论文部分内容阅读
“防火墙”是一种由计算机软硬件的组合,它在互联网与内部网之间建立起一个安全屏障,起到隔离互联网与内部网,保护内部网免受非法入侵的作用。 防火墙的基本结构可以分为包过滤和应用代理两种,其中前者又可以分为简单包过滤和状态检测的包过滤两种。包过滤技术关注的是对网络层和传输层的保护,应用代理更关心的是对应用层的保护。 简单包过滤是检查通过的每个数据包,逐个与事先设定的规则进行匹配,决定该报文是通过防火墙还是丢弃。一般来说,该方式不跟踪TCP
Firewall is a combination of computer hardware and software that sets up a security barrier between the Internet and the intranet to isolate the Internet from the intranet and protect the intranet against unauthorized intrusion. The basic structure of the firewall can be divided into two types of packet filtering and application proxy, of which the former can be divided into two simple packet filtering and state detection packet filtering. Packet filtering technology is concerned about the network layer and transport layer protection, application proxy is more concerned about the protection of the application layer. Simple packet filtering is to check each data packet, one by one with the pre-set rules to match, decide whether the message is through the firewall or discarded. In general, this approach does not keep track of TCP