Information, Computer and Network Security Terms Glossary and Dictionary

 

Packet Filtering

Packet Filtering is the process a piece of software or device takes to selectively control the flow of data to and from a network. Packet filters allow or block packets, usually while routing them from one network to another (most often from the Internet to an internal network, and vice-versa). To accomplish packet filtering, you set up rules that specify what types of packets are to be allowed and what types are to be blocked.

A packet filter examines all packets that pass in and out of it to prevent packets from passing through that do not conform to the configurable rules that are defined. A packet filter can filter packets based upon several criteria:

  • The protocol that the packet belongs to (TCP, UDP, and so forth)
  • The originating address
  • The destination address
  • The port number of the destination resource (application type)
  • The packet direction, out to the Internet or into the local network
  • The signature of a pre-defined packet in database

Packet Filtering is often a feature incorporated into routers and bridges to limit the flow of information. Packet filters let the administrator limit protocol specific traffic to one network segment, isolate e-mail domains, and perform many other traffic control functions.

Packet filter is one of the key features implemented in a firewall's to examine IP packet headers to determine a packet's origin or destination address and the network transport service used. Traditional packet filters are static and use rule sets to allow or deny packets based solely on header content. Intrusion Detection Systems (IDS) use Packet Filtering techniques to analyze packets by matching certain pre-defined signatures and then alert possible network hackers and intruders.

Packet Filter is also a critical tool in network sniffing, protocol analyzer or packet analyzer tools. Many network sniffing tools have multiple filter types allowing users to filter and view traffic accordingly.

Packet Filtering

Related Terms

Firewall, Intrusion Detection System, Network Sniffing, Protocol Analyzer, Packet Analyzer,Sniffer