Re: TCP/IP filtering concepts presentation

["svyato slav" <svyato () list ru>]

Just an hour of concepts?  You could at least mention the potential failings of filtering ... FIN scans, tunnelling & 
covert channels, FTP "port" sploits, yada yada ...

-----Original Message-----

> From: "Small, Jim" <jim.small () eds com>
> To: firewall-wizards () honor icsalabs com
> Date: Wed, 26 Feb 2003 13:31:33 -0500
> Subject: [fw-wiz] TCP/IP filtering concepts presentation
>
> I'm going to do a presentation on TCP/IP filtering concepts in March.  In
> fact, if anyone near Detroit, Michigan in the States is interested...
> http://www.mug.org/meeting_location.php
>
> The presentation will be around an hour.  I'm looking for ideas on what to
> present.  Here's what I'm thinking:
> o Run through the IP, UDP, and TCP headers
> o Cover TCP flags (including valid/invalid combinations)
> o Run through sequence numbers to explain how "statefullness" works
> o Run through ICMP including the various types, including which types are
> necessary for the Internet to function correctly
> o Explain how NAT works including PAT and IP to IP mapping
> o Quickly walk through port forwarding, redirection, and "bouncing"
>
> o Finally I'm thinking of running through some of the major firewall
> products such as Check Point's FireWall-1, Cisco's PIX, Netscreen's
> appliances, Secure Computing's Sidewinder G2, Sun's SunScreen, and
> OpenSource firewalls including IP Filter, pf, IPTables, and ipfw.
>
> I have a lot of good sources to draw on including Stevens TCP/IP Illustrated
> series and O'reilly's Building Internet Firewalls.
>
> Does anyone have any recommendations, suggestions, or ideas that I am
> missing?  Also, if anyone has any material or sites they think would be
> helpful, I'd be grateful.
>
> Thanks,
>    <> Jim

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards