VESARiA Network Security Specialists
About Vesaria Services Consulting Partners Research Customers Contact Us

Firewall Testing




  • Contents
  • 1 Administrativia
    • 1.1 About the FAQ
    • 1.2 For Whom Is the FAQ Written?
    • 1.3 Before Sending Mail
    • 1.4 Where Can I find the Current Version of the FAQ?
    • 1.5 Where Can I Find Non-English Versions of the FAQ?
    • 1.6 Contributors
    • 1.7 Copyright and Usage
  • 2 Background and Firewall Basics
    • 2.1 What is a network firewall?
    • 2.2 Why would I want a firewall?
    • 2.3 What can a firewall protect against?
    • 2.4 What can't a firewall protect against?
    • 2.5 What about viruses?
    • 2.6 Will IPSEC make firewalls obsolete?
    • 2.7 What are good sources of print information on firewalls?
    • 2.8 Where can I get more information on firewalls on the Internet?
  • 3 Design and Implementation Issues
    • 3.1 What are some of the basic design decisions in a firewall?
    • 3.2 What are the basic types of firewalls?
      • 3.2.1 Network layer firewalls
      • 3.2.2 Application layer firewalls
    • 3.3 What are proxy servers and how do they work?
    • 3.4 What are some cheap packet screening tools?
    • 3.5 What are some reasonable filtering rules for a kernel-based packet screen?
      • 3.5.1 Implementation
      • 3.5.2 Explanation
    • 3.6 What are some reasonable filtering rules for a Cisco?
      • 3.6.1 Implementation
      • 3.6.2 Explanations
      • 3.6.3 Shortcomings
    • 3.7 What are the critical resources in a firewall?
    • 3.8 What is a DMZ, and why do I want one?
    • 3.9 How might I increase the security and scalability of my DMZ?
    • 3.10 What is a `single point of failure', and how do I avoid having one?
    • 3.11 How can I block all of the bad stuff?
    • 3.12 How can I restrict web access so users can't view sites unrelated to work?
  • 4 Various Attacks
    • 4.1 What is source routed traffic and why is it a threat?
    • 4.2 What are ICMP redirects and redirect bombs?
    • 4.3 What about denial of service?
    • 4.4 What are some common attacks, and how can I protect my system against them?
      • 4.4.1 SMTP Server Hijacking (Unauthorized Relaying)
      • 4.4.2 Exploiting Bugs in Applications
      • 4.4.3 Bugs in Operating Systems
  • 5 How Do I...
    • 5.1 Do I really want to allow everything that my users ask for?
    • 5.2 How do I make Web/HTTP work through my firewall?
    • 5.3 How do I make SSL work through the firewall?
    • 5.4 How do I make DNS work with a firewall?
    • 5.5 How do I make FTP work through my firewall?
    • 5.6 How do I make Telnet work through my firewall?
    • 5.7 How do I make Finger and whois work through my firewall?
    • 5.8 How do I make gopher, archie, and other services work through my firewall?
    • 5.9 What are the issues about X11 through a firewall?
    • 5.10 How do I make RealAudio work through my firewall?
    • 5.11 How do I make my web server act as a front-end for a database that lives on my private network?
    • 5.12 But my database has an integrated web server, and I want to use that. Can't I just poke a hole in the firewall and tunnel that port?
    • 5.13 How Do I Make IP Multicast Work With My Firewall?
  • A Some Commercial Products and Vendors
  • B Glossary of Firewall-Related Terms
  • C TCP and UDP Ports
    • C.1 What is a port?
    • C.2 How do I know which application uses what port?
    • C.3 What are LISTENING ports?
    • C.4 How do I determine what service the port is for?
    • C.5 What ports are safe to pass through a firewall?
    • C.6 The behavior of FTP
    • C.7 What software uses what FTP mode?
    • C.8 Is my firewall trying to connect outside?
    • C.9 The anatomy of a TCP connection
  • References

Vesaria, LLC

Firewall FAQ
Table of Contents

Next Section: Administrativia

Find out more about VESARiA Firewall Testing.

© 2000 - 2018 Vesaria Network Security Specialists        
   About Vesaria   |   Legal   |   Privacy   |   Contact