What is Ingress filtering?
Filter
Ingress is a computer security technique that relies on scanning incoming packets to confirm their validity. If the packet does not seem to match its supposed source, the network can hold it and can refuse to allow information through. This can protect users from harmful attacks based on spoofing, where the hacker tries to make the packet look as if it came from anywhere else. Internet service providers (ISP) usually use Ingress filtering to defend their customers and individual home or office networks may have further security measures. The system compares this information with the database to determine whether the packet is really from a place that says it is. If it seems to be a match, it can be allowed. If there is a problem with the source, the system can hold the packet, keep it off the net and protect all WHO users can be connected to the network.
One potential use for input filtering is to fight Denial of Service (DOS) attacks. These attacks rely on flood networks with packets, many of which are spoofed to cover their origin. The system that can capture spoofed packets can keep the net in operation during the attack because the network will not have to process malicious packets. It is also possible to compare information about spoofing with known databases for connecting hacker attacks to monitor infected computers and malicious users.
Internet service providers cooperate on the provision of Ingress filtering. They must regularly update their own databases in favor of partners and rely on updated databases maintained by other Internet service providers to access precise and detailed information. This cooperation is a practical enterprise by service providers who CPOS customers greater safety and security of cooperation, even with opponents who can compete for customers andattention.
The Ingress filter can also be allowed within the home or office network. The net can catch packets that ISP may not identify as a problem depending on the type of filtering used. This adds another layer of security for individual users, along with other security measures such as scanning incoming information for viruses and other malicious software that may pose a risk to the security of computer systems or data in the network.