History
Before the advent of stateful firewalls, a stateless firewall, a firewall that treats each network frame (or packet) in isolation, was normal. Such packet filters operate at the Network Layer (layer 3) and function more efficiently because they only look at the header part of a packet. A drawback of pure packet filters is that they are stateless; they have no memory of previous packets which makes them vulnerable to spoofing attacks. Such a firewall has no way of knowing if any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet. Modern firewalls are connection-aware (or state-aware), offering network administrators finer-grained control of network traffic.
The classic example of a network operation that may fail with a stateless firewall is the File Transfer Protocol (FTP). By design, such protocols need to be able to open connections to arbitrary high ports to function properly. Since a stateless firewall has no way of knowing that the packet destined to the protected network (to some host's destination port 4970, for example) is part of a legitimate FTP session, it will drop the packet. Stateful firewalls solve this problem by maintaining a table of open connections and intelligently associating new connection requests with existing legitimate connections.
Early attempts at producing firewalls operated at the Application Layer, which is the very top of the seven-layer OSI model. This method required exorbitant amounts of computing power and is rarely used in modern implementations.
Read more about this topic: Stateful Firewall
Famous quotes containing the word history:
“The custard is setting; meanwhile
I not only have my own history to worry about
But am forced to fret over insufficient details related to large
Unfinished concepts that can never bring themselves to the point
Of being, with or without my help, if any were forthcoming.”
—John Ashbery (b. 1927)
“When we of the so-called better classes are scared as men were never scared in history at material ugliness and hardship; when we put off marriage until our house can be artistic, and quake at the thought of having a child without a bank-account and doomed to manual labor, it is time for thinking men to protest against so unmanly and irreligious a state of opinion.”
—William James (1842–1910)
“I cannot be much pleased without an appearance of truth; at least of possibility—I wish the history to be natural though the sentiments are refined; and the characters to be probable, though their behaviour is excelling.”
—Frances Burney (1752–1840)