CJ
Uploaded byChirag Jain
PPT, PDF8,009 views

Firewall Penetration Testing

The document provides an overview of firewall penetration testing, discussing types of firewalls, their limitations, and evaluation methods. It outlines methodologies for testing firewalls, including information collection and attack strategies, while emphasizing the importance of independent testing and regular reassessment. Additionally, it highlights the challenges in finding reliable information on firewall security and the necessity of conducting penetration tests to maintain effectiveness over time.

Embed presentation

Downloaded 388 times
Firewall Penetration Testing In Computer Chirag JainScience Presented by:
INTRODUCTION • A firewall is a device that controls what gets in and comes out of our network. The firewall is placed between an organization network and the outside world. • We may want to protect information inside our network from being accessed by building internal firewalls. The outside world can be the Internet or another (untrusted) corporate network. • If we want to provide access to the general population to a part of our services then we have to establish a demilitarized zone DMZ.
Types of Firewalls Packet filtering gateways use Packet filtering gateways use the source or destination host the source or destination host to determine if the packet is to determine if the packet is allowed to pass the gateway. allowed to pass the gateway. Application level gateways (Proxies) do Application level gateways (Proxies) do not rely on general purpose not rely on general purpose mechanisms to allow traffic to pass but mechanisms to allow traffic to pass but use special purpose code for each use special purpose code for each desired service. desired service. Packet filtering Packet filtering gateways gateways Application level Application level gateways gateways
LIMITATIONS OF FIREWALLS While firewalls have their undeniable advantages in providing network security, they have also their limitations. We are connected to the outside world by a router, which is our typical single point of failure. Limitation 1. Quite costly 2. Traffic flow on the Internet is high today 3. Transmission rates are falling
EVALUATING A FIREWALL’S SECURITY • Before we buy a firewall or at least after we install one, we want typically to evaluate the security this device provides. To do so, we have principally the following options.
EVALUATING A FIREWALL’S SECURITY o o o o Vendor information Design analysis Examine Logs Firewall testing Block The firewall vendor can provide us information on the level of trust that can be expected from a firewall. 1. It is true, that they know their creation best but they also will never be objective. 2. At one hand, they will not be too thrilled to point you to a potential weakness in a highly competitive market. 3. They will maybe not flexible enough to objectively rate the dangers posed to this design.
EVALUATING A FIREWALL’S SECURITY o o o o Vendor information Design analysis Examine Logs Firewall testing Block The second possibility would be a design analysis. We get as much design information on a particular product and preferably the source code and you begin to dig for security problems. 1. Time consuming. 2. Requires considerable knowledge on firewall implementations. Example, to have a look how the firewall is handling buffers and buffer overflows would be surely one of the many points to check.
EVALUATING A FIREWALL’S SECURITY o Vendor information o Design analysis o Examine Logs o Firewall testing Block For this, we install the firewall and set up the filter rules according to our policy. After a certain amount of time,we examine the logs in detail. By examine the logs, we can detect and correct it. There are principally two problems 1.When we find a security problem by examining the logs it can be already too late and an intruder can already have broken into our systems. 2.Second, logging will never discover all attempts that have been made, and if we had a “smart” intruder, logs may have been altered.
EVALUATING A FIREWALL’S SECURITY o o o o Vendor information Design analysis Examine Logs Firewall testing Block With this technique, we perform tests to attempt to penetrate the firewall as well as to bypass it. Technical problems such as known vulnerabilities as well as misconfiguration and badly implemented security policies are exploited, if possible. Principally, we challenge the firewall from a hackers standpoint.
PROBLEM OF FIREWALL PENETRATION TESTING • The problems begin when you want to find information on this topic. • There is not really much publicly available. • In addition to the limited amount of information, [tools]. • Another problem that we face with firewall testing is, that it is not as advanced as the design of firewalls. • who performs the penetration testing. o Testing by the vendor o Hiring hackers o Do it ourselves o Third party
o o o o Testing by the vendor Hiring hackers Do it ourselves Third party • We don’t install firewalls solely by ourselves; the vendor is involved with it as well. Therefore during installation, they should already consider all the security problems. • If vendor can come up with new threats during the testphase that they did not think of during the design or installation of their product. • Another thought is that the vendor of a product is maybe less creative when testing it as they know too well what is working on their firewall.
