Lancom Systems LCOS 3.50 User Manual

LANCOM Reference Manual LCOS 3.50

̈

Chapter 8: Firewall

112

Fi

rew

a

ll

table, because the connection to the LAN has been initiated from the client.
Afterwards, the server can send so the desired data to the client.

But if another workstation from the Internet tries to use the just opened port
4322 of the LAN to file itself data from its port 20 on the protected client, the
Firewall will stop this try, because the IP address of the attacker does not fit
to the permitted connection!

After the successful data transfer, the entries disappear automatically
from the dynamic table and the ports will be closed again.

Moreover, a Firewall with Stateful Inspection is mostly able to re-assemble the
received data packets, that means to buffer the individual parts and to assem-
ble them again to an complete packet. Therefore, complete IP packets can be
checked by the Firewall, rather than individual parts only.

This porter is making a definite better job. When somebody in this company
orders a courier, he must also inform the porter that he is expecting a courier,
when he will be arriving and what information should be found on the delivery
note. Only when this information matches the logbook entries of the porter,
the courier may pass. If the courier brings not only one packet, but rather two,

Dest. port 4322

Source port 20

Source IP

Dest. IP

Sc. port

Dst. port

10.0.0.1

80.190.240.17

4321

21

80.190.240.17

10.0.0.1

20

4322

IP: 80.146.204.15

outgoing connection

permitted incoming connection

unauthorized incoming

connection