May 31, 2006
Security Tools Galore
I'm working on recording a security video series right now and came across this link: http://www.insecure.org/tools.html. Can we say ROCK ON?!? This is a list of the top 75 security tools you can use to audit your network. This is guarentees at least two months of tinkering around with these widgets. My top 5 are:
#1 Ethereal (the ol' standby)
#2 Nessus (be your own auditing company)
#3 NMap (port scanning galore)
#4 Netcat (port redirection & general hacking widget)
#5 Snort (free IDS)
Posted by JC at 4:45 PM | Comments (1) | TrackBack
April 29, 2006
Guidelines on Firewalls and Firewall Policy
I just finished reading through the National Institute of Standards and Technology (NIST)'s Guidelines on Firewalls and Firewall Policy. It's actually very well written with casual-enough language to hold your attention. I thought I'd sum up some of the key points for blocking traffic in a good firewall design. The following traffic types should always be blocked:
- Inbound traffic from a non-authenticated source system with a destination address of the firewall itself
- Inbound traffic with a source address indicating that the packet originated on a network behind the firewall
- Inbound traffic containing ICMP
- Inbound or outbound traffic from a system using a source address that falls within the private address ranges show n in RFC 1918
- Inbound traffic from a non-authenticated source system containing SNMP
- Inbound traffic containing IP Source Routing information
- Inbound or outbound traffic containing a source or destination address of 127.0.0.1
- Inbound or outbound traffic containing a source or destination address of 0.0.0.0
- Inbound or outbound traffic containing a directed broadcast address
Like I said, really good reading. The whole article can be found at this link:
http://csrc.nist.gov/publications/nistpubs/800-41/sp800-41.pdf
Posted by JC at 2:00 PM | Comments (2) | TrackBack