Back to Security Pattern Catalog
: Exterior Security, Information Disclosure
Correlation is useful if the packets include portions of commands or data needed for attacks and therefore they can be identified to and be fit to the bigger context.
How can we correlate incoming packets?
Keep a list or table with the connections that have been opened and correlate the types of messages received or sent. The system may also opt not to check the packets of a well-established connection for improved performance.
Commercial firewalls from Check Point Technologies and CyberGuard.
Packet Filter Firewall, Proxy based Firewall
Firewall, Filtering, Access Control, State
Last modified: May 05, 2012
and Maintained by: Munawar Hafiz