This video provides a brief review of firewall technology, including the Windows Firewall and Linux's IPTables.
- [Instructor] While many of today's breaches result from malware being delivered through web browsing and email accounts, direct penetration through hacking is still a significant issue. A key control to prevent this is the use of perimeter firewalls. These come in two forms. Personal firewalls on endpoint devices, and enterprise firewalls to protect business enclaves. These operate in essentially the same way. A firewall in its simplest form is designed to mediate access between two computers in different zones.
Typical examples being an internal user browsing the internet. And a connection from the internet into an internal business server. To do this, the firewall has a set of rules which instructs it to either allow or deny the connection based on various criteria, such as source and destination addresses, source and destination ports, and so on. Firewalls can be built into operating systems, or can be stand-alone devices. Let's start by looking at the firewalls built in to Windows and Linux.
Note: Learning about ethical hacking for perimeter defenses is part of the Evading IDS, Firewalls, and Honeypots competency from the Certified Ethical Hacker (CEH) body of knowledge.
- Understanding firewalls
- Applying the basics of the Windows Firewall
- Using advanced features in the Windows Firewall
- Reviewing firewall logs
- Understanding Linux iptables
- Setting up an iptables firewall
- Managing rules with Firewall Builder
- Setting up a Cisco PIX firewall
- Creating a secure enclave
- Installing GNS3
- Understanding web application firewalls
- Protecting API services with the WSO2 gateway
- Running the Cowrie honeypot
- Detecting intrusions with Security Onion