![]() |
There are certain layers of an IP packet that a packet filtering router cannot scan, for example, the application layer. Viruses may reside within the payload of an IP packet; therefore, a packet filtering router provides no virus protection. Any attacks, denials of service, or any other data that is in the application layer cannot be identified on a packet filtering router. A packet filter is dependent on appropriate configuration. Rules on the packet filtering router can be difficult to maintain, especially if temporary exceptions are made. |