Target Host: 192.168.135.40 Host OS: Windows Scan Date: May 27, 2025
Firewalls act as a security barrier between trusted internal networks and untrusted external networks (like the internet). They filter traffic based on a set of rules to allow or block data packets.
- Filters based on source or destination IP.
- Example: Block traffic from known malicious IPs.
- Blocks or allows specific TCP/UDP ports.
- Example: Block port 23 (Telnet), allow port 80 (HTTP).
- Filters by protocol type (e.g., TCP, UDP, ICMP).
- Example: Block all incoming ICMP (ping) requests.
- Inbound: Traffic entering your system.
- Outbound: Traffic leaving your system.
- Some firewalls filter based on the application using the network.
- Example: Allow traffic for Chrome, block unknown apps.
- Advanced firewalls perform Deep Packet Inspection (DPI) to analyze packet content.
- Useful for detecting and blocking malware or unauthorized data transfers.
- Allow (Permit) – Let traffic through if it matches the rule.
- Deny (Block) – Block traffic that matches the rule.
- Default Policy – Typically “deny all unless explicitly allowed.”
Incoming/Outgoing Traffic → Firewall Rule Set → Decision: → Matches an "Allow" Rule → Passes through → Matches a "Deny" Rule → Blocked → No Match → Default policy applied (usually block)
Submitted by:- Shivang Shukla