Inbound filtering scans incoming packets to confirm their validity and can protect against malicious spoofing attacks. ISPs use it to defend customers and combat DOS attacks. Home and office networks can also enable it for added security. ISPs cooperate to maintain up-to-date databases for accurate information.
Inbound filtering is a computer security technique that relies on scanning incoming packets to confirm their validity. If a packet doesn’t appear to match its supposed source, the network can hold it back and may refuse to allow information to pass through. This can protect users from malicious spoofing attacks, where a hacker tries to make a package look like it came from somewhere else. Internet Service Providers (ISPs) typically use ingress filtering to defend their customers, and a single home or business network may have additional security measures in place.
With this procedure in place, the system examines all incoming packets for information about their origin. The system compares this information to a database to determine if a package actually comes from where it claims to be. If it appears to be a match, it can be allowed. If there’s a problem with the source, the system can hold onto the packet, keeping it off the network and protecting any users who might be connected to the network.
One potential use for ingress filtering is to combat Denial of Service (DOS) attacks. These attacks rely on networks flooded with packets, many of which are forged to hide their origins. A system capable of intercepting spoofed packets can keep the network running during attacks, since the network won’t have to process the malicious packets. Spoof information can also be compared to databases known to connect hacking attacks for the purpose of tracking infected computers and malicious users.
Internet service providers work together to provide inbound filtering. They must regularly update their databases for the benefit of partners and rely on up-to-date databases maintained by other ISPs to access accurate and detailed information. This cooperation is a practical business move by service providers, who can provide customers with greater safety and security by partnering, even with rivals who may compete for customers and attention.
Within a single home or office network, ingress filtering can also be enabled. The network may intercept packets that an ISP may not have identified as a problem, depending on the type of filtering used. This adds an extra layer of security for individual users, along with other security measures such as scanning incoming information for viruses and other malicious software that may pose a security risk to computer systems or data on the network.
Protect your devices with Threat Protection by NordVPN