Security 12-23
This header information is what the packet filter uses to make filtering decisions. It is important to note that a
packet filter does not look into the IP datastream (the User Data from above) to make filtering decisions.
Basic Protocol Types
TCP: Transmission Control Protocol. TCP provides reliable packet delivery and has a retransmission
mechanism (so packets are not lost). RFC 793 is the specification for TCP.
UDP: User Datagram Protocol. Unlike TCP, UDP does not guarantee reliable, sequenced packet delivery. If data
does not reach its destination, UDP does not re transmit the data. RFC 768 is the specification for UDP.
And there are many more ports defined in the Assigned Addresses RFC.
Example TCP/UDP Ports
Firewall design rules
There are two basic rules to firewall design:
■ “What is not explicitly allowed is denied...”
and
■ “What is not explicitly denied is allowed...”
The first rule is far more secure, and is the best approach to firewall design. It is far easier (and more secure)
to allow in or out only certain services and deny anything else. If the other rule is used, you would have to figure
out everything that you want to disallow, now and future.
Source Port 2541
Destination Port 80
Protocol TCP
ACK Bit Yes
DATA User Data
TCP Port Service UDP Port Service
20/21 FTP 161 SNMP
23 Telnet 69 TFTP
25 SMTP
80 WWW
144 News