Lecture 17: Firewalls
Intro to DoS
Selecting an Access Control Policy
What factors might influence choosing between a default-allow policy and a default-deny policy?
Stateless Packet Filter
(True/False) Stateless packet filters can't deny all inbound TLS connections, because TLS connections have confidentiality.
Stateful Packet Filter Rules
Write a stateful firewall rule that would allow all TLS traffic from an external host
184.108.40.206 into your network
Designing a Stateful Filter
Stateful Filter Challenges
Remember that in the TCP lecture, we said that TCP guarantees that packets will be reconstructed in the correct order. What part of the TCP protocol is the attacker exploiting here to prevent this?
What might be a disadvantage of application-level firewalls?
Why Have Firewalls Been Successful?
Attacks on Firewalls