Mastering Firewalls

Properly-configured firewalls are mandatory in today's hostile Internet environment

Misconfigured firewalls can keep customers from reaching your web site and sending you email. The most highly-publicized example of this was on January 23, 2001 when Microsoft's entire Internet site was down for over a day due to their misconfigured firewall. Why it took over a day to recover from this is a mystery. Reconfiguring a firewall takes a few minutes if you possess the right knowledge.

This course will focus on the packet filtering firewall that's built-in to the Linux kernel. The Linux kernel is extremely stable and, properly configured, highly resistant to attack - characteristics that you want in a firewall. Today, anyone can deploy a firewall at little or no cost since Linux is free.

This course will focus on how you configure the Linux firewall by writing rules directly using command line tools and plain text files. However, we'll show you scripted and graphical tools that you can use as well.

This course will bring you up to speed on firewall concepts quickly. You'll understand the issues and minimize your risk of attack.

Course contents

Introduction

Firewall topologies

choke point, DMZ, etc.

One firewall or two?

Segregation of services

Protocols that are not secure

telnet, ftp, rsh, pop3, etc.

alternatives such as SSL, SSH, etc.

Firewall platforms

Unix/Linux

Windows NT/2000/XP

NetWare

Core Protocols

IPv4 and IPv6

IP addressing

source and destination addresses

IP addressing notations

subnetting

ICMP functions

Pings of Death

TCP & UDP

ports

source and destination ports

ephemeral ports

three-way handshake

Application Protocols

The normal operation of these protocols are discussed as well as the firewall rules that could/should be used.

HTTP

DNS

allow all ports or just ephemeral?

SMTP, POP3, IMAP

FTP

SSH

RealAudio

etc.

Linux Firewalls

Firewall code in 2.2 and 2.4 kernels

Input, output, forward and user-defined chains

Why user-defined chains are useful

Policies - ACCEPT, DENY, etc.

Writing rules

Logging rules violations

reviewing the logs

making sense of log entries

changing your rules based on what you see in the logs

Miscellaneous Topics

Scripted Tools

Graphical Tools

TCP Wrappers

Port Forwarding

Copyright © 1999-2004 by the Accelerated Learning Center. All rights reserved.