Firewall Unleashed

Introduction

Firewalls are used to monitor and control the inbound and outbound traffic on the protected network. They have an ability to block and allow the internal as well as external services within the network. Before allowing access to the service, a firewall may also force the client / user to pass through an authentication. Sometimes a firewall can be also used in IPSEC tunnels as a platform. It monitors security-related events.

Detecting Firewall/IPS via hping3 Before Starting Your Pentest

Before starting your network/web application security auditing it is always good to detect whether your target server is running any firewall/IPS or not. It has been always a best practice and method to send some crafted packets to the server in order to check the response form the server. In this article you will learn how to craft packets and how to send the server on their various ports using hping3. Also you will analyze each and every request coming and going from your machine to your target. Here my target is www.chintangurjar.com which's IP I have taken.

How Common Attacks Are Being Blocked By Linux IPTABLES

Here in this section I am going to discuss some common attacks can be done on any type of Linux machine and I will also describe that how they are being blocked by iptables.

ICMP Flood | Ping Traffic

This is also known as ping of death attack or an ICMP flood. One must block ping traffic by using iptables. One must block all ICMP incoming packets from outside connection. You can let it allow for your internal network.  Below command shows how ICMP flood can be dropped by using iptables.DROP is used for dropping packet.