RE: Firewall: a basic question
From: Mark S. Searle (Mark.Searle@lon.ipalliance.net)Date: 01/08/02
- Previous message: MadHat: "Re: Portscanning from Windows XP machine"
- Maybe in reply to: ashley thomas: "Firewall: a basic question"
- Next in thread: leon: "RE: Firewall: a basic question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 8 Jan 2002 13:50:16 -0000 From: "Mark S. Searle" <Mark.Searle@lon.ipalliance.net> To: "ashley thomas" <ashlythomas@hotmail.com>, <security-basics@securityfocus.com>
A firewall is just a term that is commonly applied to layer 3 (and
above) devices and has become synonomous with IP. However, it is
possible to implement security at layer two on bridges using a number of
standard and proprietary methods. The standard methods would include the
use of non-router VLAN implementations and MAC address filtering. Many
manufacturers also provide extensions to these standards, e.g. Cisco and
PVLAN implementation, and their own proprietary security features. Most
manufacturers will allow for the tracking of specific MAC source
addresses on inbound bridge ports. This allows a port to be blocked if
an unknown address is encountered. Searching the manufacturer
documentation for "port security" would be a good idea. It is also
possible to implement MAC address filters to filter traffic via
source/destination MAC address. Bridge filters are also commonly
employed which are able to filter out traffic according to frame type,
e.g. 0x800 (IP). Many frames carrying certain types of protocol payload
can be filtered in this manner.
So, in summary a firewall is really just an element (network or
software), that sits between a trusted and non-trusted zone and is
employed in filtering traffic according to a pre-defined policy. It can
work from layers 2 to 7 (OSI reference model), but is commonly
associated with layer 3 upwards (within the IP community).
I hope this helps.
Cheers,
Mark Searle.
-----Original Message-----
From: ashley thomas [mailto:ashlythomas@hotmail.com]
Sent: 06 January 2002 02:17
To: security-basics@securityfocus.com
Subject: Firewall: a basic question
hi,
which is the lowest layer where a firewall can be implemented ?
i guess, it is network layer (layer 3)
in that case , how is firewall implemented on bridges , which is a layer
2
device ?
thanks
ashley
_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com
Email Disclaimer
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorised.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
- Previous message: MadHat: "Re: Portscanning from Windows XP machine"
- Maybe in reply to: ashley thomas: "Firewall: a basic question"
- Next in thread: leon: "RE: Firewall: a basic question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
