Deep packet inspection
Posted Jul 31, 2008 13:33 UTC (Thu) by forthy
In reply to: Deep packet inspection
Parent article: Deep packet inspection
Firewalls sometimes have to inspect packet content. That's especially
true for "abominations" like FTP, where the packet can contain the port
number a client expects to be connected on. Or worse, the portmapper used
by NFS and YP (most firewalls don't pass these), or the way Flexlm
license servers work. This sort of protocols haven't been designed for
The other reason for a firewall to look into the packets is
application-level filtering. This sort of firewall consists of
(transparent) web and mail proxy, and filters out spam and malware.
However, this is a "you want it, you got it" type of man-in-the-middle.
to post comments)