Network & Security
Firewall is a security system which enforces access control policy between two networks. Many firewalls emphasize on blocking traffic while some emphasize on permitting traffic. Firewall is not about only technical implementation of tool, but it’s also strategy to be implemented for internet-reachable resources.
There are several types of firewall techniques, some of them are often used in combination.
Packet filter : This type of firewall looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. Packet Filtering uses the following factors to see if traffic has to be allowed or denied :
- Source and Destination IP address
– Protocol Type.
– Source Port and Destination Port.
Application gateway : Here security mechanisms are applied in application level. This is very effective, but can impose a performance degradation. Eg. FTP and Telnet servers.
Circuit-level gateway : Circuit-level gateways examine just TCP and UDP sessions. security rules are applied when connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
Proxy Server : Proxy relays between two networks, effectively hides the true network source and destication addresses. It also typically caches Web pages.
Stateful Inspection : Tracks the transaction to ensure that inbound packets were requested by the user. Generally can examine multiple layers of the protocol stack, including the data, if required, so blocking can be made at any layer or depth.
There are various freely ( Open Source ) and commercial ( licensed ) firewall packages available in the internet world. Below is the list of well-known firewall technology used on Linux systems. Some of them are provided as module/addon/package in operating system, web hosting control panels or embedded in hardware device.
m0n0wall ( Monowall )
Linux LiveCD Router
Sentry Firewall CD-ROM
UFW – Uncomplicated Firewall
OpenBSD and PF
Shorewall Shoreline Firewall
CensorNet Internet filtering software
Mandrakesoft’s integrated network security solution
Securepoint UTM 10 Security Appliances: Firewall
CheckPoint FireWall [Hardware appliance based]
Cisco ASA/PIX Network Firewall [Hardware appliance based]
Plesk Firewall Module
CSF ( ConfigServer Security & Firewall )
APF (Advanced Policy Firewall) Projects | R-fx Networks
Any action and/or method, process used to damage computer systems including hardware, software, networks can be referred as network attacks. The individuals or group performing network attacks are commonly referred to as network attackers or hackers or crackers. They use following forms illegally to compromise the security of the computer networks.
- Hacking ( Cracking ) Attacks.
- Unauthorized Access ( Reconnaissance )
- IP spoofing (Identity Spoofing)
- Server spoofing ( Spoofing Attacks: forging IP/MAC/Etc. )
- DNS poisoning ( DNSCache Poisoning )
- Session hijacking
- Sniffing : password grabbing ( Password cracking)
- Eavesdropping Attacks
- Port Scanning
- Exploits ( Exploitation of known weaknesses in programs )
- Brute Force: password attempts
- Buffer Overflows: httpd, ftpd, rpc/dcom
- DOS and DDOS – Distributed Denial of Service Attacks and DOS Denial of Service Attacks.
- Ping of death
- Ping Flooding Attack
- Smurf Attack
- Teardrop ( Trapdoors)
- Flooding: TCP SYN Flooding Attack , ICMP Flooding Flooding Attacks, Disassociation Attacks
- UDP Flood Attack
- SNMP Attack
- Disclosure Attacks
- Redirection: using ICMP, ARP, STP, MITM Attacks
- Logic Bomb – Dormant until an event triggers it (Date, user action, random trigger, etc.).
- Virus – Reproduces itself by attaching to other executable files. ,
- Trojan Horse – Comes with other software.
- Worm – Self-reproducing program. Creates copies of itself. Worms that spread using e-mail address books are often called viruses.
- Email Based Network Security Attacks
- Social Engineering
- SQL injection
- Phishing URLs, Type your Password Here
- Wireless Specific Network Security Attacks
- Send Mail Attack