Hello guys ..I am Romeo64 and it's is my second post. .....let's begin :)
In the path of hacking...the one thing which has to be evaded several times by any hacker is a damn FIREWALL ..I believe that to evade it one must have knowledge about its working....
A Firewall is basically a software installed on your OS...as a preventive measure against the growing threat of network vulnerabilities and protecting ...sensitive and confidential information that is been stolen..frequently.
There have been recent developments in firewall technology. ..
BASICALLY FIREWALLSFIREWALLS ARE OF TWO TYPES :
- Software firewall
- Hardware firewall
Software Firewall :
This is basically a software installed on your OS and is in charge of providing security to your network by using various methods. ..
still awake..!! :D.ALRIGHT LET'S SEE THESE METHODS ...AND HACKS TO EVADE THEM...
- Simple packet filtering :
This is the most basic method used by a firewall...for security. .in this method the firewall examines header of each packet to determine it's source address and port..
REMEMBER a firewall works on some specific rules and guidelines defined by the user and only allows communication over some recognised ports generally till port 443..hence will block all the packets coming from unknown ports.
- Observing packet behaviour :
Firewall observes packet behaviour for malicious activities such as port scanning etc...
- Firewall Proxy Server :
Here I am assuming that you have a basic understanding about PROXY SERVER (for those who don't know about a PROXY SERVER )
This is most secure method available ( but hey!! nothing is perfect )
In this method a proxy a set up and all the packets from both ends ( i.e from within and outside the LAN ) are forced through this proxy which works on the guidelines of firewall is used for deep examination of packets ...and thus can examine HTTP and SMTP packets too...
Alright that's enough for now ..WE WILL LOOK AT HACKS FOR EVADING THE FIREWALL NEXT MY NEXT POST IN NEAR FUTURE ...:D
- Hardware firewall :
Is basically a device specially designed and hardwired for examining and filtering packets of your network ..simple enough. .
To get a visual idea about the difference between software and hardware firewall
https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcQDgoIkEZtlDbMB_7Fe5j5bKl29lihEGTgg9tnbXTqWAvJNDjO4AA
FEEL FREE TO ASK ALL YOUR DOUBTS ...
Good Luck ....
6 Responses
So a firewall proxy server is basicly a server functioning as a physical firewall with the advantage that the IP is different from the node behind it?
What is this? A picture for ants?! haha, im jk. But seriously that picture is tiny.
UNHOLY SODA. .
YUP ...the point is firewall proxy server basically forces all the traffic to pass through it...so that it can examine all the data in it .....it can be HTTP FTP SMTP Rather anything. ...it deeply examines every packet...
but don't worry there are ways to bypass this proxy. .which I will be demonstrating in next post soon ...
R64
I'm kind of curious,
why only up to port 443?
What happens on port 444 and above?
VOIDX
It's simple the firewall allows communication through some recognized ports only like HTTP - 80....,SMTP - 25......SSH - 22.....and FTP on port 21...
Such widely recognized ports are usually owned by big companies like Google etc...therefore communication through them is somewhat secure...and all such ports lie under 443 (there are some exceptions like SQL on port 1433)....thus until and unless configured by the user/admin.... Communication. Through such ports is BLOCKED.....
I hope your curiosity is quenched....
R64
Share Your Thoughts