Firewalk (computing): Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 00:47, 1 January 2011 edit Ososolax (talk \| contribs) 10 edits No edit summary ← Previous edit		Latest revision as of 19:45, 9 August 2025 edit undo Bender the Bot (talk \| contribs) Bots 1,064,377 edits m →External links: HTTP to HTTPS for SourceForge Tag: AWB
(40 intermediate revisions by 23 users not shown)
Line 1: {{primary sources\|date=January 2011}} ~~Firewalking is a technique developed by Mike Schiffman and David Goldsmith that employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks.~~ '''Firewalking''' is a technique developed by Mike Schiffman and David Goldsmith that utilizes [[traceroute]] techniques and [[Time to live\|TTL]] values to analyze [[Internet Protocol\|IP packet]] responses in order to map networks and determine gateway [[Access Control List\|ACL]] filters. It is an active reconnaissance [[network security]] analysis technique that attempts to determine which layer 4 protocols a specific firewall will allow. Firewalk is a software tool that performs Firewalking. To protect a firewall or gateway against firewalking one can block outgoing TTL messages to avoid exposing information about your network. Additionally, using [[Network address translation]] is useful to hide internal network addresses. <ref> {{cite web \| title=Firewalk : Can Attackers See Through Your Firewall? \| url=https://www.giac.org/paper/gsec/312/firewalk-attackers-firewall/100588 \| access-date=2024-05-09 \| archive-url=https://web.archive.org/web/20220320023059/https://www.giac.org/paper/gsec/312/firewalk-attackers-firewall/100588 \| archive-date=2022-03-20 \| url-status=live \| last=Irby \| first=David \| year=c. 2000 \| work=GIAC Certifications }}</ref> == See also == * [[~~Traceroute~~Access Control List]] * [[Firewall (computing)]] * [[~~Access_control_list~~Traceroute]] == References ~~and notes~~ == {{reflist}} == External links == * [http://packetstormsecurity.org/UNIX/audit/firewalk/ Firewalk tool], an Open Source tool that determines gateway ACL filters and maps networks by analyzing IP packets responses. * http://ethneo.free.fr/index.php/le-firewalking/ Tutoriel de firewalking] * [https://sourceforge.net/projects/wooterwoot/ WooterWoot], an Open Source set of tools that builds [[Check Point]], [[Cisco ASA]], or [[Netscreen]] policies from logfiles. * [http://www.webopedia.com/TERM/F/firewalking.html Use Firewalk in Linux/UNIX to verify ACLs and check firewall rule sets], article on using Firewalk, by Lori Hyde [[CCNA]]. ~~===Projects===~~ * [http://~~packetstormsecurity~~linux.~~org~~die.net/~~UNIX~~man/~~audit~~8/firewalk/ ~~Firewalk~~firewalk(8) - Linux man ~~tool~~page] * [http://www.giac.org/paper/gsec/312/firewalk-attackers-firewall/100588 GIAC / SANS Institute Description of Firewalking] [[Category:Computer network security]] {{computer-security-stub}}