?
Solved

How to get help to design firewall

Posted on 2001-07-11
20
Medium Priority
?
308 Views
Last Modified: 2013-11-16
I want to design a firewall and I am now collect the document that talking about how to do this.
who can tell me where to get it !!!

sicerely yours
lovedelphi
0
Comment
Question by:lovedelphi
  • 6
  • 4
  • 3
  • +4
20 Comments
 
LVL 5

Expert Comment

by:Droby10
ID: 6272882
probably the best site for firewall principles and configuration is at http://www.phoneboy.com

0
 

Author Comment

by:lovedelphi
ID: 6275672
I have visite the http://www.phoneboy.com and find that there is limited thing I want. I want to know if there is a site that discuss the theory of the firewall and how to program a firewall.

thank you
lovedelphi
0
 

Author Comment

by:lovedelphi
ID: 6275740
I have visite the http://www.phoneboy.com and find that there is limited thing I want. I want to know if there is a site that discuss the theory of the firewall and how to program a firewall.

thank you
lovedelphi
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 5

Expert Comment

by:Droby10
ID: 6276559
ohhh...

probably the best you're going to do is by digging through source code for some of the unix-based firewalls.

here's a url that contains a list of various firewall sources

http://packetstormsecurity.org/UNIX/firewall/
0
 
LVL 3

Expert Comment

by:Bruce_R
ID: 6277828
there's a good article here.

http://www.securityportal.com/articles/prereq20010219.html

the rest of his articles are worth reading as well.

http://www.bastille-linux.org/jay/security-articles-jjb.html


0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6277979
For the theory of firewalls, you need to get some genuine paper book.  I usggest Checwick and Bellovin 's _Firewalls_and_Internet_Security_ and Chapman and Zwickey's _Building_Internet_Firewalls)
0
 
LVL 3

Expert Comment

by:ne0
ID: 6278909
There are several Web pages that will walk you through (some what) in configuring a box running a BSD/Linux/Unix variant to act as a firewall.

The FAQS:
http://www.faqs.org/faqs/firewalls-faq/

A Book:
http://www.wiley.com/legacy/compbooks/catalog/35366-3.htm

Some Articles:
http://tha.lmann.ch/projects/BBISEC/Setting_up_a_secured_OpenBSD_Box.html
http://members.theglobe.com/pattonme/firewall_guide.html
http://www.cpio.org/obsd_firewall.html
http://www.acme.com/firewall.html
http://vintners.net/~mikel/howto/firewall.html
http://www.onlamp.com/pub/a/bsd/2000/07/05/OpenBSD.html
http://www.openlysecure.org/content/html/ch9-27.html

Some Free Firewalls (floppy):
Linux Floppy Firewall - http://www.zelow.no/floppyfw/
NetBSD Floppy Firewall - http://www.dubbele.com/

Some Free Firewalls (Partition):
Smoothwall - http://www.smoothwall.org/
http://www.sentryfirewall.com/

I personally like these two articles:
http://members.theglobe.com/pattonme/firewall_guide.html
http://www.cpio.org/obsd_firewall.html

Even though some call OpenBSD the "lazy system administator's OS", one can't argue with the fact - "OpenBSD - Four years without a remote hole in the default install!"

Plus a floppy firewall (read-only) with the Harddisk used as log storage is pretty secure.

Hope This Helps

ne0
0
 

Author Comment

by:lovedelphi
ID: 6279329
Thank you for your advices and I now just want to design firewall on windows 2000 , and I want the resource about this field.

yours
lovedelphi
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6280401
In the Win* world, you're pretty much stuck with the more expensive commercial firewalls.  Check out PGP.com's (nee NAI's) Gauntlet and Symantec's Raptor.

But be aware that you could get a much better system for less money.  Either by using the same hardware to run Linux or OpenBSD and free firewall code, or by using a firewall appliance like Netscreen, Cisco PIX, or Intrusion.com's CheckPoint based appliance.
0
 
LVL 3

Expert Comment

by:ne0
ID: 6281378
I assume you mean a hardware based firewall rather than a software based one.

chris_calabrese is right on the money...

I wouldn't want to run a software firewall on the environment you stated. That would essentially still be allowing everyone to your server which is not good considering the vulnerabilities of the OS in question. Not to mention that Win OSes leave different fingerprints than Nix OSes. So If a vulnerability came out about the software firewall then you would still be in trouble.

Also don't forget the memory usage of the software based firewalls. Gauntlet I believe is TSR (Unsure though). None-the-less that would be one more program in memory that would be using the same system resources as the other application on that server... Example: IIS/Firewall on the same box.... SQL/Firewall.... eeeiiisshh

You would get a better product if you wnet with a BSD/Nix firewall or an appliance. At least then if someone is poking around in your system they will only get to you firewall, not your firewall/application server.

