Welcome to中国防火墙网
Add to Favorites | Chinese
Introductory Hacker breaks through the technics of firewall
From;    Author:Stand originally

Strengthen as the safe consciousness of people now, firewall is used to ensure the safety of the network by company business commonly, general aggressor falls in the case that has firewall, inbreak very hard commonly. Talk below the charge that firewall environment falls and detect.

One firewall fundamental

Above all, we need to understand a few basic firewall to realize a principle. Firewall basically divides a bag to filter at present, the bag that detects with condition filters, apply an acting firewall. But their basic implementation is similar.

│ │---Road by implement-----The net blocks net of │ firewall │ to block │----------│ of in-house network │

Firewall has the network card of two above commonly, one arrives repeatedly exterior (Router) , another is to link in-house network. When opening function of transmit of lead plane network, two nets block the network news report between to be able to be passed directly. When having firewall, he is just like insert between net card, undertake controlling to all network news report.

Respecting visits control, this is the core of firewall: ) , firewall basically controls a watch to judge through a visit, his form is following a chain of regulation commonly:

Address of source of 1 Accept From, address of port To purpose, the action that port takes

2 Deny. . . . . . . . . . . (Deny refuses namely. .

3 Nat. . . . . . . . . . . . (Nat is address changeover. Say from the back)

Firewall is in network layer (include the following refine road layer) after accepting network data to wrap, express repeatedly from the regulation above a ground matchs, the movement that if accord with,carries out prearrange! If discard,wrap. . . .

But, different firewall, when judgement atttacks behavior, have the difference on implementation. Union realizes a principle to say possible charge below.

2 attack bag filters firewall

The bag filters firewall is the simplest a kind, it intercepts and capture network data bag in network layer, according to the regular table of firewall, will detect attack behavior. The source IP address that he includes according to data; Purpose IP address; TCP/UDP source port; TCP/UDP purpose port will filter! ! Get very easily as follows atttack:

1 Ip cheats attack:

This kind of attack, basically be the source that modification data includes, destination location and port, imitate a few lawful data to wrap those who will had cheated firewall to detect. Be like: Exterior aggressor, the address of network of interior of instead of datagram source address him, firewall sees is lawful address with respect to discharged: ) . But, if firewall can combine interface, the address will match, this kind of attack cannot succeed: (

2 D.o.s rejects to serve attack

Simple bag filters firewall cannot dog the condition of Tcp, be rejected to serve attack very easily, once firewall is atttacked by D.o.s, he may busy processing, and those who forgot him himself filter function. : ) you are OK Rao Guo, such attack are very few still nevertheless. !
Previous12 Next

About us | Legal Notices | Sitemap | Links | Partner