o o o o Testing by the vendor Hiring hackers Do it ourselves Third party • Hackers may have the technical knowledge to test a firewall, but we can’t believe that they can maintain integrity to ensure that your company’s secrets are safe with them. • They probably obtained their knowledge with attempts to break into foreign systems (maybe yours).You will never be sure that hackers won’t make any security holes they find available to other hackers and/or download access or alter your proprietary information and data.
o o o o Testing by the vendor Hiring hackers Do it ourselves Third party • Third, firewall testing can be done by the company’s employees themselves. Here, we have to make sure that the people that are involved with installing or arranging/ updating the firewall are not doing the testing. • Tests have to be performed by an independent group. Principally, what we are looking for is integrity, independence, and experience. • Another important rule is that the technical capability exists to perform the testing and last but not least that the testers have the ability to formulate the test results in a report in an understandable (also by non technicians) way.
FIREWALL POLICY An internet firewall policy should contain the following points:  Security Requirements  Access control  Assurance  Logging  Alarming  Availability  Required Functionality  Outgoing services  Incoming services  Services provided to the internet
METHODOLOGY The firewall testing is structured in the following four steps: 1.Indirect information collection 2.Direct information collection 3.Attack from the outside 4.Attack from the inside
1. INDIRECT INFORMATION COLLECTION • First, we want to find out as much as possible about our target. To do so, we collect information first in a way that can not be detected by any logging or alarming system. • Use publicly available information from sources outside the network. • These are services like nslookup or whois to get an idea about the structure of the targeted network.
2. DIRECT INFORMATION COLLECTION • We would typically begin with looking for additional information that the company’s name server could have been stored on the network topology. • Valuable information can also be discovered in bounced mail headers. • If we want to get more information on vital systems in our target network, we can send an email message to a non-existent user. To get other topological information, we use automated tools like SATAN that perform this task for us.
3. ATTACK FROM THE OUTSIDE • Our targets are on one hand the firewall but also other designated systems like WWW server or hosts that seems to have a connection to the outside world. • This can give us additional advantages if the firewall trust these hosts or there were also examples that the file system of the firewall was mounted to the WWW server for easier maintenance. • Packet Filtering Firewalls – Blind IP Spoofing Attack – Non blind IP Spoofing Attack – Source Porting And Source Routing • Proxy Firewalls
4. ATTACK FROM THE INSIDE OF THE NETWORK • Before the firewall was installed, an employee could telnet into its computer during non office hours and check the mail or send his newest papers to a friend using FTP. Even worse, access to the internet (surfing) can be disabled (or audited) for a group of users. There are a lot of reasons that someone is not too happy with this firewall and he (or she) can try to disable it to gain back the old capabilities. In this case, the target is the firewall or probably more often the operating system on which the firewall is running. This belongs now not any more to network security but more to host security as this specific host (the firewall) is attacked. There are a few quite good tools that you (and anyone else!) can use to test for OS vulnerabilities (SATAN, ISS).
TESTING TECHNIQUES/TOOLS • Until now, I have described the methodology on firewall testing and how we are doing it in theory now we look how to perform an actual test. There are four approaches: o Manual probing o Interactive testing o Security Scanners o Hacking tools
CONCLUSIONS • In addition, it’s quite hard to get valid information on how to do the testing. However, if a penetration test is done properly by experienced people it can give us a valuable feedback on the effectiveness of a firewall. • These penetration tests have to be conducted regularly as firewalls are “eroding” with time. • Repeated firewall testing gives us a feedback if the firewall is maintained properly and no holes are punched through that could be exploited by hackers.
REFERENCES [1] Boran Sean, IT Security Cookbook, Draft V0.84 1996 [2] Cheswick / Bellovin, Firewalls and Internet Security,Addison-Wesley, 1994 [3] daemon9 / route/ infinity, IP-spoofing demystified, Phrack Magazine 48, http://www.fc.net/phrack/files/p48/p48-14.html [4] Peter Stephenson (interview), Cracking an Internet Firewall, http://www.venida.com/file/white/infosec1.htm [5] Schultz, E.E. (1996) Effective Firewall Testing. Computer Security Journal [6] Philip R. Moyer, A Systematic methodology for firewall Penetration testing
Thank You Chirag Jain about.me/chiragjain twitter.com/iChiragJain

