Firewalls are very important to learn and understand. The consequences of not knowing about firewalls and not implementing it to a network or home computer could be disastrous. The following is a foundation to firewalls with practical uses ways of protecting ones system.
FIREWALLS PROTECT AGAINS
Application Backdoors � Programs such as Back Orifice allow for remote access through a backdoor or hidden access so hackers can manipulate the machine more completely than the user at the keyboard.
DoS (Denial of Service) � An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Therefore the hacker has caused the server to slowdown or eventually crashes.
IP Spoofing� an intrusion attempt in which a hacker sends TCP/IP packets using the address of another computer.
NetSpy Attack � A Trojan Horse attack that allows an attacker to carry out criminal activities on a remote computer by connecting to TCP port 1024.
Ping of Death � a denial of service attack which a ping request that crashes the target computer. It is caused by sending a fragmented IP packet.
Smurf Attack � An assault on a network that floods it with excessive messages in order to slow down normal traffic. It is accomplished by sending ping requests (ICMP echo requests) to a broadcast address on the target network or an intermediate network. This causes many echo responces sent to the target machine which can overflow the network.
SYN Flood Attack � Is a denial of servers attempt which TCP connection requests are sent faster than the system can process them. Therefore can either overload the server or cause it to crash.
PORTS TO BLOCK
The following are some of the ports that are strongly suggested to being blocked for they are commonly used by hackers as a door into someone computer. Though hackers use ports that are not listed here, these are the most popular.
Ports |
Protocol |
Description |
| 0 |
TCP/UDP |
OS type probe |
| 0-5 |
TCP |
Sscan signature |
| 5 |
ICMP |
Redirect |
| 8 |
ICMP |
Ping attack |
| 7 |
TCP/UDP |
Echo |
| 11 |
TCP |
systat |
| 15 |
TCP |
unassigned |
| 19 |
TCP/UDP |
chargen |
| 20, 21 |
TCP |
ftp |
| 25 |
TCP |
smpt |
| 53 |
TCP |
DNS |
| 87 |
TCP |
Link |
| 109, 110 |
TCP |
Pop |
| 111 |
TCP/UDP |
Sunrpc |
| 137, 138, 139 |
TCP/UDP |
NetBios |
| 143 |
TCP |
Imap |
| 144 |
TCP |
NeWS |
| 161, 162 |
UDP |
Snmp |
| 177 |
UDP |
xdmcp |
| 512 |
TCP |
rexec |
| 512 |
UDP |
biff |
| 513 |
UDP |
who |
| 514 |
UDP |
syslog |
| 515 |
TCP |
printer |
| 520 |
UDP |
route |
| 635 |
UDP |
mount |
| 1080 |
TCP |
socks |
| 1114 |
TCP |
SQL |
| 2000 |
TCP |
Openwin |
| 2049 |
TCP/UDP |
NFS |
| 6000+n |
TCP |
X11 |
| 12345, 12346, 20034 |
TCP |
NetBus |
| 31337 |
UDP |
Back Orifice |
| 31789, 31790 |
UDP |
Hack 'a' Tack |
Please bookmark us and tell your friends.
We will update often so please come back!!
©2003
Website created by LJR Computer Works. E-mail
LLIWSIHROFSIHTESUDOGYAM_WWJD
Top
