Firewalk (computing)
   HOME

TheInfoList



Click Here for Items Related To - Firewalk (computing)
OR:
Firewalk (computing) on:   [Wikipedia]   [Google]   [Amazon]

Firewalking is a technique developed by Mike Schiffman and David Goldsmith that utilizes
traceroute In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes (paths) and measuring transit delays of packets across an Internet Protocol (IP) network. The history of the route is recorded as th ...
techniques and
TTL TTL may refer to: Photography * Through-the-lens metering, a camera feature * Zenit TTL, an SLR film camera named for its TTL metering capability Technology * Time to live, a computer data lifespan-limiting mechanism * Transistor–transistor lo ...
values to analyze IP packet responses in order to map networks and determine gateway ACL filters. It is an active reconnaissance
network security Network security consists of the policies, policies, processes and practices adopted to prevent, detect and monitor unauthorized access, Abuse, misuse, modification, or denial of a computer network and network-accessible resources. Network securi ...
analysis technique that attempts to determine which layer 4 protocols a specific firewall will allow. Firewalk is a software tool that performs Firewalking. To protect a firewall or gateway against firewalking one can block outgoing TTL messages to avoid exposing information about your network. Additionally, using Network address translation is useful to hide internal network addresses.


See also

*
Access Control List In computer security, an access-control list (ACL) is a list of permissions associated with a system resource (object). An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on giv ...
*
Firewall (computing) In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted ne ...
*
Traceroute In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes (paths) and measuring transit delays of packets across an Internet Protocol (IP) network. The history of the route is recorded as th ...


References


External links


Firewalk tool
an Open Source tool that determines gateway ACL filters and maps networks by analyzing IP packets responses.
WooterWoot
an Open Source set of tools that builds
Check Point Check Point is an American-Israeli multinational provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security and security managem ...
,
Cisco ASA In computer networking, Cisco ASA 5500 Series Adaptive Security Appliances, or simply Cisco ASA, is Cisco's line of network security devices introduced in May 2005. It succeeded three existing lines of popular Cisco products: * Cisco PIX, which prov ...
, or
Netscreen NetScreen Technologies was an American technology company that was acquired by Juniper Networks for US$4 billion stock for stock in 2004. NetScreen Technologies developed ASIC-based Internet security systems and appliances that delivered high per ...
policies from logfiles.
Use Firewalk in Linux/UNIX to verify ACLs and check firewall rule sets
article on using Firewalk, by Lori Hyde
CCNA CCNA (Cisco Certified Network Associate) is an information technology (IT) certification from Cisco Systems. CCNA certification is an associate-level Cisco Career certification. The Cisco exams have changed several times in response to the changin ...
.
firewalk(8) - Linux man page

GIAC / SANS Institute Description of Firewalking
Computer network security {{computer-security-stub