What is Packet Filtering in information security?

Packet filtering is controlling access to a network by inspecting the incoming and outgoing packets and letting them move or halting them depends on the IP address of the source and destination. Packet filtering is one technique for implementing security firewalls.

Packet filtering is both a tool and a method that is a fundamental building structure of network security. It is a tool in that it is an instrument that aids in accomplishing a function. It is a technique because it is an approach of accomplishing a task.

In the framework of a TCP/IP network, a packet filter watches every IP datagram, decodes the header information of in-bound and out-bound traffic and thus blocks the datagram from changing or enables the datagram to pass based upon the contents of the source address, destination address, source port, destination port and connection status.

This is based upon certain element represented to the packet filtering tool. The leading IP routers, such as Cisco, Bay, and Lucent, can be configured to filter IP datagrams. Some operating systems can be set up for packet filtering.

In system networking, packets are formatted units of information carried on packetswitched networks. These networks can be fault tolerant because they disassemble messages into small element or packets and send them independently across the network.

When packages move the firewall and appear at their destination, they are reordered to show their data correctly. It is completed correctly, packet switching optimizes network channel capacity, minimizes transmission latency and enhance the effectiveness of communications.

In a packet filtering firewall, the firewall check five packet traits are as follows −

  • Source IP address
  • Source port
  • Destination IP address
  • Destination port
  • IP protocol (TCP or UDP)

It is based upon rules configured into the firewall, the packet will be allowed through rejected or dropped. If the firewall removes the packet, it sends a message back to the sender allowing the recognition that the packet was discarded. If the packet was dropped, the firewall does not respond to the packet.

The sender should remain for the communication to time out. It is dropping packets instead of rejecting them highly enlarges the time required to scan the network. Routers are a general form of packet filtering firewall.

An enhanced architecture of the packet filtering firewall is a packet filtering firewall with a state oriented examination engine. With this augmentation, the firewall remembers conversations between systems and networks. It is important to fully scrutinize only the conversation’s first packet.