Infrastructure Security






            Packet-filtering firewalls

            282- These firewalls permit or block access to specific ports or IP addresses.
            283- In the Allow by Default policy, all traffic is allowed except that which is specifically denied.

            284- In  the  Deny  by  Default  policy,  all  traffic  is  blocked  except  that  which  is  specifically
            allowed.

            285- Well-known port numbers range from 0 to 1023.

            286- User ports (registered ports) range from 1024 to 46,151.
            287- Dynamic/private ports range from 46,152 or 65,535.




            Application layer firewalls
            288- These firewalls examine the entire packet to allow or deny traffic.

            289- They are much slower than packet-filtering firewalls.
            290- Proxy servers use these firewalls to provide application layer filtering.



            Stateful Inspection Firewalls

            291- These firewalls actively monitor and inspect the state of network traffic.

            292- They are faster than application layer firewalls.
            293- They can dynamically open and close ports as needed by applications.



            Routers

            294- Routers connect two segments of an internetworkand workat Layer 3 of the OSI model.
            295- They use a table of IP addresses to forward network traffic.

            296- Administrators build static routing tables in small networks.

            297- Distant vector and link states are dynamic routing protocols.
            298- Routers support Access Control Lists (ACLs) to determine which IP packets should be

            allowed or blocked.
            299- Dynamically built routing tables are prone to spoofing and eavesdropping.










                   www.hrnikkhah.com                        by :  Hamid  Reza  Nikkhah                 Page 17