Developer Interview
		What started as a project to safely parse pflogs for generating ASCII logs resulted in security extensions to bpf (berkeley packet filter which is used for capturing packets from the net and reading the pf logs) and privilege separation of pflogd, and tcpdump.
		Instead of forwarding TCP handshake packets as they are seen (when they are valid and allowed), the synproxy intercepts the SYN packet and first completes the TCP handshake itself with the source peer.
		A state entry (created on the initial SYN packet) already contains sequence numbers modulators (used to randomize initial sequence numbers, another feature of pf), which is all the synproxy needs.
	www.onlamp.com /pub/a/bsd/2004/04/15/pf_developers.html (2509 words)

	Detecting and Resolving Packet Filter Conflicts - Adiseshu, Suri, Parulkar (ResearchIndex) (Site not responding. Last check: 2007-10-22)
		Abstract: 1 Packet filters are rules for classifying packets based on their header fields.
		Packet classification is essential to routers supporting services such as Quality of Service (QoS), Virtual Private Networks (VPNs), and firewalls.
		Current techniques for resolving filter conflicts are based on prioritizing conflicting filters, and choosing the higher priority filter.
	citeseer.ist.psu.edu /hari00detecting.html (499 words)

	IP Filter - TCP/IP Firewall/NAT Software
		To see an overview of how IP Filter fits into the overall picture of TCP/IP with your kernel and the order in which the various phases of packet processing is done, click here.
		Thanks to those who have been able to support IP Filter through donations of hardware.
		The mailing list for IP Filter is now archived at: http://marc.theaimsgroup.com/?l=ipfilter This site also supports searching of the IP Filter list archive.
	coombs.anu.edu.au /~avalon/ip-filter.html (754 words)

	SINUS Firewall Page
		The SINUS Firewall is a TCP/IP packet filter for the Linux operating system.
		It is distributed under the GNU General Public Licence and comes with complete source code, as the Linux operating system does.
		Filtering of all header fields in the IP, TCP, UDP, ICMP, IGMP packets.
	www.ifi.unizh.ch /ikm/SINUS/firewall (336 words)

	Daemon News '200207' : '"HOWTO: Transparent Packet Filtering with OpenBSD "' (Site not responding. Last check: 2007-10-22)
		In this article we are going to build a robust, stateful packet filter that uses no IP addresses.
		(Packet Filter) is the packet filtering system in OpenBSD 3.0 and later.
		There are many other uses for this kind of invisible or stealth packet filtering, from segmenting flat corporate networks to building a portable invisible traffic monitoring device.
	ezine.daemonnews.org /200207/transpfobsd.html (957 words)

	6 - Networking
		Unlike a router, packets transfer through the bridge "invisibly" -- logically, the two network segments appear to be one segment to nodes on either side of the bridge.
		As you might expect, Packet Filter can be used to restrict what traffic goes through your bridge.
		CARP by itself does not synchronize data between applications, this has to be done through "alternative channels" such as pfsync(4) (for redundant filtering), manually duplicating data between boxes with rsync, or whatever is appropriate for your application.
	www.openbsd.org /faq/faq6.html (7679 words)

	Microsoft Internet Security & Acceleration Server (ISA) 2000 - Apply an IP packet filter to a server (Site not responding. Last check: 2007-10-22)
		To apply an IP packet filter to a server
		In the details pane, right-click the IP packet filter you want to modify and then click Properties.
		On the General tab, verify that the Enable this filter check box is selected.
	www.microsoft.com /resources/documentation/isa/2000/enterprise/proddocs/en-us/isadocs/m_p_h_ipapplyserv.mspx (148 words)

	Linux 2.4 Packet Filtering HOWTO: Advice on Packet Filter Design (Site not responding. Last check: 2007-10-22)
		If you are creating a dedicated firewall, start by running nothing, and blocking all packets, then add services and let packets through as required.
		I recommend security in depth: combine tcp-wrappers (for connections to the packet filter itself), proxies (for connections passing through the packet filter), route verification and packet filtering.
		Route verification is where a packet which comes from an unexpected interface is dropped: for example, if your internal network has addresses 10.1.1.0/24, and a packet with that source address comes in your external interface, it will be dropped.
	www.kazoolug.org /presentations/20020129/packet/netfilter-11.html (416 words)

	OpenBSD firewall using pf
		Since NAT happens before ``rdr'', a ``pass in'' is required in /etc/pf.conf for the translated packets to flow into the mail server and DNS server.
		By default, WFQ allocates 256 queues and packets are mapped into one of the queues by hashing the destination address.
		So, packets for the same host will be put in the same queue.
	www.muine.org /~hoang/openpf.html (1761 words)

	Microsoft Internet Security & Acceleration Server (ISA) 2000 - Configure an IP packet filter for a remote computer
		To configure an IP packet filter for a remote computer
		If the filter applies to one computer, click This remote computer, and then type atheIP address of the external computer to which the filter applies.
		If the filter applies to a range of computers, click This range of computers, and then type the appropriate information in the Subnet and Mask.
	www.microsoft.com /resources/documentation/isa/2000/enterprise/proddocs/en-us/isadocs/m_p_h_ipexternalhost.mspx (171 words)

	8.1. Packet Filter Rules
		Rules for advanced packet filters can be viewed in the Filter Rules tab of the Advanced Packet Filter dialog window.
		Packet filter rules can be optionally classified by groups.
		In the packet filter rule dialog, a service is represented by port only — the protocol must be entered by hand.
	www.kerio.com /manual/kpf/en/ch08s01.html (1722 words)

	602LAN SUITE - Advanced software firewall security with packet filter
		The firewall acts as a packet filter between two or more network devices (e.g.
		Packet filtering on the device level provides the best performance and security.
		The security of a packet filtering can be enhanced by SYN bit filtering option available in custom configuration of the firewall, which allows only authorized packets to reach their destination.
	www.software602.com /products/ls/firewall.html (268 words)

	Applying General Compiler Optimizations to a Packet Filter Generator (ResearchIndex) (Site not responding. Last check: 2007-10-22)
		Abstract: This paper describes the architecture of the BSD Packet Filter package, which consists of a code generator, optimizer and virtual machine.
		290 The BSD packet filter: A new architecture for user-level pac..
		81 Efficient packet demultiplexing for multiple endpoints and l..
	citeseer.ist.psu.edu /311141.html (293 words)

	freshmeat.net: Project details for fairly fast packet filter (Site not responding. Last check: 2007-10-22)
		The fairly fast packet filter (FFPF) is an approach to network packet processing that adds many new features to existing filtering solutions like BPF.
		It is designed for high speed by pushing computationally intensive tasks to the kernel or even network processors and by minimising packet copying.
		Using its extensibility, the language can even be used as a meta- filter to "script" together filters from other approaches, such as BPF.
	freshmeat.net /projects/ffpf (205 words)

	Kerio - internet security software from one of the market leaders.
		Apart from built-in antivirus functionality and email spam filter, our mail servers are also active directory enabled, which means they can easily import a user base from an existing Active Directory or LDAP server.
		Residing on each desktop computer, Kerio Personal Firewall allows advanced users or network administrators to create packet filter rules that block or limit traffic for specific ports, protocols, or IP addresses, adding a level of control and security found in sophisticated network firewalls.
		Anti-spoofing is a component of Kerio WinRoute Firewall's packet filtering, providing further protection to the LAN against attacks where the intruder falsifies source IP addresses.
	www.kerio.com (1210 words)

Try your search on: Qwika (all wikis)