Created at 9am, Apr 6
ProactiveTechnology
0
Internet Firewalls for Trusted Systems
Um_0DVXIf6fEWaPiMtM6_rrzdT66Hiw-I-PotkE3ZZ0
File Type
DOCX
Entry Count
48
Embed. Model
jina_embeddings_v2_base_en
Index Type
hnsw

A firewall is a device or group of devices that controls access between networks. A firewall generally consists of filters and gateway(s), varying from firewall to firewall. It is a security gateway that controls access between the public Internet and an intranet (a private internal network) and is a secure computer system placed between a trusted network and an untrusted internet. A firewall is an agent which screens network traffic in some way, blocking traffic it believes to be inappropriate, dangerous, or both. The security concerns that inevitably arise between the sometimes hostile Internet and secure intranets are often dealt with by inserting one or more firewalls in the path connecting the Internet and the internal network. In reality, Internet access provides benefits to individual users, government agencies and most organisations. But this access often creates a threat as a security flaw. The protective device that has been widely accepted is the firewall. When inserted between the private intranet and the public Internet it establishes a controlled link and erects an outer security wall or perimeter. The aim of this wall is to protect the intranet from Internet-based attacks and to provide a choke point where security can be imposed. Firewalls act as an intermediate server in handling SMTP and HTTP connections in either direction. Firewalls also require the use of an access negotiation and encapsulation protocol such as SOCKS to gain access to the Internet, the intranet, or both. Many firewalls support tri-homing, allowing use of a DMZ network. It is possible for a firewall to accommodate more than three interfaces, each attached to a different network segment. Firewalls can be classified into three main categories: packet filters, circuit-level gate ways and application-level gateways.

TELNET packet filtering TELNET is a simple remote terminal access that allows a user to log onto a computer across an internet. TELNET establishes a TCP connection, and then passes keystrokes from the users keyboard directly to the remote computer as if they had
id: 3508ca4faa2e4c008afdebf6d05cf00e - page: 6
TELNET also carries output from the remote machine back to the users screen. TELNET client software allows the user to specify a remote machine either by giving its domain name or IP address. TELNET can be used to administer a UNIX machine. Windows NT does not provide a TELNET serve with the default installation, but a third-party service can be easily added. TELNET sends all user names and passwords in plaintext. Experienced hackers can hijack a TELNET session in progress. TELNET should only be used when the user can verify the entire network connecting the client and server, not over the Internet. All TELNET traffic should be filtered at the firewall. TELNET runs on TCP port 23. For example, to disable the ability to TELNET into internal devices from the Internet, the information listed Table 10.1 tells the router to discard any packet going to or coming from TCP port 23. TELNET for remote access application runs on TCP port 23
id: 2cfbb2f61c8adcd7d54992468a6b1116 - page: 7
. It runs completely in open non-encryption, with no authentication other than the user name and password that are transmitted in clear. An asterisk (*) in a field indicates any value in that particular field. The packet-filtering rule sets are executed sequentially, from top to bottom. If a packet is passed through the filter and has a source port of 23, it will immediately be discarded. If a packet with a destination port of 23 is passed through this filter, it is discarded only after rule 2 has been applied. All other packets will be discarded. FTP packet filtering If the FTP service is to apply the same basic rule as applied to TELNET, the packet filter to allow or block FTP would look like Table 10.2. The FTP service is typically associated with using TCP ports 20 and 21. One approach to handling FTP connections is explained with the following rule set. Rule 1 allows any host with the network address 192.168.10.0 to initiate a TCP session on any destination IP address on port 21.
id: 4e273ae8db3619bc3e80109d19982c85 - page: 7
Rule 2 blocks any packet originating from any remote address with a source port of 20 and contacting a host with a network address 192.168.10.0 on any port less than 1024. Rule 3 allows any remote address that has a source port of 20 and is contacting any host with a network address of 192.168.10.0 on any port. Once a connection is set up, the ACK flag (ACK = 1) of a TCP segment is set to acknowledge segments sent from the other side. If any packet violates rule 2, it will be immediately discarded, and rule 3 will never be executed. With FTP, two TCP connections are used: a control connection to set up the file transfer and a data connection for the actual file transfer. The data connection uses a different port number to be assigned for the transfer. Remember that most servers live on low-numbered ports, but most outgoing calls tend to use higher-numbered ports, typically above 1024. FTP is the first protocol for transferring or moving files across the Internet. Like many of the TCP/I
id: 5cd413c1c43326de2e2a2ab52de0461b - page: 7
How to Retrieve?
# Search

curl -X POST "https://search.dria.co/hnsw/search" \
-H "x-api-key: <YOUR_API_KEY>" \
-H "Content-Type: application/json" \
-d '{"rerank": true, "top_n": 10, "contract_id": "Um_0DVXIf6fEWaPiMtM6_rrzdT66Hiw-I-PotkE3ZZ0", "query": "What is alexanDRIA library?"}'
        
# Query

curl -X POST "https://search.dria.co/hnsw/query" \
-H "x-api-key: <YOUR_API_KEY>" \
-H "Content-Type: application/json" \
-d '{"vector": [0.123, 0.5236], "top_n": 10, "contract_id": "Um_0DVXIf6fEWaPiMtM6_rrzdT66Hiw-I-PotkE3ZZ0", "level": 2}'