Firewalls in a Nutshell

Docs that have proven to be a staple in understanding computer/network security. This is not an inclusive forum and nothing ipublished will tell you how to 0wn someone, these docs will help you understand how you got 0wnd.

Firewalls in a Nutshell

Postby t3ch » Sun Aug 08, 2004 5:02 pm

OK, now if you really want to secure your box you are gonna need a few things. This is one of the most important ones. In a nutshell, a firewall is just protecting you from some of the really bad guys and bad things. Without a firewall on your box, you could easily get 0wn3d because you have nothing helping to protet you. If you don't have a firewall, and you leave a 'hole', all someone will have to do is exploit that hole, then BOOM! He/she can take over your computer. Not only does a firewall protect against hackers but it filters all of these packets that come in and out of your computer just to make sure everything is going ok . Now I will go into more depth with it all.

1)"So what are packets anyway?"
--Good question my nonexistent friend. Anytime you do ANYTHING on the Internet, you are sending and recieving these 'packets'. From surfin pr0n (not something that I enjoy) to sendin e-mails. When you happen to get one of those favored SPAM e-mails, Outlook Express will break the message about 'How to enlarge you penis size up to 2x in 2 days' into bytes. These bytes are what we cool people call packets. Each and every one of these packets has the information of its sender, recievee (I dont think thats a word but hey), and parts of the message that was being sent. Usually a packet will hold maybe 1,000 bytes to even 1,500. Gettin it now? Anyway, packets are (usually) split up into about 3 parts. The header, payload, and trailer. The header contains all the info on the stuff being sent with it. Some of the things being the packet number, which is what number the packet is in a series of packets. (Basically each packet is 'branded', just like those cows in old western movies.) Another important thing that the header carries is a few bytes that help organize what order the message came in. The body or payload of the packet is next. This is everything that is inside of a packet, when I say everything I am refering to the things being delivered to that special someone. The third part of the packet is called the trailer, pretty much just the part of the packet that says, "YO! thats all of it!" A lot of times it will have a wonderful thing called CRC or cyclic redundancy check which I dont even wanna start explainin. Now I hope you get what a packet really is.
-----------------------
2)"Tell me more about this firewall thing!"

Well, firewalls are a very important part of your everyday computing. In fact, they are so important to people like major corporations that a single fireall can cost up to $3000!!! Crazy stuff, eh? Well, unless you are some over protective sysadmin, you won't be needing that. Instead, you will want something as simple and cheap as Kerio Personal Firewall(http://www.kerio.com) or Zone-Alarm(http://www.zonelabs.com).

Now that you basically know how data flows through the Internet, you can understand me a bit better. And I won't have to explain things by saying things like, "..stuff.." Anyway, with this almighty firewall in place you can set rules on your network and for incoming connections. A rule might be, "Only xxx.xxx.xxx.xxx (<<IP address goes there)can access my computer through FTP". Setting up rules like these on a network can be a very good way of fending off those pesky relatives who wanna look at your uber files on your computer through the network, you get my point?

In order to control all the traffic going in and out and in and out (oo, that turns me on) of your computer your firewall will use 3 differnent methods::

1)Packet Filtering(static packet filter)- The firewall examines incoming and outgoing packets, and depending on the IP address, the packet will either be let through or thrown out.

2)Proxy service- Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa (howstuffworks.com)

3)Stateful inspection(dynamic packet filter)- This is kinda the exact opposite of static packet filetering. Instead of looking at the header of the packets for the information, which is what static packet filtering is, the firewall will look at not only the header but it will examine the context of the packet. Stateful inspection will examine a packet all the way down to what is called the Application Layer. Stateful inspection is a very good way to protect against IP spoofs and port scanning. Because the firewall will only allow the data that you want back in.
----------------------
4)"OK, so how does a hacker and/or cracker get into my computer even if I have a firewall on?"

Well, its all about the packet modification baby. Do you remember when I tolf you that the firewall would only allow the data you want back in? Well, if someone can get a packet to match the packets that you allow, they can get through. Kinda. You see, our computer has ports. Ports are where the packets come in and out of, but only for their specific service or program. So if you have a port open, you are 'listening' for packets. If someone were to make a packet look as though it is that specific programs type of packet, they can get through and it won't always be filtered out. But if someone were to just randomly send packets to that port, the packets would be filtered out. Get me?
----------------------
Well, this was my first tutorial that I wrote and went in depth with it. I learned a lot actually from writing this, and I hope to come up with an updated and much more detailed tutorial on this topic! Most likely something on NAT (Network Address Translation)
Sources::
http://www.howthingswork.com
http://www.webopedia.com
netsecurity.about.com
~t3ch
"Jesus does exist, he's in the trunk of my car..."
t3ch
n00b
 
Posts: 5
Joined: Sat Aug 07, 2004 11:50 pm
Yahoo Messenger: crakz_13@yahoo.com
AOL: CRaZyFeEt365
Location: Behind you...

Postby Shadowed Cipher » Thu Aug 12, 2004 10:58 am

Ok heres a sollution to all this .
GET LINUX
and
Make your own firewall with Iptables.
lol but if you use win32 then go with dis guy ;)
The hitman hired by linux to assasinate bill gates approched the door of room bill had rented.He saw the door was slighly ajar.He pushed it open and was astonished to see bill gate already lying dead. Looks like machintosh beat him to it.
User avatar
Shadowed Cipher
Hacker in Training
 
Posts: 76
Joined: Wed Aug 11, 2004 7:54 pm


Return to ā€œ%sā€ Security Tutorials

Who is online

Users browsing this forum: No registered users and 1 guest

cron