Page 310 - DCAP103_Principle of operating system
P. 310
Unit 9: System Security
Notes
4. Proxy Server: Intercepts all messages entering and leaving the network. The proxy
server effectively hides the true network addresses.
The term firewall/fire block originally meant a wall to confine a fire or potential fire within
a building; cf. firewall (construction). Later uses refer to similar structures, such as the
metal sheet separating the engine compartment of a vehicle or aircraft from the passenger
compartment.
• The Morris Worm spread itself through multiple vulnerabilities in the machines of the
time. Although it was not malicious in intent, the Morris Worm was the first large
scale attack on Internet security; the online community was neither expecting an attack
nor prepared to deal with one.
Figure 9.4: Firewall Window
9.6.1 First Generation: Packet Filters
The first paper published on firewall technology was in 1988, when engineers from Digital
Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. This
fairly basic system was the first generation of what became a highly evolved and technical
internet security feature. At AT&T Bell Labs, Bill Cheswick and Steve Bellovin were continuing
their research in packet filtering and developed a working model for their own company based
on their original first generation architecture.
This type of packet filtering pays no attention to whether a packet is part of an existing stream
of traffic (i.e. it stores no information on connection “state”). Instead, it filters each packet based
only on information contained in the packet itself (most commonly using a combination of the
LOVELY PROFESSIONAL UNIVERSITY 303
