A Firewall is an application or hardware device used to inspect and filter network traffic.
Questions tagged [firewall]
4272 questions
9
votes
6 answers
Firewall anti-patterns?
What are some of the most common and wrong ways to configure a firewall? I'll start the list with the following:
Blindly blocking ICMP. This was common practice in 1998 when smurf attacks were all the rage. Today you run the risk of creating a PMTU…
Gerald Combs
- 6,481
6
votes
4 answers
MSMQ Firewall Ports
I'd like to know what ports need to be opened on a firewall in order to allow public read access to an MSMQ private queue.
I'm aware that Microsoft publishes a list of ports here: http://support.microsoft.com/default.aspx?scid=kb;EN-US;178517
But I…
rusvdw
- 218
5
votes
4 answers
Home Network, router firewall vs Windows firewall
Similar to these questions:
What Firewall Rules Should Be Used For A Home-Based System and
Firewall on VPS Use Windows Built In
But more specifically I'm guessing that using both the Windows Firewall and a router's built in firewall are redundant? …
Nick
- 215
5
votes
2 answers
WAF vs Firewall
I was reading up about firewalls and came across two concepts which confused me- Web Application Firewall and "regular" firewall. I'm not fully sure what the differences are- they both sound like they accomplish the same thing. Does anyone know the…
OckhamsRazor
- 363
4
votes
1 answer
Firewall log MAC address
I'm checking my linux server's firewall and I'm seeing
"....IN=eth0 OUT= MAC=00:26:a9:7b:c9:30:00:17:0f:ac:6a:80:08:00"...
As far as I know MAC addresses have 12 Characters. Why are there 28 characters in front of MAC=?
Thanks
drhoo
- 41
- 2
3
votes
1 answer
What is the purpose of denying specific inbound traffic in firewalls?
Many common firewall rules include a number of lines that block specific inbound traffic. Take this from ipfw for example:
# Fragments
$cmd 00420 deny all from any to any frag in via $pif
# ACK packets that did not match the dynamic rule table
$cmd…
Xen
- 468
3
votes
2 answers
Does a system with no running network services need a firewall?
I ask this with the default install of FreeBSD in mind. It has no network services activated and also no firewall installed. This is unlike many linux distributions which typically configure a basic firewall but also have limited network services,…
hotkarl
- 165
- 2
- 10
3
votes
2 answers
What is the best firewall/iptables management tool for multiple servers?
We are setting up iptables for each server we run, is there a nagios kind of tool that will allow us to see and manage from a central console without requiring us to get in each server and setup each and every iptables ?
If there is an open source…
Devrim
- 1,187
3
votes
3 answers
What's the situation that requires stateful firewall?
I just know there is two kind of firewalls. Stateless and stateful.
It's hard to determine what kind of firewall I have to use. Currently I have to run firewall within same machine runs services, Basically I want stateless because of its less…
Eonil
- 10,649
3
votes
1 answer
Client's firewall is blocking random parts of new site
We just launched a new company site for a client. After chasing down some "OMG it looks wrong now!" complaints, we determined that the CSS (and some images, perhaps more) is getting blocked by their firewall. They claim this never happens to them…
user54365
3
votes
8 answers
Open source firewall or commercial firewall
In what cases would it be considered OK to use open-source firewalls to protect/secure/filter a company network?
There seems to be many open source firewall alternatives (pfSense, smoothwall, m0n0wall) for a small business, that will save the…
Espo
- 366
3
votes
5 answers
Double firewall in same network or useful?
One of my clients asked me to check his network. In his server rack I found a Fortinet FortiGate 60 and a Zyxel Zywall 70. Both of them are - in my opinion - complete firewall solutions for SOHOs (which he is with 1 server and about 10…
dwo
- 131
2
votes
5 answers
Advantage of hardware firewalls over software firewalls?
There are a lot of hardware firewalls out there, but what is their advantage / use over software firewalls, as I can also easily set those up without having to buy pricy hardware firewalls?
Are there any reasons for choosing a hardware firewall over…
Sebastian Hoitz
- 3,199
2
votes
8 answers
What does "Flush the Firewall" mean?
I know this is a real newbie question but what does it mean when someone says they "flushed the firewall". I got locked out of my server a few times due to the enhanced security configuration I had done and when I contacted my server management…
Qasim
2
votes
1 answer
Firewall configuration worksheet?
Are there any available "worksheets" out there (in Excel, PDF, etc. format) to help in planning firewall configuration? Looking for some way to systematically keep track of the machines, ports, etc. while planning how to set up an environment. I'm…
Jason Kresowaty
- 511