More Related Content

PPTX
Network Security
bymoviebro1
 
PDF
Web Security
byDr.Florence Dayana
 
PPTX
Scanning and Enumeration in Cyber Security.pptx
byMahdiHasanSowrav
 
PDF
An overview of access control
byElimity
 
PPT
Firewalls
byRam Dutt Shukla
 
PPTX
Transport Layer In Computer Network
byDestro Destro
 
PPT
Network security cryptographic hash function
byMijanur Rahman Milon
 
PPTX
Dynamic interconnection networks
byPrasenjit Dey
 
Network Security
bymoviebro1
 
Web Security
byDr.Florence Dayana
 
Scanning and Enumeration in Cyber Security.pptx
byMahdiHasanSowrav
 
An overview of access control
byElimity
 
Firewalls
byRam Dutt Shukla
 
Transport Layer In Computer Network
byDestro Destro
 
Network security cryptographic hash function
byMijanur Rahman Milon
 
Dynamic interconnection networks
byPrasenjit Dey
 

What's hot

PPTX
Public key infrastructure
byAditya Nama
 
PPTX
Network security and cryptography
byPavithra renu
 
PPTX
Cryptography and network security
bypatisa
 
PPTX
Public Key Cryptography
byGopal Sakarkar
 
PPTX
Cryptography - Block cipher & stream cipher
byNiloy Biswas
 
PPTX
Network security - Defense in Depth
byDilum Bandara
 
PPT
Digital Signature
byMohamed Talaat
 
PPTX
Presentation on cyclic redundancy check (crc)
bySudhanshu Srivastava
 
PPTX
OSI Security Architecture
byuniversity of education,Lahore
 
PPTX
Protection and security
bymbadhi
 
PPTX
Introduction to Cybersecurity Fundamentals
byToño Herrera
 
PPT
Network Security Threats and Solutions
byColin058
 
PPTX
Introduction to Network Security
byJohn Ely Masculino
 
PDF
Network Security Presentation
byAllan Pratt MBA
 
PPTX
Social Engineering
byn|u - The Open Security Community
 
PPTX
Firewall and its types and function
byNisarg Amin
 
PPT
Ethical Hacking
byKeith Brooks
 
PPT
Wireless security presentation
byMuhammad Zia
 
PPTX
Cyber security
byPihu Goel
 
PPTX
Computer network layers
byKarthicaMarasamy
 
Public key infrastructure
byAditya Nama
 
Network security and cryptography
byPavithra renu
 
Cryptography and network security
bypatisa
 
Public Key Cryptography
byGopal Sakarkar
 
Cryptography - Block cipher & stream cipher
byNiloy Biswas
 
Network security - Defense in Depth
byDilum Bandara
 
Digital Signature
byMohamed Talaat
 
Presentation on cyclic redundancy check (crc)
bySudhanshu Srivastava
 
OSI Security Architecture
byuniversity of education,Lahore
 
Protection and security
bymbadhi
 
Introduction to Cybersecurity Fundamentals
byToño Herrera
 
Network Security Threats and Solutions
byColin058
 
Introduction to Network Security
byJohn Ely Masculino
 
Network Security Presentation
byAllan Pratt MBA
 
Social Engineering
byn|u - The Open Security Community
 
Firewall and its types and function
byNisarg Amin
 
Ethical Hacking
byKeith Brooks
 
Wireless security presentation
byMuhammad Zia
 
Cyber security
byPihu Goel
 
Computer network layers
byKarthicaMarasamy
 

Similar to Firewall Penetration Testing

PPT
Unified Threat Management
byTapas Shome
 
PPT
Myles firewalls
byShmulik Avidan
 
PPTX
Firewall presentation
bygaurav96raj
 
PDF
Cr32585591
byIJERA Editor
 
PPTX
Firewalls
byvaishnavi
 
PPTX
Firewall configuration and different types of firewall
byAladinDelfin
 
PPTX
Firwall configuration and its type of firewall
