Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Linux Lab 21 Firewall Definitions

    Загружено:

    smile4ever54
    58 просмотров1 страница
    Firewall definitions Example implemented firewall policies Policy Egress filtering Description Restrictive: Only explicitly authorized packets may exit the protected host hostile hosts are shunned: all related inbound and outbound traffic is blocked. Remote clients can access remote DNS, FTP, HTTP, HTTPS, RSYNC, SMTP, WHOIS. Other services are blocked.

    Исходное описание:

    Авторское право

    © Attribution Non-Commercial (BY-NC)

    Доступные форматы

    PDF или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    Firewall definitions Example implemented firewall policies Policy Egress filtering Description Restrictive: Only explicitly authorized packets may exit the protected host hostile hosts are shunned: all related inbound and outbound traffic is blocked. Remote clients can access remote DNS, FTP, HTTP, HTTPS, RSYNC, SMTP, WHOIS. Other services are blocked.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате PDF или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    58 просмотров1 страница

    Linux Lab 21 Firewall Definitions

    Загружено:

    smile4ever54
    Firewall definitions Example implemented firewall policies Policy Egress filtering Description Restrictive: Only explicitly authorized packets may exit the protected host hostile hosts are shunned: all related inbound and outbound traffic is blocked. Remote clients can access remote DNS, FTP, HTTP, HTTPS, RSYNC, SMTP, WHOIS. Other services are blocked.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате PDF или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 1

    Linux Workshop

    Lab 21 Firewall definitions


    Example implemented firewall policies Example implemented user defined chains
    Policy Description Chain Description
    Egress filtering Restrictive: Only explicitly BADIP Checks for unwanted source and
    authorized packets may exit destination IP addresses
    the protected host
    SHUN Checks for hostile source and destination
    Ingress filtering Restrictive: Only explicitly IP addresses
    authorized packets may enter
    the protected host FLAGS Checks for unwanted TCP flag
    combinations
    Hostile hosts Hostile hosts are shunned: all
    related inbound and outbound FLOOD Checks for excessive rate of arrival of
    traffic is blocked SYN packets

    Inbound ICMP Only the following messages IN Checks for inbound TCP/UDP datagrams
    are authorized: destination
    unreachable, parameter OUT Checks for outbound TCP/UDP
    problem, source quench, and datagrams
    time exceeded
    IN_ICMP Checks for inbound ICMP messages
    Outbound ICMP Only the following messages
    are authorized: destination OUT_ICMP Checks for outbound ICMP messages
    unreachable, fragmentation
    needed, parameter problem, LBADIP Logs and drops packets having unwanted
    source quench source and destination IP addresses

    Inbound services Remote clients can access LDROP Logs and drops packets
    SSH and Web services. Other
    services are blocked. LFLAGS Logs and drops packets having unwanted
    TCP flag combinations
    Outbound services Local clients can access
    remote DNS, FTP, HTTP, LFLOOD Logs and drops SYN packets
    HTTPS, RSYNC, SMTP, SSH,
    WHOIS. Other services are LSHUN Logs and drops packets from shunned
    blocked. hosts

    Logging Blocked packets go to the Theory Modules


    Syslog service LPIC 1 Certification Bible, isbn 0-7645-4772-0
    ➢ p. 721-727 Blocking unwanted connections with
    Ping Only specified hosts IPChains (kernel version 2.2).
    Downloadable manual(www.novell.com/documentation)
    Special IP's Blocked on the Internet SUSE LINUX Enterprise Server – Install. and Admin.
    interface (such as RFC 1918: ➢ p. 643-651 Masquerading and Firewalls
    private IP addresses)

    SYN flood SYN's are blocked when a


    threshold is exceeded (blunting
    the effect of a SYN flood Extra References
    attack)
    ➢ www.tldp.org
    TCP flags Accept only official ➢ www.ethereal.com
    combinations (blocking TCP ➢ Red Hat Linux Firewalls, Bill McCarty,
    scans such as the ID check isbn 0-7645-2463-1
    and the Christmas tree attack) ➢ /scripts/firewall/ directory on the course DVD.

    © October 2, 2005, wiki.novell.com/index.php/Roberts_Quick_References, author of Foundations of Linux networking

    Вам также может понравиться