/var/logmarcus chiu

Firewalls - Bastion Host

Created on · Last Modified on

Firewall
  • is a collection of components between two networks that filter cross traffic based on some security policy

Types of Firewalls

Packet Filtering Firewalls
  • stateless firewalls - static rules/filters to determine which packets are allowed to cross the inspection point
  • stateful inspection firewalls - Inspects packets in the context of their role in an incipient or ongoing conversation (e.g. TCP connection)
    • maintain a table for allowed connections. By default, allow connections originated from internal hosts & deny connections originated from external hosts

Application Level Firewalls

e.g. proxy server

Circuit Level Firewalls
  • sets up two connections (i.e. one with inner host, one with outside host)

another classification of firewall types:

  • screening router firewalls
  • computer-based firewalls
  • firewall appliances
  • host firewalls - on clients and servers

Bastion Host

bastion host is a special-purpose computer on a network specifically designed and configured to withstand attacks. The computer generally hosts a single application, for example a proxy server, and all other services are removed or limited to reduce the threat to the computer

Subpages