byAladinDelfin
 
PDF
Cr32585591
byIJERA Editor
 
PPTX
Firewalls-Intro
byAparna Bulusu
 
PPT
Firewall in tell communication_Basics.ppt
byMohammedAli580048
 
PPTX
Firewallpresentation 100826052003-phpapp02
byshivendra pratap singh
 
PDF
Firewallpresentation 100826052003-phpapp02
bydevidas shinde
 
PPT
Firewall audit
byVelliyangiri K.S
 
PPT
Firewall
bylmbriscoe
 
PPTX
Linta
bygalaxy201
 
PPTX
Linta
bygalaxy201
 
PPT
Tech 101: Understanding Firewalls
byLikan Patra
 
PPTX
Firewall
byMohanasundaram Nattudurai
 
PDF
We live in the earh seventy or eight years
byAyalewWakeyo1
 
PDF
shivam sahu (firewall).pdfb jndvhjfvhjjf
bysahushivam4928
 
Unified Threat Management
byTapas Shome
 
Myles firewalls
byShmulik Avidan
 
Firewall presentation
bygaurav96raj
 
Cr32585591
byIJERA Editor
 
Firewalls
byvaishnavi
 
Firewall configuration and different types of firewall
byAladinDelfin
 
Firwall configuration and its type of firewall
byAladinDelfin
 
Cr32585591
byIJERA Editor
 
Firewalls-Intro
byAparna Bulusu
 
Firewall in tell communication_Basics.ppt
byMohammedAli580048
 
Firewallpresentation 100826052003-phpapp02
byshivendra pratap singh
 
Firewallpresentation 100826052003-phpapp02
bydevidas shinde
 
Firewall audit
byVelliyangiri K.S
 
Firewall
bylmbriscoe
 
Linta
bygalaxy201
 
Linta
bygalaxy201
 
Tech 101: Understanding Firewalls
byLikan Patra
 
Firewall
byMohanasundaram Nattudurai
 
We live in the earh seventy or eight years
byAyalewWakeyo1
 
shivam sahu (firewall).pdfb jndvhjfvhjjf
bysahushivam4928
 

Recently uploaded

PDF
The new book “Marketing in the Metaverse” spotlights Scott M. Graffius’ research
byScott M. Graffius
 
PPTX
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
PDF
final.pdf
byomarbishtawi04
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PDF
Antminer S23Hyd-580_Manual-V1.1-oneminers.pdf
byFranzhLawrenceBataan1
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
PDF
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
PDF
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
PDF
How to Install XRDP on CentOS 10 .pdf
byGreen Webpage
 
PDF
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
PPTX
apidays Paris 2025 | Integration is Feminist: Building Peace in Distributed S...
byapidays
 
PPTX
Workflow and decision Automation with Flowable
bychakib ch
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PDF
How to Prepare for the RWA Tokenization Trend
byrose mason
 
PDF
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
The new book “Marketing in the Metaverse” spotlights Scott M. Graffius’ research
byScott M. Graffius
 
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
final.pdf
byomarbishtawi04
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
Antminer S23Hyd-580_Manual-V1.1-oneminers.pdf
byFranzhLawrenceBataan1
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
How to Install XRDP on CentOS 10 .pdf
byGreen Webpage
 
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
apidays Paris 2025 | Integration is Feminist: Building Peace in Distributed S...
byapidays
 
Workflow and decision Automation with Flowable
bychakib ch
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
How to Prepare for the RWA Tokenization Trend
byrose mason
 
