Firewall - Page 4 - Results from #60

Discover Firewalls News

Securing Your Linux Server With Iptables

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

'Spamming', when used in a different context, does not necessarily have to be email specific. If you ever had a chance to play arcade fighter's such as Street Fighter 2, you'll notice that certain fighters have "cheap" moves that can be "used over and over", such as M. Bison's scissor kick corner trap (ah the old days). A player could pretty much "spam" this combo over and over. The interesting part about this cheap combo is that it could be countered just as easily with some skill. A basic set of good iptables rules is the perfect counter punch to a slew of common spamming attacks - no need to have SpamAssassin or procmail process the email when it doesn't even get through the front lines! Read on to gain a good base understanding of iptables and its rules. Ha-dou-ken!

Brittany Day
Jul 20, 2007

IPS app available for free

Network managers looking for an inexpensive way to better secure traffic crossing their nets might want to check out a free application from Intoto. Intoto, a provider of security software for enterprise network equipment and CPE gateways, last week at Interop, introduced a stand-alone intrusion-prevention system (IPS) application that the company says will help small and midsize companies looking for enterprise-scale security tools.

Brittany Day
May 30, 2007

NuFW brings IPv6 support

The Now User Filtering Works (NuFW) team has announced the initial release of the 2.2 stable branch. NuFW is a user-authenticating firewall that runs on top of the the Netfilter framework. This release includes several new features, including complete support for IPv6.

Anthony Pell
May 30, 2007

IPv6 firewalling knows no middle ground

Two months ago, we published Everything you need to know about IPv6, telling you the following about firewalling IPv6 in relationship to the Network Address Translation that is common in today's IPv4 home routers. If you have a router or home gateway that supports IPv6, make sure that it, too, filters IPv6. A stateful filter that allows outgoing connections and return traffic, but not incoming connections is closest to the IPv4 NAT filtering functionality. This is in line with the recommendations in a document that the Internet Engineering Task Force's IPv6 Operations (v6ops) working group is developing:

Benjamin D. Thomas
May 09, 2007

AlgoSec Raises Firewall Security Risk Management Bar

AlgoSec announced its latest version which provides a web-user interface to ensure policy compliance and maximize network efficiency. AlgoSec Firewall Analyzer solutions provide risk management, change management, automated audit, and security and policy compliance capabilities in easy to deploy and use offerings. AlgoSec

Bill Keys
Apr 24, 2007

Check Point VPN-1 Power Ups the Bar

Check Point

Brittany Day
Mar 13, 2007

Danger inside the firewall

Between the latest firewall technology and advanced intrusion detection systems, IT professionals are breathing a little easier. This is a big mistake. It may be easier to protect the network from external attack these days, but the greatest security risks still come from inside the DMZ. I work for a small, single-branch credit union in Minneapolis, and I am a one-man shop. If there's a technical problem, I'm the guy who has to fix it. Once a year, auditors from a large accounting firm come in to perform an audit for our year-end financial statements. In the past, the only tech support I needed to provide was to set up a local printer they could use from their laptops. I couldn't have given them access to my network if I wanted to, as their techs had their laptops locked down, and I couldn't make any changes to their setup.

Benjamin D. Thomas
Feb 21, 2007

Computer Associates to Market Learn-by-Example Firewall

Computer Associates, a business software vendor will market a 'host-based' firewall that learns-by-example to provide better security of computers and computer networks, the company said. The firewall provides centrally managed computer security and simplifies deployment on Windows systems, the company said.

Bill Keys
Feb 09, 2007

Simple Firewall Configuration Using NetFilter/iptables

Most major Linux distributions, SuSE ones included, feature some user interface for firewall configuration. There's nothing wrong with them but I couldn't get quite the configuration I wanted and chose to create configurations manually. The iptables man pages are really a documentation of syntactical detail of the iptables command line and don't provide guidance on composition of a firewall from a series of rules. There's a lot of scattered information about iptables that can be found using your favourite search engine but none of it quite taught me what I needed to know. In the end I figured out what I needed using a Vmware virtual machine running SuSE Linux Pro 10.0. The following is offered as documentation of simple firewall configuration using iptables. Verifying that the resultant firewall adequately secures the relevant hosts is left as an exercise for the reader.

Benjamin D. Thomas
Dec 05, 2006

Book: Designing and Implementing Linux Firewalls and QoS using netfilter, iproute, NAT and l7-filter

Firewalls are used to protect your network from the outside world. Using a Linux firewall, you can do a lot more than just filtering packets. This book shows you how to implement Linux firewalls and Quality of Service using practical examples from very small to very large networks. After giving us a background of network security, the book moves on to explain the basic technologies we will work with, namely netfilter, iproute2, NAT and l7-filter. These form the crux of building Linux firewalls and QOS. The later part of the book covers 5 real-world networks for which we design the security policies, build the firewall, setup the script, and verify our installation. Providing only necessary theoretical background, the book takes a practical approach, presenting case studies and plenty of illustrative examples.

