Firewall / active filter question
Jared Smith
jared at trios.org
Fri Dec 13 17:04:18 CST 2002
I don't know much about firewalls, so forgive me
if I'm suggesting something that already exists or
is not technically possible.
As I understand firewalls, they block all ports
except those specifically opened, and they forward
IPs to internal addresses, therefore masking
what's happening on the inside of the network.
This is passive. What I lay awake last night
thinking was, what about filtering in an active
manner? With an active filter, the only packets
acceptible are those which have been specifically
requested. You'd have a buffer which kept track of
all outgoing requests, and waited for a few minutes
to receive them. Everything else would be rejected.
Seems like this would make it impossible for people
to hack in, unless they were actively monitoring
outgoing packets. While this wouldn't work for a
server (which needs to accept arbitrary hits), it
would work for a surfer.
Does this already exist?
-Jared
More information about the Kclug
mailing list