History
Before the advent of stateful firewalls, a stateless firewall, a firewall that treats each network frame (or packet) in isolation, was normal. Such packet filters operate at the Network Layer (layer 3) and function more efficiently because they only look at the header part of a packet. A drawback of pure packet filters is that they are stateless; they have no memory of previous packets which makes them vulnerable to spoofing attacks. Such a firewall has no way of knowing if any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet. Modern firewalls are connection-aware (or state-aware), offering network administrators finer-grained control of network traffic.
The classic example of a network operation that may fail with a stateless firewall is the File Transfer Protocol (FTP). By design, such protocols need to be able to open connections to arbitrary high ports to function properly. Since a stateless firewall has no way of knowing that the packet destined to the protected network (to some host's destination port 4970, for example) is part of a legitimate FTP session, it will drop the packet. Stateful firewalls solve this problem by maintaining a table of open connections and intelligently associating new connection requests with existing legitimate connections.
Early attempts at producing firewalls operated at the Application Layer, which is the very top of the seven-layer OSI model. This method required exorbitant amounts of computing power and is rarely used in modern implementations.
Read more about this topic: Stateful Firewall
Famous quotes containing the word history:
“Whenever we read the obscene stories, the voluptuous debaucheries, the cruel and torturous executions, the unrelenting vindictiveness, with which more than half the Bible is filled, it would be more consistent that we called it the word of a demon than the Word of God. It is a history of wickedness that has served to corrupt and brutalize mankind.”
—Thomas Paine (1737–1809)
“I am ashamed to see what a shallow village tale our so-called History is. How many times must we say Rome, and Paris, and Constantinople! What does Rome know of rat and lizard? What are Olympiads and Consulates to these neighboring systems of being? Nay, what food or experience or succor have they for the Esquimaux seal-hunter, or the Kanaka in his canoe, for the fisherman, the stevedore, the porter?”
—Ralph Waldo Emerson (1803–1882)
“The history of mankind interests us only as it exhibits a steady gain of truth and right, in the incessant conflict which it records between the material and the moral nature.”
—Ralph Waldo Emerson (1803–1882)