|
Facial recognition, 162
Federal Communications Commission (FCC), 13
Federal Deposit Insurance Corporation (FDIC), 12
Federal Information Processing Standards (FIPS), 130
Fiber-optic media, 59, 63
vulnerability to sniffing, 60, 278
File Transfer Protocol (FTP)
firewall configuration issues, 227–228
password vulnerability, 155
FIN bit, 106, 214
Fingerprinting, 162
Firewalls
anti-spoofing rules, 191
application layer, 199
bastion hosts, 115
defining, 189
encrypted traffic and, 201, 279
fragmented packets and, 78
ICMP vulnerabilities and, 86
integrated OS appliance, 245
interfaces, 211–212
intrusion detection systems and
IDS placement, 266–267
integrated ("one-box") solutions, 269–270
reactive IDS, 268–269
limitations, 200–201
limiting denial-of-service, 228–236
bandwidth throttling, 229
committed access rate, 230–231
null interface routing, 234
reverse path forwarding, 232–234
source routing, 235–236
TCP interception, 231–232
maintenance, 201, 242–245
modularity, 39
multiple devices, 202
parallel configuration, 202
series configuration, 202–203, 208
NAT and, 92, 93–94, 200, 245–251
network performance and, 208
non-standard ports and, 103
packet filtering, 189–193
proxies, 195–199
router functionality and configurations, 70, 202, 204–222, See also Firewalls, configuration of; Routers, configuration as firewalls
router security considerations, 203–207
selection considerations, 200–203
stateful packet filters, 193–195
supporting changes, 245
SYN filtering, 111–112
traffic from wireless network, 344
vendor issues, 242–244
VPN integration, 331–335
Firewalls, configuration of, 209–221, 253
defining traffic, 212
example rule sets
Check Point, 241–242
Cisco access list, 239–241
Linux IPchains, 238–239
FTP and, 227–228
ICMP traffic, 214–216
illegitimate source addresses, 205–206, 220
logging, 219
packet filtering limitations, 223–224
permitted traffic, 220–221
outbound traffic, 216–218
return traffic, 212–216
protocol considerations, 226–227
reconfiguration, 358
rule ordering, 218–219
security policy and, 209–211
stateful packet filtering, 223–226
testing, 221–222
writing and applying filters, 236–242
logging rule matches, 238
port definition, 237
protocol options, 237
rule ordering, 236
Footprinting, 352–357
Forensic disk reading software, 371
Forensics investigation procedures, 377–380, See also Incident response
Fragmentation, IP packets, 76–79
Frame Relay, 64, 65, 72, 83, 281–282, 285, 304
packet prioritization, 337
Frequency division multiplexing (FDM), 281
FTP, See File Transfer Protocol
|