Hope This Helps

ne0
0
 
LVL 3

Expert Comment

by:ne0
ID: 6281396
It sounds like you want a software based firewall rather than a hardware based one.

chris_calabrese is right on the money...

I wouldn't want to run a software firewall on the environment you stated. That would essentially still be allowing everyone to your server which is not good considering the vulnerabilities of the OS in question. Not to mention that Win OSes leave different fingerprints than Nix OSes. So If a vulnerability came out about the software firewall then you would still be in trouble.

Also don't forget the memory usage of the software based firewalls. Gauntlet I believe is TSR (Unsure though). None-the-less that would be one more program in memory that would be using the same system resources as the other application on that server... Example: IIS/Firewall on the same box.... SQL/Firewall.... eeeiiisshh

You would get a better product if you wnet with a BSD/Nix firewall or an appliance. At least then if someone is poking around in your system they will only get to you firewall, not your firewall/application server.

Hope This Helps

ne0
0
 
LVL 3

Expert Comment

by:ne0
ID: 6281413
It sounds like you want a software based firewall rather than a hardware based one.

chris_calabrese is right on the money...

I wouldn't want to run a software firewall on the environment you stated. That would essentially still be allowing everyone to your server which is not good considering the vulnerabilities of the OS in question. Not to mention that Win OSes leave different fingerprints than Nix OSes. So If a vulnerability came out about the software firewall then you would still be in trouble.

Also don't forget the memory usage of the software based firewalls. Gauntlet I believe is TSR (Unsure though). None-the-less that would be one more program in memory that would be using the same system resources as the other application on that server... Example: IIS/Firewall on the same box.... SQL/Firewall.... eeeiiisshh

You would get a better product if you wnet with a BSD/Nix firewall or an appliance. At least then if someone is poking around in your system they will only get to you firewall, not your firewall/application server.

Hope This Helps

ne0
0
 
LVL 3

Expert Comment

by:ne0
ID: 6281418
It sounds like you want a software based firewall rather than a hardware based one.

chris_calabrese is right on the money...

I wouldn't want to run a software firewall on the environment you stated. That would essentially still be allowing everyone to your server which is not good considering the vulnerabilities of the OS in question. Not to mention that Win OSes leave different fingerprints than Nix OSes. So If a vulnerability came out about the software firewall then you would still be in trouble.

Also don't forget the memory usage of the software based firewalls. Gauntlet I believe is TSR (Unsure though). None-the-less that would be one more program in memory that would be using the same system resources as the other application on that server... Example: IIS/Firewall on the same box.... SQL/Firewall.... eeeiiisshh

You would get a better product if you wnet with a BSD/Nix firewall or an appliance. At least then if someone is poking around in your system they will only get to you firewall, not your firewall/application server.

Hope This Helps

ne0
0
 
LVL 3

Expert Comment

by:ne0
ID: 6281420
Sorry about those, looks like EE had a little downtown and it queued up.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 6286750
ditto ne0, go w/ H/W.  For Win2K consider following Microsoft lead (sample):

Microsoft Internet Security and Acceleration Server 2000 (ISA) Technical Overview
http://www.microsoft.com/TechNet/isa/isatecov.asp

"By default, no traffic can pass through the ISA Server. The packet-filtering feature of ISA Server allows the administrator to control the flow of IP packets to and from ISA Server. When packet filtering is enabled, all packets on the external interface are dropped unless they are explicitly allowed?either statically by IP packet filters or dynamically by access policy or publishing rules. "
0
 
LVL 4

Accepted Solution

by:
anzen earned 600 total points
ID: 6457281
I saw an article about win2k packet filtering interface on Windows Developers Journal some time ago, maybe You could do a quick search on WDJ site to find the article and to download the related code, it could be a good starting point.

To continue You could examine the APIs used to implement the filters and take a look at them through MSDN on line

0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6457345
Given MS's track record on high security coding, I woulnd't use MS ISA if you paid me.  It remains one of three firewalls on the market which have had exploitable vulnerabilities crop up in them.  This is the kiss of death for a security device.
0
 
LVL 4

Expert Comment

by:anzen
ID: 6459747

Just to be complete:

The WDJ issue is October 2000 (Vol 11, Nr 10)
and as for all others WDJ articles the full
code for a simple packet filter is available
for download

I used it to create a simple "fw" based on a text
file describing filtering rules, btw there's more
to do (like logging etc..) but imho it's a really
good starting point
0
 

Author Comment

by:lovedelphi
ID: 6478394
thank you anzen
lovedelphi
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Experts Exchange expands question security options for members.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question