Welcome to OpenDEN
Custom Search
Firewalls
A firewall is a hardware or software solution to enforce security policies. In the physical security analogy, a firewall is equivalent to a door lock on a perimeter door or on a door to a room inside of the building - it permits only authorized users such as those with a key or access card to enter. A firewall has built-in filters that can disallow unauthorized or potentially dangerous material from entering the system. It also logs attempted intrusions.
From : www.tecrime.com/0gloss.htm
IPFilter
IPFilter is a software package that can be used to provide network address translation (NAT) or firewall services. To use, it can either be used as a loadable kernel module or incorporated into your UNIX kernel; use as a loadable kernel module where possible is highly recommended. Scripts are provided to install and patch system files, as required.
IPFilter keeps its own set of statistics on:
packets blocked
packets (and bytes!) used for accounting
packets passed
packets logged
attempts to log which failed (buffer full)
and much more, for packets going both in and out.
The current implementation provides a small set of tools, which can easily be used and integrated with regular unix shells and tools. Amongst these tools is a new addition, ipftest, which is provided so that you can test a rule set before committing it to use in your kernel. A brief description of the tools provided:
ipf - reads in a set of rules, from either stdin or a file, and adds them to the kernels current list (appending them). It can also be used to flush the current firewall rule set or delete individual firewall rules.
ipfstat - interrogates the kernel for statistics on packet processing, so far, and retrieves the list of firewall rules in operation for inbound and outbound packets.
ipftest - reads in a ipf rule file and then applies sample IP packets to the rule file. This allows for testing of firewall rule list and examination of how a packet is passed along through it.
ipmon - reads buffered data from the logging device (default is /dev/ipl) for output to either:
* screen (standard output)
* file
* syslog
ipsend - generates arbitary IP packets for ethernet connected machines.
ipresend - reads in a data file of saved IP packets (ie snoop/tcpdump/etherfind output) and sends it back across the network.
iptest - contains a set of test "programs" which send out a series of IP packets, aimed at testing the strength of the TCP/IP stack at which it is aimed at. WARNING: may crash machine(s) targeted!
ipnat - reads in a set of rules, from either stdin or a file and adds them to the kernels current list of active NAT rules. NAT rules can also be deleted using ipnat.
IPFilter keeps its own set of statistics on:
packets blocked
packets (and bytes!) used for accounting
packets passed
packets logged
attempts to log which failed (buffer full)
and much more, for packets going both in and out.
The current implementation provides a small set of tools, which can easily be used and integrated with regular unix shells and tools. Amongst these tools is a new addition, ipftest, which is provided so that you can test a rule set before committing it to use in your kernel. A brief description of the tools provided:
ipf - reads in a set of rules, from either stdin or a file, and adds them to the kernels current list (appending them). It can also be used to flush the current firewall rule set or delete individual firewall rules.
ipfstat - interrogates the kernel for statistics on packet processing, so far, and retrieves the list of firewall rules in operation for inbound and outbound packets.
ipftest - reads in a ipf rule file and then applies sample IP packets to the rule file. This allows for testing of firewall rule list and examination of how a packet is passed along through it.
ipmon - reads buffered data from the logging device (default is /dev/ipl) for output to either:
* screen (standard output)
* file
* syslog
ipsend - generates arbitary IP packets for ethernet connected machines.
ipresend - reads in a data file of saved IP packets (ie snoop/tcpdump/etherfind output) and sends it back across the network.
iptest - contains a set of test "programs" which send out a series of IP packets, aimed at testing the strength of the TCP/IP stack at which it is aimed at. WARNING: may crash machine(s) targeted!
ipnat - reads in a set of rules, from either stdin or a file and adds them to the kernels current list of active NAT rules. NAT rules can also be deleted using ipnat.
Loading .....
Recently Viewed Categories
Recently Viewed Products