Anthony Pell
Nov 08, 2006

JavaScript Malware Strikes Firewalls

All ports were open to the world and practically every application had holes in it. It was like the Wild West. Eventually application security became a big deal as more serious issues were uncovered and more commerce depended upon secure platforms. Network security was next on the scene. It made sense to build a single choke point for all security needs. It was slick because it could see all the packets in transit to and from your servers, and turn off all access to anything that had a known hole in it. Those were the good times. Times have since changed.

Brittany Day
Oct 31, 2006

Cisco Flaws Leave Firewalls, VPNs Vulnerable

Network routing and switching giant Cisco Systems has issued an alert for a potentially serious security flaw affecting multiple firewall products, warning that the bug could cause passwords to be changed without any user interaction.

Brittany Day
Aug 26, 2006

SSH Tunnels: Bypass (Almost) Any Firewall

The goal of this article is to present a few effective methods to revamp the way you work in a restricted corporation-like network. In order to achieve it we

Brittany Day
Aug 24, 2006

Firewall Chip Gets Funding

EU funding of 2 million Euros has been announced for a major new three-year project to develop a re-configurable photonic 'firewall on a chip'. Called WISDOM, (WIrespeed Security Domains Using Optical Monitoring), the new system will plug a major gap in the global data network security armoury - the lack of tools to implement security checks and algorithms directly at high optical data communications rates.

Brittany Day
Aug 01, 2006

Super Firewall Aims to Stop DDOS

Computer researchers in Europe are developing a new prototype architecture for halting distributed denial-of-service (DDOS) attacks, where a barrage of traffic is directed at a Web site or server to shut it down.The Diadem Firewall deploys both hardware and software on the edge of a provider's network rather than within, said Georg Carle, chair of the computing and Internet department at the University of T

Brittany Day
Jul 31, 2006

iptables: The Linux Firewall Administration Program

"Packet-Filtering Concepts," covers the background ideas and concepts behind a packet-filtering firewall. Each built-in rule chain has its own default policy. Each rule can apply not only to an individual chain, but also to a specific network interface, message protocol type (such as TCP, UDP, or ICMP), and service port or ICMP message type number. Individual acceptance, denial, and rejection rules are defined for the INPUT chain and the OUTPUT chain, as well as for the FORWARD chain, which you'll learn about at the end of this chapter and in Chapter 6, "Packet Forwarding." The next chapter pulls those ideas together to demonstrate how to build a simple, single-system, custom-designed firewall for your site.

Benjamin D. Thomas
Jul 20, 2006

Installing a firewall on Ubuntu

Ubuntu's desktop install provides a bunch of useful software for desktop users, but it doesn't install a firewall by default. Luckily, it's really simple to get a firewall up and running on Ubuntu. Frankly, I'm glad that the default install doesn't set up a firewall. Most of my computers live behind a firewall at all times anyway, and I've always been annoyed by installers that demand I deal with firewall questions when I've already got the situation well in hand. If I want a firewall on a machine, I can set one up on my own. Since Ubuntu is, in part, aimed at corporate desktops, a firewall is unnecessary for many installations.

Benjamin D. Thomas
Jul 04, 2006

Standards In Desktop Firewall Policies

The idea of a common desktop firewall policy in any size organization is a very good thing. It makes responses to external or internal situations such as virus outbreaks or network-oriented propagation of viruses more predictable. In addition to providing a level of protection against port scanning, attacks or software vulnerabilities, it can provide the organizations local security team a baseline or starting point in dealing with such events. The purpose of this article is to discuss the need for a desktop firewall policy within an organization, determine how it should be formed, and provide an example of one along with the security benefits it provides an organization.

Brittany Day
Jun 07, 2006

Security Without Firewalls: Sensible Or Silly?

For years, infosec experts have called the firewall a critical ingredient to security, whether it's in a large enterprise or on a home PC. But the San Diego Supercomputer Center (SDSC) has defied that logic with what some would consider surprising success. Abe Singer, computer security manager for the SDSC's Security Technologies Group, explained how companies can maintain strong firewall-free security at the 2006 USENIX Annual Technical Conference Thursday. He has also produced a presentation (.pdf) on the subject.

Brittany Day
Jun 06, 2006

MicroWorld to Launch Futuristic Network Firewall

MicroWorld Technologies launched its futuristic, enterprise class firewall eConceal. eConceal is a comprehensive network firewall developed to prevent unauthorized access to a computer or network connected to the Internet. It enforces a boundary between two or more networks by implementing default or user-defined Access Control Policies or Rules. These rules function as filters by analyzing data packets to see if they fulfill the filter criteria and then allow or block the traffic accordingly.

Brittany Day
May 27, 2006

Linux Firewall

An Introduction to UFW, Ubuntu’s ‘Uncomplicated’ Firewall

The Open Source Firewall – IPFire 2.27 – Core Update 173 Released: What’s New?

IPFire Hardened Linux Firewall Distro Is Now Powered by Linux Kernel 6.1 LTS