© Mike O'Leary 2019
Mike O'LearyCyber Operationshttps://doi.org/10.1007/978-1-4842-4294-0_17

17.  Firewalls

Mike O’Leary1 
(1)
Towson, MD, USA
 

Introduction

Network firewalls allow a defender to segment their network into different zones; one common architecture has a DMZ for external facing systems and a separate internal network. Linux distributions like IPFire can be used as the anchor point for such networks; these can be implemented virtually using VMWare Workstation or VirtualBox. IPFire controls traffic in and out of these networks, allowing for network address translation (NAT) and egress filtering. IPFire also provides a range of services, including logging, a time server, and a web proxy.

An attacker able to gain access on a system behind ...

Get Cyber Operations: Building, Defending, and Attacking Modern Computer Networks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial