LANCOM Reference Manual LCOS 3.50 ̈ Chapter 8: Firewall
112
Firewall
table, because the connection to the LAN has been initiated from the client.
Afterwards, the server can send so the desired data to the client.
But if another workstation from the Internet tries to use the just opened port
4322 of the LAN to file itself data from its port 20 on the protected client, the
Firewall will stop this try, because the IP address of the attacker does not fit
to the permitted connection!
After the successful data transfer, the entries disappear automatically
from the dynamic table and the ports will be closed again.
Moreover, a Firewall with Stateful Inspection is mostly able to re-assemble the
received data packets, that means to buffer the individual parts and to assem-
ble them again to an complete packet. Therefore, complete IP packets can be
checked by the Firewall, rather than individual parts only.
This porter is making a definite better job. When somebody in this company
orders a courier, he must also inform the porter that he is expecting a courier,
when he will be arriving and what information should be found on the delivery
note. Only when this information matches the logbook entries of the porter,
the courier may pass. If the courier brings not only one packet, but rather two,
Dest. port 4322
Source port 20
Source IP Dest. IP Sc. port Dst. port
10.0.0.1 80.190.240.17 4321 21
80.190.240.17 10.0.0.1 20 4322
IP: 80.146.204.15
outgoing connection
permitted incoming connection
unauthorized incoming
connection