Evading IDS, Firewalls & Honeypots
Firewall
A firewall is a hardware or software appliance to secure the internal trusted network from intruders by monitoring and controlling incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and an untrusted external network.
Types of Firewalls
- Packet filter firewalls
2. Circuit-level gateways
3. Stateful inspection firewalls
4. Application-level gateways
Packet Filter Firewalls
A packet filtering firewall is used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination Internet Protocol (IP) addresses, protocols and ports and this work on IP layer of TCP/IP. The packet filtering firewall examines the header of each packet based on a specific set of rules.
Circuit-level gateways
Circuit level gateways work at the session layer of the OSI model; they monitor TCP handshake to determine whether a requested session is legitimate or not. Information passed to a remote computer through a circuit level gateway firewall appears to be…
