Misplaced Pages

Talk:Firewall (computing)

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

This is an old revision of this page, as edited by Stayfree76 (talk | contribs) at 23:54, 17 August 2020 (Another old comment deleted for advertising). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Revision as of 23:54, 17 August 2020 by Stayfree76 (talk | contribs) (Another old comment deleted for advertising)(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)
This is the talk page for discussing improvements to the Firewall (computing) article.
This is not a forum for general discussion of the article's subject.
Article policies
Find sources: Google (books · news · scholar · free images · WP refs· FENS · JSTOR · TWL
Archives: 1Auto-archiving period: 12 months 

Template:Vital article

This article has not yet been rated on Misplaced Pages's content assessment scale.
It is of interest to the following WikiProjects:
Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details.
WikiProject iconComputing: Networking High‑importance
WikiProject iconThis article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Misplaced Pages. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing
HighThis article has been rated as High-importance on the project's importance scale.
Taskforce icon
This article is supported by Networking task force (assessed as High-importance).
Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details.
WikiProject iconComputer Security: Computing Top‑importance
WikiProject iconThis article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Misplaced Pages. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security
TopThis article has been rated as Top-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Computing (assessed as High-importance).
Things you can help WikiProject Computer Security with:
Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...
  • Review importance and quality of existing articles
  • Identify categories related to Computer Security
  • Tag related articles
  • Identify articles for creation (see also: Article requests)
  • Identify articles for improvement
  • Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
  • Find editors who have shown interest in this subject and ask them to take a look here.
Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details.
WikiProject iconSoftware: Computing
WikiProject iconThis article is within the scope of WikiProject Software, a collaborative effort to improve the coverage of software on Misplaced Pages. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.SoftwareWikipedia:WikiProject SoftwareTemplate:WikiProject Softwaresoftware
???This article has not yet received a rating on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Computing.
Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details.
WikiProject iconElectronics
WikiProject iconThis article is part of WikiProject Electronics, an attempt to provide a standard approach to writing articles about electronics on Misplaced Pages. If you would like to participate, you can choose to edit the article attached to this page, or visit the project page, where you can join the project and see a list of open tasks. Leave messages at the project talk pageElectronicsWikipedia:WikiProject ElectronicsTemplate:WikiProject Electronicselectronic
???This article has not yet received a rating on the project's importance scale.
Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details.
WikiProject iconInternet
WikiProject iconThis article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Misplaced Pages. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet
???This article has not yet received a rating on the project's importance scale.


Archives

1



This page has archives. Sections older than 365 days may be automatically archived by Lowercase sigmabot III when more than 5 sections are present.

Application-layer firewall

The Article Application_layer_firewall should benefit from all the info given here. or maybe merged completely/made into a redirect. --Deelkar (talk) 22:58, 31 Jan 2005 (UTC)

I agree. Merging a bunch of tightly-related short article to one decent one could make a decent feature. Do we need to propose a vote somehow? I'd merge into this article both Application layer firewall and Network layer firewall. I'd even consider adding Personal firewall (without the vendor list), Demilitarized zone (computing), the proposed XML Firewall, and anything useful from Bastion Host. --ScottDavis 11:19, 26 Feb 2005 (UTC)

This is more like a How-To

It feels much more like a HOWTO page rather than an encyclopeda article

rb

Can someone find a link to a rendered animation about the workings of a firewall. From memory it's about 100Mb in size and shows the journey of packets into and through a firewall . Very educational. Sure is! Great work 'Warriors of the Net' ! thank you. I just can't remember where I saw it and I've searched with clusty and google images. Much appreciated for finding the link if someone could. Fret no more; go get it from here: Warriors of the Net —Preceding unsigned comment added by 61.68.161.192 (talkcontribs) 03:46, August 20, 2006

Morris Worm

This statement describes this virus/worm as still being a current problem today -- is this accurate?

"This virus known as the Morris Worm was carried by e-mail and is now a common nuisance for even the most innocuous domestic user." —Preceding unsigned comment added by 75.7.44.13 (talkcontribs) 16:31, September 23, 2006

Consumer Product Definitions of Firewall Types

I'm a consumer looking at the firewall descriptions of various DSL modems and routers, trying to compare different products and figure out what firewall features are available that I should look for. This Misplaced Pages article hasn't really clarified the situation for me.

One product says "Advanced security from hacker attacks with Stateful Packet Inspection (SPI) and Network Address Translation (NAT) firewalls".

Are those vague general terms, or exact specifications of firewall techniques that will be the same for any product that claims to do them? Statefully inspecting the packets for what -- the same things in any product that implements this? Is NAT really an active firewall, or just that the nature of a shared IP at the router device has this benefit?

One says "Protects PCs from Ping of Death, SYN Flood, Land Attack, IP Spoofing, and other DoS (Denial of Service) Attacks", another says protects against DoS attacks. Is product A better?

Etc. —Preceding unsigned comment added by 75.6.235.68 (talkcontribs) 22:46, September 24, 2006

First to Second Generation Timegap?

"The first paper published on firewall technology was in 1988, when..." "From 1980-1990 three colleagues from..." The two beginnings of the paragraphs concerning first and second generation firewalls. So the second generation firewalls was already eight years in development when the first virus attack occured and the first paper on the topic was published?! Anyone got references for this?

Third generation: application layer -- Inaccuracies

This section would be better titled: Third Generation: NGFW. This is the standard name in the industry today.

Additionally, there's a statement that I believe to be irrelevant to the article.

...Web Application Firewall (WAF). WAF attacks may be implemented in the tool “WAF Fingerprinting utilizing timing side channels” (WAFFle).

The citation (13) references WAFs. WAFs are _not_ the same as network security gateways AKA firewalls. They are a very specific security gateway that protects webservers and focuses on HTTP/HTTPS protections.

This is entirely different from a "regular" firewall. Thus, this portion should be removed. There should really be a separate article dedicated to WAF technology. It is that important and relevant in the industry today.

Proxies / NAT

i thought i would bring this up here before considering what might be best for the "Proxies" and "Network Address Translation" sections.

1. they do not have any sources 2. the statements are either inaccurate or misleading.

a. there are many types of NAT (Dynamic NAT/NAT overload/Masquerade, Source Nat, Destination NAT, Full NAT), but generally you would only see the first two listed doing a lan to wan conversion. Also, there is no requirement to have RFC 1918 space with a LAN, and there is also no requirement to implement NAT for public internet communications.
b. the proxy server explanation is all over the place. the functions of a proxy, whether standard or transparent can overlap with a firewall, but they are not doing stateful, ip, or port based connection filtering. A transparent proxy can abuse control packet like a TCP RESET or a ICMP DST UNREACHABLE (for UDP), to force a connection to stop, but that would more than likely be a security based proxy within a NGFW itself. a standard proxy, if use for security would generally be a web filter and it is not using anything in packet headers to block inherently (it can be by IP, Active Directory User, etc.), and is more worried about what the url in the http header is.

with all that said, i feel that they should just be removed as it would take some awkward and difficult work to convert them into accurate information not counting the fact that they arent even specifically relevant to a firewall anyways. Stayfree76 (talk) 02:45, 17 August 2020 (UTC)

Categories: