In firewall parlance, the terms ‘ports’ and ‘services’ are often used interchangeably, and mean the same thing.
The source and destination IP addresses identify the client and the server, while the source and destination ports identify the service request and the reply. The handshake remains the same for multiple clients and servers. While replying, the server reverses the source and the destination IP addresses so that the packet reaches the client, and also reverses the source/destination port numbers for the client to understand which packet belongs to which service request. In addition, the client also sends the self IP address as the source IP address, and adds a randomly generated source port as the source port number. While sending requests to the server, the client sends the IP address of the server as part of the IP header and the port number for the service as part of the TCP header. The HTTP service runs on Port 80, SSH on Port 22, FTP on Port 21, and so on. The answer lies in the concept of a port – different services run on different ports. How does the client differentiate between the replies received from the server? How does it determine which packet is received as reply to which request sent earlier?
How does the server differentiate between the requests received from different clients? How does it determine which packet is for which service?Ģ. The client system is trying to access these services simultaneously using only one physical cable. This server is running three different services – HTTP, SSH and FTP. To explain it in simple terms, imagine a server connected to a single client by a crossover cable. It is crucial that services blocking is enabled along with website filtering to ensure correct firewall configuration. This type of traffic could also lead to blacklisting of your static IP address. This control is still not seen in many implementations.įor example, a firewall not configured to block undesirable services will not block malicious software such as viruses, worms, spyware, etc, from sending emails out using email services such as SMTP or from sending outgoing traffic using non-standard ports. Emphasis must also be given to blocking requests from the internal network towards the Internet or external network, using undesirable services.
Many people view a firewall as a device to block access to undesirable websites, which is partially true.
0 kommentar(er)