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 

Firewall Penetration Testing

  • 1.
  • 2.
    INTRODUCTION • A firewallis a device that controls what gets in and comes out of our network. The firewall is placed between an organization network and the outside world. • We may want to protect information inside our network from being accessed by building internal firewalls. The outside world can be the Internet or another (untrusted) corporate network. • If we want to provide access to the general population to a part of our services then we have to establish a demilitarized zone DMZ.
  • 3.
    Types of Firewalls Packetfiltering gateways use Packet filtering gateways use the source or destination host the source or destination host to determine if the packet is to determine if the packet is allowed to pass the gateway. allowed to pass the gateway. Application level gateways (Proxies) do Application level gateways (Proxies) do not rely on general purpose not rely on general purpose mechanisms to allow traffic to pass but mechanisms to allow traffic to pass but use special purpose code for each use special purpose code for each desired service. desired service. Packet filtering Packet filtering gateways gateways Application level Application level gateways gateways
  • 4.
    LIMITATIONS OF FIREWALLS Whilefirewalls have their undeniable advantages in providing network security, they have also their limitations. We are connected to the outside world by a router, which is our typical single point of failure. Limitation 1. Quite costly 2. Traffic flow on the Internet is high today 3. Transmission rates are falling
  • 5.
    EVALUATING A FIREWALL’S SECURITY •Before we buy a firewall or at least after we install one, we want typically to evaluate the security this device provides. To do so, we have principally the following options.
  • 6.
    EVALUATING A FIREWALL’SSECURITY o o o o Vendor information Design analysis Examine Logs Firewall testing Block The firewall vendor can provide us information on the level of trust that can be expected from a firewall. 1. It is true, that they know their creation best but they also will never be objective. 2. At one hand, they will not be too thrilled to point you to a potential weakness in a highly competitive market. 3. They will maybe not flexible enough to objectively rate the dangers posed to this design.
  • 7.
    EVALUATING A FIREWALL’SSECURITY o o o o Vendor information Design analysis Examine Logs Firewall testing Block The second possibility would be a design analysis. We get as much design information on a particular product and preferably the source code and you begin to dig for security problems. 1. Time consuming. 2. Requires considerable knowledge on firewall implementations. Example, to have a look how the firewall is handling buffers and buffer overflows would be surely one of the many points to check.
  • 8.
    EVALUATING A FIREWALL’SSECURITY o Vendor information o Design analysis o Examine Logs o Firewall testing Block For this, we install the firewall and set up the filter rules according to our policy. After a certain amount of time,we examine the logs in detail. By examine the logs, we can detect and correct it. There are principally two problems 1.When we find a security problem by examining the logs it can be already too late and an intruder can already have broken into our systems. 2.Second, logging will never discover all attempts that have been made, and if we had a “smart” intruder, logs may have been altered.
  • 9.
    EVALUATING A FIREWALL’SSECURITY o o o o Vendor information Design analysis Examine Logs Firewall testing Block With this technique, we perform tests to attempt to penetrate the firewall as well as to bypass it. Technical problems such as known vulnerabilities as well as misconfiguration and badly implemented security policies are exploited, if possible. Principally, we challenge the firewall from a hackers standpoint.
  • 10.
    PROBLEM OF FIREWALL PENETRATIONTESTING • The problems begin when you want to find information on this topic. • There is not really much publicly available. • In addition to the limited amount of information, [tools]. • Another problem that we face with firewall testing is, that it is not as advanced as the design of firewalls. • who performs the penetration testing. o Testing by the vendor o Hiring hackers o Do it ourselves o Third party
  • 11.
    o o o o Testing by thevendor Hiring hackers Do it ourselves Third party • We don’t install firewalls solely by ourselves; the vendor is involved with it as well. Therefore during installation, they should already consider all the security problems. • If vendor can come up with new threats during the testphase that they did not think of during the design or installation of their product. • Another thought is that the vendor of a product is maybe less creative when testing it as they know too well what is working on their firewall.
  • 12.
