Firewalls And Packet Filters Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

"A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices that is configured to permit or deny network transmissions based upon a set of rules and other criteria". [1]

Figure 1: Firewall [2]

The term firewall came into being used from the shield that prevents from fire. That acts as a barrier for danger. Later on the term began to use for computer security when the first Internet attack was delivered which is known as morris worm. Before this no one has even thought such kind of attacks that could be proved as harm for the computing world. Then a stream of security search began which gave the birth to computer firewalls. Different kinds of firewalls began to develop for different purposes. [1]

In the start the firewall were being used in the computer machines only. But later on when the firewall became famous and get progressed, they began to implement in the hardware. For better performance, the firewalls were implemented in hardware devices. Thus the hardware was much reliable and viable. [3]


The first paper on firewall technology was published in 1988[1]. There are different firewalls technologies are being used for different purposes. Their implementation depends on the environment. The major implementation of firewall started from private businesses. The main reason was that the Internet was no commonly being used but there was a high implementation of computer machines in private businesses. The huge organizations can afford the high cost of computer applications. So, the firewalls were not affordable for the home use clients.

Types of Firewalls:

There are different types of firewalls as

Packet filter:

Packet filter was written by Daniel Harmeier.[4] This was the start of firewall technology. This is also called the first generation of firewalls. Packet filter firewalls, inspects each and every packet that comes. All the packets are checked according to user define rules. On the bases of these rules packets can be accepted or rejected. In some cases there is a notification send to the the active user regarding to the action.[1], [3, [4] After the configuration of user the action is taken otherwise the packet is send to block list which prevents the packet to take action.[3], [6]

It's working includes the Network Address Translation and Quality of service. Network address translation includes the translation of IP address into hardware address and then again the hardware address into IP address. These two translations continue as a recursive functional dependencies. There are also different other interfaces implemented in the packet filter firewall which serve different purposes as plog which served the packet transformation to carry the packets from kernel to the application level. In the application layer the user can control over the packets for further manipulations. These firewalls are compatibles with the Berkely Software Distribution's and Microsoft windows also [3], [4], [5], [6].

Packets filter firewall work on the first three OSI layer. It means that they work on the physical, data link layer and network layer.[1] From physical layer all the packets are being captures for processing, later on data link layer, these packets are checked according to the data inside each and every packet. Then on the network layer, the permissions are checked as there network address translation is carried out. The IP addresses and port addresses are translated. If there is a restriction of telnet network, then the port number 23 which is dedicated to telnet, will be blocked from packet filtering.[1], [6]

These are some criteria on the bases of those the packets are being drops or allowed on a network.

IP addresses of source and destination.[6]


ports of source and destination.[6]

different types of flags in the header section of packets.[6]


Physical interfaces.[6]

The most IP packet filter firewalls are stateless which means that they cannot remember information of previous packet processed. But there are packet filters with state which know the state of previous packet. This is very helpful in the situations where there is a stream of packets, so, there is no need to check each and every packet each and every time. We can check the first packet of that stream and then allow the other packets to pass on the bases of previously checked packet. [6]

Application Firewall:

Application firewalls are also called the second generation firewalls.[1] This type of firewall are basically server the purpose of a barrier between application layer and input, output and processes. It controls the input, output and different processes for application sections. It the controls are according to the firewall configuration, then ok. Otherwise, the control is blocked. There are two further division of application firewalls network-base application firewall and host-base application firewall. [6]

Network-base application layers are the computer network firewalls that run for the application layer over network stack. Network-base application firewalls are also known as the proxy-base firewalls. They are specific to the particular traffic. They can be implemented as software running on hardware or a separate hardware that can be installed. They are the intermediate between protocol stack and application layer.[6]

Host-base application layer also embed the features of network-base application firewalls. They serve the same purpose of network-base application firewalls. But the additional feature is that the host-base application firewall runs for the same hosts. It means that, the communication between different hosts is controlled by the host-base application firewall.[6] There are database application firewalls which control over the attacks of different applications on databases.

Stateful firewalls:

Stateful firewalls are also known as the third generation firewalls [1]. This type of firewalls keeps track of the connections and then performs the actions. It keeps the information about the type of connection and then allows or rejects the packets. The firewall picks the packet and then configures the source of connection for packets. After that it will take the decision according to firewall rules that weather the packets are allowed or rejected to a connection or not. The firewall works on the third layer of OSI which is network layer three. This type of firewalls required high processing speed. The checking of a packet that weather it belongs to the authorized connection or not is done by validating the header of packets. So, there is a need to check each and every packet that entered in the IP stack. [8]

There is also a need to speed up the processing, for this purpose the information about the connection is stored in the temporary memory. The information of the first packet's connection is stored after extracting the attributes. For the next one, the attributes or properties are not extracted again, but we just recognize the connection of packet and then we test all the previously stored information for that particular connection. Thus we have an opportunity to test secure our resources. To establish a new connection, the first packet is send to the server with some synchronous bits that carries the information about the connection. If the services are available, the connection is set otherwise rejected.[8]

Circuit-level Firewalls:

This type of firewalls just controls over the validation of a session. They do not check the all packets, but just the first packet and then matches their connections. On the bases of those the communication is allowed or restricted. [9]

They are similar to the packet filtering firewalls but the difference is just of those circuit-level firewalls works on the network layer and session layer in OSI model. It checks the Transmission Control Protocols or User Datagram Protocols and then create the sessions if the connection is valid otherwise it down the connection. [10]

There are some packet states checking which circuit-level firewalls checks as

IP addresses of source and receiver[11]

Port addresses of source and receiver[11]





Firewalls also secure the data from unauthorized entities. For this purposes different types of encryption techniques are also used.


