NAT technology, 253–267
employing Linux-based SOHO firewall solution,
263–265
hardware and software solutions options, 260–263
plugging SOHO firewall leaks, 265–267
securing SOHOs with firewall protection, 257–260
NATs, routers, and firewalls, 251
Net. See also Subnet
Net meeting firewall requirements, 157
Netstat utility, 164
Network addressing flaws, standard, 108–110
DMZ drawback, 109–110
network address port translation, 109
network address translation, 109
Network addressing mode, standard, 107–108
Network based, host or, 71
Network connection logs, 308
Network interconnections, 367–369
Network threats, 232–236
behavior of employees, 232–234
e-mail, 234
hackers, 236
spyware, 235–236
viruses, 234–235
Network trust relationships, 33–34
high, 33
low to medium, 33–34
Networks
creating trusted, 144–145
encryption with virtual private, 290
external, 34
firewall connections and public, 34
logging and statistics on, 15
perimeter, 26
transport and, 278–279
Networks, identifying trusted and untrusted, 142–145
creating trusted networks, 144–145
firewall stops here, 142–144
Networks solution, Lucent-Enterasys secure, 88
New threats, handling, 239–240
NICs (network interfaces cards), 25
NTFS, 118
Numbers, port, 165–170
Object discovery process, 132–134
Objects, firewall security, 131–135
Office VPN, remote, 96
Operating systems (OSs), 115–124, 131
Microsoft, 115–121
UNIX, 121–124
Operation, rogue DSL rescue, 104
Organization Internet site, securing one’s, 187–197
Organizational risk assessment, 236–238
Organizations, establishing security of, 363–365
firewalls, 364–365
OS fingerprinting, 195
OSs (operating systems), 115–124, 131
Microsoft, 115–121
UNIX, 121–124
Outbound packet, 152
P2P (person-to-person) communication, 249–250
Packet analysis, perimeter, 140–142
Packet attacks, 67
Packet filtering
deploying, 225–226
gateways, 26, 27
router, 226
simple, 50–53
Packet filters
rules, 305
workings of, 52
Packet inspection, 72–90
Packet sniffing, 195
Packets
inbound, 152
outbound, 152
Passthrough, simple, 103
Password cracking, 66
Perimeter nets, siting external servers on, 217–225
search engines, 222–223
security of SQL and web servers, 219–222
SQL server security, 224–225
Perimeter network, 26
Perimeter packet analysis, 140–142
Phantoms and honey pots, 68–69
Philosophical diametric, 100
Phone tap, 12
Physical firewall security, 38
Ping of death, 197
Pinhole routing, 207
PKI (public key infrastructure), 243
Packet-filtering firewalls, traditional, 51
Point, choke, 12
Poisoning, DNS cache, 196
Policies
developing firewall security, 393–396
examples of service-specific, 43–48
examples of general, 41–43
firewall, 97–100
414 Index

Get Firewalls now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.