Ever-increasing numbers of IP router products offer packet filtering as a tool for improving network security. Used properly, packet filtering is a useful tool for the security-conscious network administrator, but its effective use requires a thorough understanding of its capabilities and weaknesses, and of thw quirks of particular protocols that filters are being applied to. This paper examines the utility of IP packet filtering as a network security measure, briefly contrasts IP packet filtering to alternative network security approaches such as spplication-level gateways, describes what packet filters might examine in each packet and describes the characteristics of common application protocols as they relate to packet filtering.

Click Here to download this article