Loading...
Please wait, while we are loading the content...
Similar Documents
Firewall penetration testing (1997).
| Content Provider | CiteSeerX |
|---|---|
| Author | Haeni, Reto E. |
| Abstract | Firewalls are often regarded as the only line of defense needed to secure our information systems. A firewall is a device that controls what gets in and comes out of our network. Unfortunately, a firewall has also its weaknesses if not installed properly and if we don’t implement an appropriate security policy. In this paper, I describe a methodology to perform firewall penetration testing. Before we perform the actual testing, I also discuss hot to decide who will perform it. The firewall vendor and hackers are in my point of view not a solution. We are looking for an independent group that we trust for integrity, experience, writing skill and technical capabilities. If we have these resources in our company then we can perform the test by ourselves; otherwise we can outsource it. The firewall testing is divided into four steps: ♦ Indirect information collection ♦ Direct information collection ♦ Attack from the outside ♦ Attack from the inside We have principally two types of firewall and I list here the most basic attack approaches. These attacks are tailored to the type of firewall we are testing. Packet filtering firewall ∗ Blind IP-Spoofing ∗ Non blind IP-Spoofing ∗ Source porting and source routing Application level firewalls (proxies) ∗ Bad security policy ∗ Policy poorly implemented ∗ SOCKs incorrectly configured ∗ Brute force attacks ∗ Enabled services/ports Security scanners can be of help in conducting firewall testing but cannot replace manual tests. To just run a security scanner against a firewall should not be accepted by the client as a penetration test. If a penetration test is done properly by experienced people it can provide valuable feedback on the effectiveness of a firewall. It can also be misleading. It does not mean that “we” are secure now! Passing a firewall test simply means that the firewall defeated all of our attack approaches. Maybe a hackers can think of something else and break into our systems exploiting a weakness we did not test for. However, firewall testing gives us a basic understanding that our firewall is working properly. |
| File Format | |
| Publisher Date | 1997-01-01 |
| Access Restriction | Open |
| Subject Keyword | Penetration Testing Penetration Test Manual Test Basic Attack Approach Service Port Security Scanner Application Level Firewall Attack Approach Experienced People Outside Attack Firewall Testing Brute Force Attack Ip-spoofing Source Porting Appropriate Security Policy Security Scanner Technical Capability Firewall Blind Ip-spoofing Non Firewall Test Information System Bad Security Policy Policy Basic Understanding Actual Testing Firewall Penetration Firewall Vendor Valuable Feedback Independent Group |
| Content Type | Text |
