Advertise Search Free Magazines Newest Links Categories Register Login

Application Security Architecture Authentication Certifications Corporate Compliance Cryptology Disaster Recovery Enterprise Security Exploits Firewalls Incident Handling Intrusion Detection Link Directory OS Security Podcasts Policies and Procedures Security Basics Security Management Security Tools Servers Standards Techie Humor Video VoIP Vulnerability Management Web Security WIFI Security Worms and Viruses Definition of Firewalls What is a firewall? A firewall is piece of hardware or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. It has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the Internet (a zone with no trust) and an internal network (a zone with high trust). Most Popular Sponsor Backup & Recovery - Top 10 Reasons to Upgrade

Firewalls Checkpoint Firewall Tools PIX Introduction to IP Filter Part 1 A good first line of defense is to install IP level packet filtering. If we can determine exactly what packets should travel up our stack, and what appropriate destinations for these packets are, we can seriously cut down on the number of exposure points on a machine, both intentional and accidental. IP Filter, by Darren Reed, is one of the most popular pieces of packet filtering software for Unix systems, and its free. Read the Article Introduction to IP Filter Part 2 IP NAT is the portion of the IP Filter package that performs Network Address Translation. A major feature of most firewalls and routers these days is the ability to map an entire network to a smaller set of IP addresses. Those in the Linux work may know this as IP Masquerading. It allows a simple way to place an entire network behind a firewall, and have all outbound connections appear to come from a single point (or, possibly, a set or points). It can also make it possible for us to transparently proxy certain types of connections. We're going to set up NAT initially on our firewall. Our first configuration will simply map connections from one IP range to another. Then, we will set up the internal FTP proxy, so active mode ftp will work, as well as configure a transparent Squid web proxy. Read the Article IPFilter: A Unix Host-Based Firewall With the advent of TCP wrappers and dedicated firewalling hardware, host-based firewall packages for unix operating systems have fallen by the wayside. Daemons such as inetd, xinetd, and tcpd allow hosts to effectively limit outside connections to an out-of-the-box unix distribution, and as such, many users seldom consider using a third party firewall package. IPFilter is one such hostbased firewall. It provides several useful security features which are lacking in stock unix installs, such as the ability to filter egressing traffic, protocol/packet state filtering, and true stateful firewalling. This paper will explain the benefits of using IPFilter on a unix host by detailing its configuration and implementation on a Solaris 8 SPARC box, and providing examples users can follow to safeguard their machines against some of the more popular remote exploits. Read the Article SunScreen, Part One: An Overview of the Sun Microsystem Firewall SunScreen is Sun Microsystem's firewall that runs under the Solaris operating system. It is the latest version of Sun's long line of firewall software that allows administrators to provide firewall capabilities to the Solaris operating system. SunScreen 3.1 is available in a full version which can be purchased from Sun Microsystems or a "lite" version which could be downloaded from Sun's Web site. With the release of Solaris 9, Sun has now bundled the SunScreen software with the OS. Read the Article SunScreen, Part Two: Policies, Rules, and NAT The first article in this series introduced SunScreen 3.2, which is available as part of the Solaris 9 distribution. SunScreen is Sun Microsystem's firewall product and provides a variety of features that allow system and network administrators to secure their networks as well as provide for remote access capabilities. This article will cover the some of the rudimentary facilities in SunScreen such as adding and removing rules, setting up a remote management station, and network address translation. Read the Article Basic Intrusion Prevention using Content-based Filtering This article will discuss a very useful but seemingly overlooked functionality of Netfilter, a firewall code widely used in Linux, that provides content matching and filtering capabilities. Read the Article Firewall Comparison: Checkpoint Firewall-1 and Cisco PIX Checkpoint FW-1 has been the firewall market leader since shortly after its introduction in 1994/95. Its well designed GUI interface was, and still is, the best visual interface to any firewall product. This intuitive interface makes FW-1 easy to work with even for those new to firewalls. Why other firewall vendors have been so slow to copy the FW-1 interface is a question worth asking. The drawback to this GUI is that you have to use it; there is no ASCII menu or command line access. Read the Article Firewall Designs A chapter from "Building Firewalls with OpenBSD and PF, second edition". Discusses possible firewall configurations that pf can be used in. Also covers basic hardward and software firewalls, firewall policy, etc... Read the Article Linux Kernel 2.4 Firewalling Matures: netfilter In yet another set of advancements to the kernel IP packet filtering code, netfilter allows users to set up, maintain, and inspect the packet filtering rules in the new 2.4 kernel. This document explains those changes and tips on how to get started. Read the Article Firewall Evolution - Deep Packet Inspection Firewalls provide a variety of services to networks in terms of security. They provide for network address translation (NAT), virtual private networks (VPN), and filtering of traffic that does not conform to the network's stated security policy. There are many forms of firewalls from simple packet filters to circuit-level gateways to proxy firewalls. Firewalls are being asked to fill a larger and more varied role in network security these days than several years ago. One of the more recent innovations in firewall technology is the application of deep packet inspection or DPI. Deep Packet Inspection can be seen as the integration of Intrusion Detection (IDS) and Intrusion Prevention (IPS) capabilities with traditional stateful firewall technology. Traditional networks have a defined boundary demarcated by a firewall with an IDS sensor sitting behind it. Read the Article Page: 1 2 3 4 5 6 Members currently browsing this category:

Copyright 2008 AttackPrevention