Firewall - Page 5

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

An Introduction to UFW, Ubuntu’s ‘Uncomplicated’ Firewall

Iptables are the cornerstone for configuring firewalls and managing network traffic in Linux. For the uninitiated, iptables can be complex and intimidating. However, most Linux distributions provide simpler front-end interfaces to manage iptables rul...
Dec 31, 2023
  356

The Open Source Firewall – IPFire 2.27 – Core Update 173 Released: What’s New?

Get ready to experience the best of IPFire 2.27 – Core ...
Mar 01, 2023
  786
32.Lock Code Circular Esm H115

IPFire Hardened Linux Firewall Distro Is Now Powered by Linux Kernel 6.1 LTS

IPFire 2.27 Core Update 173 is out to introduce support...
Feb 28, 2023
  749
20.Lock AbstractDigital Circular Esm H115

Discover Firewalls News

LS Hmepg 337x500 34 Esm H200

Facebook and web apps threaten network security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Traditional firewalls might not be enough, argues Palo Alto Networks founder Nir Zuk. The world is very different from the days when email ruled the roost and Yahoo, not Google, was the first search engine name that rolled off your tongue.

LS Hmepg 337x500 34 Esm H200

2011 tech priorities: Moving to a next-generation firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

What should enterprises expect if they want to make the transition from a traditional firewall to a next-generation firewall? It starts with a decidedly different way of thinking about security goals associated with a firewall, especially in terms of establishing application-aware controls over employees as they access the Internet, the Web and social networking sites. (See Unbatten the hatches.)

LS Hmepg 337x500 34 Esm H200

Review: Firewall operations management

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Anyone running multiple firewalls in a complex, enterprise environment knows how difficult it can be to catch misconfigurations, avoid conflicting rules, identify vulnerabilities and meet auditing and compliance mandates.

LS Hmepg 337x500 34 Esm H200

Talking with a Forbes blogger about firewalls

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is the second of two parts of an interview with Daniel Kennedy, MSIA, who graduated from the Master of Science in Information Assurance program in the School of Graduate Studies of Norwich University in 2008. He has recently become a contributor to an interesting, thoughtful and valuable blog at Forbes Online and I interviewed him recently about his new project.

LS Hmepg 337x500 34 Esm H200

Firewall audit dos and don'ts

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firewall audit products are maturing, but the product class is still a relatively young, small market, defined by compliance requirements. You have a fairly limited choice of vendors, including Tufin Software Technologies, AlgoSec, Secure Passage and Athena Security, which all come with firewall audit pedigrees, and RedSeal Systems and Skybox Security, which are primarily vendors of risk-mitigation tools, and so go beyond firewall audit to feature sophisticated risk-assessment and risk-management capabilities.

LS Hmepg 337x500 34 Esm H200

Firewall audit tools : features and functions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firewall audit tools automate the otherwise all-but-impossible task of analyzing complex and bloated rule sets to verify and demonstrate enterprise access controls and configuration change-management processes.

LS Hmepg 337x500 34 Esm H200

iScanner

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

iScanner is free open source tool lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically. This is a neat tool for those who have to do some clean up operation after a mass-exploitation or defacement on a shared web-host.

LS Hmepg 337x500 34 Esm H200

iptables rules for desktop computers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Today I will show you the iptables rules I set on my main personal computer, with detailed comments about why I came to use these rules after several years of Linux desktop usage. The rules I use now have been simplified as much as I could and are based on common rules and advice that can be found on the network and also on input I got from experienced network administrators. I

LS Hmepg 337x500 34 Esm H200

Flint

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can: CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can

LS Hmepg 337x500 34 Esm H200

Port Knocking

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Fred Stluka from Bristle.com just introduced me to port knocking -- a method of opening ports on a firewall by trying to connect with a series of ports in a pre-determined order. The sequence of "knocks" acts like a secret access code -- like tapping out the first couple of bars from your favorite song to tell someone inside that it's you.

