Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Firewalls:Iptables And Netfilters

  • Please log in to reply
No replies to this topic

#1 Aditya


  • Members
  • 8 posts
  • Local time:11:46 PM

Posted 07 May 2005 - 09:12 AM


In This Paper I Will Discuss About The FIREWALLS with NETFILTERS and IPTABLES.

A) Firewalls
a) Types
Pros And Cons.
Netfilters And IPTables

Knowledge Engine Starts Here:
Information security is commonly thought of as a process and not a product. However, standard security implementations usually employ some form of dedicated mechanism to control access privileges and restrict network resources to users who are authorized, identifiable, and traceable. Red Hat Linux includes several powerful tools to assist administrators and security engineers with network-level access control issues.
Aside from VPN solutions such as CIPE or IPSec , firewalls are one of the core components of network security implementation. Several vendors market firewall solutions catering to all levels of the marketplace: from home users protecting one PC to data center solutions safeguarding vital enterprise information. Firewalls can be standalone hardware solutions, such as firewall appliances by Cisco, Sonicwall, and Nokia. There are also proprietary software firewall solutions developed for home and business markets by vendors such as Checkpoint, McAfee, and Symantec.
Apart from the differences between hardware and software firewalls, there are also differences in the way firewalls function that separate one solution from another.
Network Address Translation (NAT) places internal network IP subnetworks behind one or a small pool of external IP addresses, masquerading all requests to one source rather than several
Can be configured transparently to machines on a LAN Protection of many machines and services behind one or more external IP address(es), simplifying administration duties Restriction of user access to and from the LAN can be configured by opening and closing ports on the NAT firewall/gateway
Cannot prevent malicious activity once users connect to a service outside of the firewall.
Packet Filter
Packet filtering firewalls read each data packet that passes within and outside of a LAN. It can read and process packets by header information and filters the packet based on sets of programmable rules implemented by the firewall administrator. The Linux kernel has built-in packet filtering functionality through the netfilter kernel subsystem

Customizable through the iptables front-end utility Does not require any customization on the client side, as all network activity is filtered at the router level rather than at the application level Since packets are not transmitted through a proxy, network performance is faster due to direct connection from client to remote host
Cannot filter packets for content like proxy firewalls Processes packets at the protocol layer, but cannot filter packets at an application layer Complex network architectures can make establishing packet filtering rules difficult, especially if coupled with IP masquerading or local subnets and DMZ networks

Proxy Firewalls filter all requests of a certain protocol or type from LAN clients to a proxy machine, which then makes those requests to the Internet on behalf of the local client. A proxy machine acts as a buffer between malicious remote users and the internal network client machines
Gives administrators control over what applications and protocols function outside of the LAN Some proxy servers can cache data so that clients can access frequently requested data from the local cache rather than having to use the Internet connection to request it, which is convenient for cutting down on unnecessary bandwidth consumption Proxy services can be logged and monitored closely, allowing tighter control over resource utilization on the network
Proxies are often application specific (HTTP, telnet, etc.) or protocol restricted (most proxies work with TCP connected services only) Application services cannot run behind a proxy, so your application servers must use a separate form of network security Proxies can become a network bottleneck, as all requests and transmissions are passed through one source rather than direct client to remote service connections

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users