Cryptography is a technique that is used to convert the original data to the particular form that is not understandable for others. For example if we write a word "web" we can encrypt it as "waeaba". Thus we just add a letter "a" after every character of "web". There is a need to define the rules for encryption so that on the other hand the destination can also know that what is being transferred. It's similar to the code wording. Two connecting nodes define the rules first and then make communication for security purposes. There are different types of ciphers available for this purpose which includes different algorithms. Cryptography not only used to secure the data but also for authentication purposes. The data which is going to crypt is called the plain text but after the encryption is done, it is called the cipher text which is then again decrypt into plain text. [12], [14]

Types of cryptography:

There are two types of cryptography

secret key cryptography

public key cryptography

Secret key cryptography:

Secret key cryptography is also known as symmetric key cryptography. This type of cryptography is carried out by a secret code which is key. Messages are encrypted and then transferred to the sender. On the other hand, the sender uses the particular key and then again decrypts the message. Similar action is performed on the other hand. This type of communication is carried out only for limited amount of clients only.[13], [14]

Public key cryptography:

Public key cryptography is also known as asymmetric cryptography. This can be carried out for a large number of clients also. A private key is generated and then it is distributed for other clients without notifying that how much clients are attached. The advantage of public key cryptography over secrete key cryptography is that the key can be kept confidential and communication can be carried out. [13], [14]

Hash Function:

Hash functions are also known as message digests or one way cryptography. Through this way, the plain text is converted to encrypted one but the key is unknown which is usually generated by hidden random numbers. So, that's why we cannot convert the encrypted data to original data. These types of techniques are used for high security devices or purposes as smart cards etc. they also serve the purpose of fast processing in software. [14]

Cryptography algorithms:

There are two main classifications according to the algorithms of cryptography

Block Ciphers

Stream Ciphers

Block ciphers:

In case of block ciphers, the encryption is being done by fixing the size of data to a frame. The whole frame is then encrypted and on other hand again decrypted. These are some ways to encryption algorithms as


This is the fastest and simplest algorithms for the encryption. It has 96 bit key and 96 bit block. This algorithm was designed by Joan Daeman. [15]


This algorithm was designed by Bruce Schneier. It's much securing then the 3-way block algorithm.


CAST is abbreviation of Adams and Stafford Taveres. It very secure cryptography algorithm. It's similar to the Blowfish one. It uses 128 bits for encrypted key.


This cryptographic algorithm was designed by the Russia. This algorithm takes 32 rounds and 256 bit key for cipher purposes. There are some attacks on the GOST but they just apply on the weak one only.

Stream Ciphers:

In this type of cryptographic techniques the data is encrypted into the form of stream. A chuck of data is selected and then it is encrypted which is then transmitted.


This algorithm is used to send the information over digital cellular phones. It requires 24 bytes of plain text which needed to encrypt.


It is a stream cipher which was published in 1994. This is being used in different application and no known attack is discovering yet.


This technique was designed by Don Coppersmith. It is the fastest secure algorithm since yet. The only disadvantage is just a need of large memory space. The most appropriate place for SEAL is for disk encryption etc.


Firewalls are the important tools that play a vital role in computer security. There are different types of firewalls as

Types of firewalls

Packet Filter Firewalls

Operates on the packets

Application Layer Firewalls

Operates on the application and kernel space

Stateful Firewalls

Operates on the bases of previously monitored packets

Circuit-level Firewalls

Operates on the validation of sessions

There are different types of cryptographic techniques are also used in firewalls the famous one are

Secret key cryptography

Public key cryptography

Hash function

Secret key cryptography:

Key Key

Plain text Cipher Text Plain text

Public Key cryptography:

Private Key Key

Plain text Cipher Text Plain text

Hash function:


Plain text Cipher Text


Firewalls are the important devices which collaborate each other for secure communications. There are different types of firewalls that serve different purposes. They all, by joining perform a secure network. It's very necessary for a secure communication that all the firewalls must the united so that an optimized level of security can be achieved. As in computer there are different applications are running at same time because now a days the computer are not job specific. So, a single firewall is not enough for secure communication. Different types of cryptographic techniques are also used in firewalls for secure transformation of data. There is still a need to introduce a better cryptography so that the payload of packets can be minimized as the cryptography increases the size of packet due to addition of information. There is always a risk of attacks on cryptographic techniques, so it's very necessary that make progress in the field.