Transparent, Bridging Firewall Devices
Matthew Tanase 2003-10-15
Introduction
There are many tools we use as network and security professionals to build a secure network. Routers, virtual private networks, intrusion detection systems and vulnerability scanners are regularly employed to tackle this challenging task. Many would agree that the foundation of such a defense is the firewall. While the traditional [...]
Connected the router we have the main switch, which in turn has several departmental switches, and in our case a quasi DMZ setup as explained below. Behind the firewall is the corporate web server plus a Microsoft Exchange server. Beyond that are normal workstations found in the various corporate departments, as well as their internal [...]
In part one and two of this article series we looked at how a personal firewall actually works and where it taps into the network stack to do its filtering. In part two we look at how easily the firewall’s operation can be circumvented by inserting a malicious Trojan into the network stack itself.
Fooling [...]
Israel G. Lugo, Don Parker 2005-06-08
The concept of a firewall still brings to mind the picture of an impenetrable brick wall, the unsurpassable magic protector of all that is good. The bold statements made by today’s security vendors only emphasize this, with claims of complete and automatic security, with a wall able to block all [...]
Software Firewalls: Made of Straw? Part 1 of 2
Israel G. Lugo, Don Parker 2005-06-08
The concept of a firewall still brings to mind the picture of an impenetrable brick wall, the unsurpassable magic protector of all that is good. The bold statements made by today’s security vendors only emphasize this, with claims of complete and automatic [...]
While I’m on the subject of encryption, I say it’s time everyone stopped coding their own homegrown encryption algorithms and just use well-accepted encryption standards. If you think that your custom triple-rot13-xor-encoded encryption function is unbreakable, think again. Why even bother with your own encryption when there is plenty of freely available code already out [...]
