Firewalk (computing): Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 22:20, 7 January 2011 edit Ososolax (talk \| contribs) 10 edits →See also ← Previous edit		Latest revision as of 19:45, 9 August 2025 edit undo Bender the Bot (talk \| contribs) Bots 1,064,377 edits m →External links: HTTP to HTTPS for SourceForge Tag: AWB
(36 intermediate revisions by 22 users not shown)
Line 1: {{primary sources\|date=January 2011}} ~~Firewalking is a technique developed by Mike Schiffman and David Goldsmith that employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks.~~ '''Firewalking''' is a technique developed by Mike Schiffman and David Goldsmith that utilizes [[traceroute]] techniques and [[Time to live\|TTL]] values to analyze [[Internet Protocol\|IP packet]] responses in order to map networks and determine gateway [[Access Control List\|ACL]] filters. It is an active reconnaissance [[network security]] analysis technique that attempts to determine which layer 4 protocols a specific firewall will allow. Firewalk is a software tool that performs Firewalking. To protect a firewall or gateway against firewalking one can block outgoing TTL messages to avoid exposing information about your network. Additionally, using [[Network address translation]] is useful to hide internal network addresses. <ref> {{cite web \| title=Firewalk : Can Attackers See Through Your Firewall? \| url=https://www.giac.org/paper/gsec/312/firewalk-attackers-firewall/100588 \| access-date=2024-05-09 \| archive-url=https://web.archive.org/web/20220320023059/https://www.giac.org/paper/gsec/312/firewalk-attackers-firewall/100588 \| archive-date=2022-03-20 \| url-status=live \| last=Irby \| first=David \| year=c. 2000 \| work=GIAC Certifications }}</ref> == See also == * [[Access ~~control~~Control ~~list~~List]] * [[Firewall (computing)]] * [[Traceroute]] == References ~~and notes~~ == {{reflist}} == External links == * [http://packetstormsecurity.org/UNIX/audit/firewalk/ Firewalk tool], an Open Source tool that determines gateway ACL filters and ~~map~~maps networks by analyzing IP packets responses.▼ * [http://ethneo.free.fr/index.php/le-firewalking/ Tutoriel de firewalking] * [~~http~~https://sourceforge.net/projects/wooterwoot/ WooterWoot], an Open Source set of tools that builds ~~Checkpoint~~[[Check Point]], [[Cisco ASA]], or [[Netscreen]] ~~policiess~~policies from logfiles.▼ * [http://www.webopedia.com/TERM/F/firewalking.html Use Firewalk in Linux/UNIX to verify ACLs and check firewall rule sets], article on using Firewalk, by Lori Hyde [[CCNA]]. ~~===Projects===~~ * [http://linux.die.net/man/8/firewalk firewalk(8) - Linux man page] ▲* [http://packetstormsecurity.org/UNIX/audit/firewalk/ Firewalk tool], an Open Source tool that determines gateway ACL filters and map networks by analyzing IP packets responses. * [http://www.giac.org/paper/gsec/312/firewalk-attackers-firewall/100588 GIAC / SANS Institute Description of Firewalking] ▲* [http://sourceforge.net/projects/wooterwoot/ WooterWoot], an Open Source set of tools that builds Checkpoint, Cisco ASA or Netscreen policiess from logfiles. [[Category:Computer network security]] {{computer-security-stub}}