    o o o o Testing by thevendor Hiring hackers Do it ourselves Third party • Hackers may have the technical knowledge to test a firewall, but we can’t believe that they can maintain integrity to ensure that your company’s secrets are safe with them. • They probably obtained their knowledge with attempts to break into foreign systems (maybe yours).You will never be sure that hackers won’t make any security holes they find available to other hackers and/or download access or alter your proprietary information and data.
  • 13.
    o o o o Testing by thevendor Hiring hackers Do it ourselves Third party • Third, firewall testing can be done by the company’s employees themselves. Here, we have to make sure that the people that are involved with installing or arranging/ updating the firewall are not doing the testing. • Tests have to be performed by an independent group. Principally, what we are looking for is integrity, independence, and experience. • Another important rule is that the technical capability exists to perform the testing and last but not least that the testers have the ability to formulate the test results in a report in an understandable (also by non technicians) way.
  • 14.
    FIREWALL POLICY An internetfirewall policy should contain the following points:  Security Requirements  Access control  Assurance  Logging  Alarming  Availability  Required Functionality  Outgoing services  Incoming services  Services provided to the internet
  • 15.
    METHODOLOGY The firewall testingis structured in the following four steps: 1.Indirect information collection 2.Direct information collection 3.Attack from the outside 4.Attack from the inside
  • 16.
    1. INDIRECT INFORMATION COLLECTION •First, we want to find out as much as possible about our target. To do so, we collect information first in a way that can not be detected by any logging or alarming system. • Use publicly available information from sources outside the network. • These are services like nslookup or whois to get an idea about the structure of the targeted network.
  • 17.
    2. DIRECT INFORMATION COLLECTION •We would typically begin with looking for additional information that the company’s name server could have been stored on the network topology. • Valuable information can also be discovered in bounced mail headers. • If we want to get more information on vital systems in our target network, we can send an email message to a non-existent user. To get other topological information, we use automated tools like SATAN that perform this task for us.
  • 18.
    3. ATTACK FROMTHE OUTSIDE • Our targets are on one hand the firewall but also other designated systems like WWW server or hosts that seems to have a connection to the outside world. • This can give us additional advantages if the firewall trust these hosts or there were also examples that the file system of the firewall was mounted to the WWW server for easier maintenance. • Packet Filtering Firewalls – Blind IP Spoofing Attack – Non blind IP Spoofing Attack – Source Porting And Source Routing • Proxy Firewalls
  • 19.
    4. ATTACK FROMTHE INSIDE OF THE NETWORK • Before the firewall was installed, an employee could telnet into its computer during non office hours and check the mail or send his newest papers to a friend using FTP. Even worse, access to the internet (surfing) can be disabled (or audited) for a group of users. There are a lot of reasons that someone is not too happy with this firewall and he (or she) can try to disable it to gain back the old capabilities. In this case, the target is the firewall or probably more often the operating system on which the firewall is running. This belongs now not any more to network security but more to host security as this specific host (the firewall) is attacked. There are a few quite good tools that you (and anyone else!) can use to test for OS vulnerabilities (SATAN, ISS).
  • 20.
    TESTING TECHNIQUES/TOOLS • Untilnow, I have described the methodology on firewall testing and how we are doing it in theory now we look how to perform an actual test. There are four approaches: o Manual probing o Interactive testing o Security Scanners o Hacking tools
  • 21.
    CONCLUSIONS • In addition,it’s quite hard to get valid information on how to do the testing. However, if a penetration test is done properly by experienced people it can give us a valuable feedback on the effectiveness of a firewall. • These penetration tests have to be conducted regularly as firewalls are “eroding” with time. • Repeated firewall testing gives us a feedback if the firewall is maintained properly and no holes are punched through that could be exploited by hackers.
  • 22.
    REFERENCES [1] Boran Sean,IT Security Cookbook, Draft V0.84 1996 [2] Cheswick / Bellovin, Firewalls and Internet Security,Addison-Wesley, 1994 [3] daemon9 / route/ infinity, IP-spoofing demystified, Phrack Magazine 48, http://www.fc.net/phrack/files/p48/p48-14.html [4] Peter Stephenson (interview), Cracking an Internet Firewall, http://www.venida.com/file/white/infosec1.htm [5] Schultz, E.E. (1996) Effective Firewall Testing. Computer Security Journal [6] Philip R. Moyer, A Systematic methodology for firewall Penetration testing
  • 23.