RE: Basic NAT / Firewall Question
- From: "Fred McFeeters" <fredmcfeeters@xxxxxxxxx>
- Date: Fri, 18 Aug 2006 21:24:44 -0500
I don't know to much about this my self, but this is what I do know.
1. A firewall blocks all traffic you tell it and allows all traffic you
don't tell it to block. So how I setup my firewall (iptables)
22 & 80 are allowed in and then forward to the respective server, every
thing else is dropped.
2. The NAT portion of the firewall sends all packets from the external
interface to the internal, and unless you tell it otherwise it won't send
certain packets to certain machines.
3. My best advice is that you should Block all at the firewall and only
allow in what is needed, and also close all unneeded services on your hosts;
and finally if you can setup a host firewall on each internal server to
catch any thing that slips by the firewall.
-----Original Message-----
From: thatch [mailto:leethatcher@xxxxxxxxx]
Sent: Friday, August 18, 2006 12:29 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Basic NAT / Firewall Question
forgive me if this question seems pretty basic but could anyone tell explain
this to me.
i'm performing a practice assesment and i have located an IP of a web based
mail server (OWA). this server is sitting behind a hardware firewall (say
PIX or Checkpoint)that is NATing the IP Address to an internal non-routable
address. Now, if i use a tool such as Nmap to scan that external IP are my
scan results influenced by the Firewall. Do firewalls when NATing take all
traffic from the external IP and pass it to the internal nertwork and expect
the server to have the remaing services closed down or do they only take
traffic destined for a port and drop everything else. if it's the later,
when i scan am i only scaning the 1 port that is allowing traffic to be
forward to it?
Is there a way of determining if the firewall is blocking the traffic to the
other ports or if the Server has been locked down and is blocking them?
Any help would be appreciated.
Regards
Thatch
--
View this message in context:
http://www.nabble.com/Basic-NAT---Firewall-Question-tf2128555.html#a5874111
Sent from the Security Basics forum at Nabble.com.
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- References:
- Basic NAT / Firewall Question
- From: thatch
- Basic NAT / Firewall Question
- Prev by Date: shellcode development
- Next by Date: Re: Basic NAT / Firewall Question
- Previous by thread: Basic NAT / Firewall Question
- Next by thread: Re: Basic NAT / Firewall Question
- Index(es):
Relevant Pages
|
|
