Firewalls come in several categories and sub-categories. The basic goal is to prevent intrusion, the difference is in how they try to accomplish this. The major categories of firewalls are network layer firewalls and application layer firewalls. The difference between the two is that the former operate at the low level of the TCP/IP protocol stack as packet filters, not allowing packets to pass the firewall unless they meet the rules defined by the firewall administrator - while the latter work on the application level - and may inspect the contents of packets, sanitize them, and so forth.
A proxy? device may form a firewall by responding to defined requests in the manner of the application whilst rejecting all undefined requests. A proxy can also disguise the internal infrastructure of a computer network by translating IP addresses and thus preventing direct access to internal systems. In this way, tampering with an internal system would not necessarily cause a security breach which is capable of being exploited from outside the firewall. Conversely a hacker could hi-jack? an internal device and use it as a proxy for himself which then masquerades as a trusted device.
![[Home]](wikipedia.png)