Security Basics mailing list archives
RE: Basic NAT / Firewall Question
From: "Fred McFeeters" <fredmcfeeters () kc rr com>
Date: Fri, 18 Aug 2006 21:24:44 -0500
I don't know to much about this my self, but this is what I do know. 1. A firewall blocks all traffic you tell it and allows all traffic you don't tell it to block. So how I setup my firewall (iptables) 22 & 80 are allowed in and then forward to the respective server, every thing else is dropped. 2. The NAT portion of the firewall sends all packets from the external interface to the internal, and unless you tell it otherwise it won't send certain packets to certain machines. 3. My best advice is that you should Block all at the firewall and only allow in what is needed, and also close all unneeded services on your hosts; and finally if you can setup a host firewall on each internal server to catch any thing that slips by the firewall. -----Original Message----- From: thatch [mailto:leethatcher () gmail com] Sent: Friday, August 18, 2006 12:29 PM To: security-basics () securityfocus com Subject: Basic NAT / Firewall Question forgive me if this question seems pretty basic but could anyone tell explain this to me. i'm performing a practice assesment and i have located an IP of a web based mail server (OWA). this server is sitting behind a hardware firewall (say PIX or Checkpoint)that is NATing the IP Address to an internal non-routable address. Now, if i use a tool such as Nmap to scan that external IP are my scan results influenced by the Firewall. Do firewalls when NATing take all traffic from the external IP and pass it to the internal nertwork and expect the server to have the remaing services closed down or do they only take traffic destined for a port and drop everything else. if it's the later, when i scan am i only scaning the 1 port that is allowing traffic to be forward to it? Is there a way of determining if the firewall is blocking the traffic to the other ports or if the Server has been locked down and is blocking them? Any help would be appreciated. Regards Thatch -- View this message in context: http://www.nabble.com/Basic-NAT---Firewall-Question-tf2128555.html#a5874111 Sent from the Security Basics forum at Nabble.com. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Basic NAT / Firewall Question thatch (Aug 18)
- RE: Basic NAT / Firewall Question Fred McFeeters (Aug 21)
- Re: Basic NAT / Firewall Question List Spam (Aug 21)
- Re: Basic NAT / Firewall Question Christopher Stromblad (Aug 21)
- RE: Basic NAT / Firewall Question David Gillett (Aug 21)
- <Possible follow-ups>
- Re: Basic NAT / Firewall Question ricky (Aug 21)
- Re: Re: Basic NAT / Firewall Question anon (Aug 22)