Session Filtering The filtering of sessions is another function of application level gateways. The gateway keeps an eye on sessions and what is happening in them. This is to prevent attacks that exploit weaknesses in session software. When the gateway firewall detects a session based attack it drops all packets from that session. A popular session based attack used on the Internet is session hijacking. The hacker is able to interrupt an authorized session currently in progress and then take over the outside end of the session without the computer on the internal (protected) network knowing. An application level gateway can prevent this kind of attack.
|