LS Hmepg 337x500 34 Esm H200

Iptables Limits Connections Per IP

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

ow do I restrict the number of connections used by a single IP address to my server for port 80 and 25 using iptables? You need to use the connlimit modules which allows you to restrict the number of parallel TCP connections to a server per client IP address (or address block). This is useful to protect your server or vps box against flooding, spamming or content scraping.

LS Hmepg 337x500 34 Esm H200

Hacker pierces hardware firewalls with web page

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

On Tuesday, hacker Samy Kamkar demonstrated a way to identify a browser's geographical location by exploiting weaknesses in many WiFi routers. Now, he's back with a simple method to penetrate hardware firewalls using little more than some javascript embedded in a webpage.

LS Hmepg 337x500 34 Esm H200

Hitting a Wall: the Great UTM Challenge

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In the beginning was the firewall, and it was pretty good. A big box of rules that sat between your network and the evils of the Internet, the firewall examined ports and protocols to decide which packets got in and which were barred at the door. Then things got, as things often do, complicated. New threats came sneaking in on trusted protocols, ports and protocols became tangled, and looking inside packets became just as important as noting their source, destination, and type.

LS Hmepg 337x500 34 Esm H200

5 Best Linux/BSD Firewall Tools

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Over the course of recent years, some people have found the quality of most out-of-the-store firewall appliances either lacking functionality or worse, set at a price that has made them generally out of reach. Because of this issue, I thought it would be beneficial to write an article to better highlight what works and what does not with regard to turning an older PC into a standalone router/firewall appliance. What do you think about this list of firewall tools? Did they miss anyones that should be on it?

LS Hmepg 337x500 34 Esm H200

OSF - Passive OS Fingerprinting For IPtables

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Passive OS fingerprinting netfilter module allows to passively detect remote OS and perform various netfilter actions based on that knowledge. This module compares some data (WS, MSS, options and it's order, ttl, df and others) from packets with SYN bit set with dynamically loaded OS fingerprints. Starting from 2008_07_01 version OSF works only with Xtables, so you have to upgrade to recent kernels (and ename xtables support) and iptables (tested with 1.4.1.1). Also note, that Debian (starting from Lenny) has serious problems with iptables-dev package, which does not contain needed headers, so better install iptables from sources. Have you ever hear about a netfilter module that does passive OS fingerprinting? If you are interested in learning more about this check out this article.

LS Hmepg 337x500 34 Esm H200

Firewalk - Firewall Ruleset Testing Tool

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding device will pass. Firewalk works by sending out TCP or UDP packets with a TTL one greater than the targeted gateway. If the gateway allows the traffic, it will forward the packets to the next hop where they will expire and elicit an ICMP_TIME_EXCEEDED message. If the gateway hostdoes not allow the traffic, it will likely drop the packets on the floor and we will see no response. Do you need to test your firewall? This article look at the firewall rulset testing tool called Firwalk. Test it how and let us know what you think?

LS Hmepg 337x500 34 Esm H200

Simplify System Security With the Uncomplicated Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Uncomplicated Firewall (UFW) is a new tool from Ubuntu whose goal is to make configuration of the built-in Linux packet filter less complicated and more secure for novice users. You must run UFW commands as root, so in Ubuntu, you must preface them with the sudo command. With UFW, enabling and disabling packet filtering is a simple matter of issuing the sudo ufw enable and sudo ufw disable commands. You set the default policy for filtering packets by running the sudo ufw default command and passing the allow or deny argument, depending on what you want to achieve. If you issue the sudo ufw default allow command, all incoming packets will be allowed by default, creating a very unsecure packet filter but giving you the broadest range of allowed services. Have you tested the new Firewall tool from Ubuntu that says that it makes packet filtering easier? There are tons of GUI firewall tools who's goal is to make it easy for novice users. So my question is why do we need another one?

Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved