General discussion

Locked

Fire wall leakage

By dmpastx329 ·
If there is a leakage on my firewall security system. what proper steps should i take to improve security on my current firewall software?

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Fire wall leakage

by James R Linn In reply to Fire wall leakage

You have to understand where the leaks are.

A couple of steps:

1) Go to the vendors webpage and find out about the latest and greatest in patches/revisions. You can also do websearches, look at places like CERT.ORG, or in security newsgroups for common information(its where the hackers look too).

2) Buy one of the tools out there that does an automated probe of your firewall based on known holes. Use it on a regular basis.

3) Hire an outside specialist to probe your firewall.

4)Get an intrusion detection system which monitors your firewall for suspicious activity.

Depending on your type of firewall and what you have to protect, you may take any or all of these steps.

James

Collapse -

Fire wall leakage

by dmpastx329 In reply to Fire wall leakage

Poster rated this answer

Collapse -

Fire wall leakage

by cavedweller In reply to Fire wall leakage

I assume that by "leakage" you mean unauthorized traffic. Firewalls tend to be rule based. The ones I'm familiar with compare traffic with a list of rules until a matching rule is found. The matching rule is applied to the traffic (allow, block, log, etc.). If no matching rule is found the firewall will take some default action. You should always add a default rule to the bottom of the list so that you can choose what happens. There is usually a seperate set of rules for incoming and outgoing traffic.

A prudent firewall philosophy is to add rules to explicitely allow the traffic you want to permit followed by a rule which blocks all the rest.

All this means nothing if you don't protect your firewall and your connection to theoutside world. Make sure users can't reconfigure or bypass the firewall.

If you want to verify the operation of your firewall you should periodically use a packet sniffer and look for traffic you thought you had blocked.

Collapse -

Fire wall leakage

by dmpastx329 In reply to Fire wall leakage

excellent answer thank you..

Collapse -

Fire wall leakage

by dmpastx329 In reply to Fire wall leakage

This question was closed by the author

Back to Security Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums