Hi Heckerss!!
In this blog, we are going to see about Firewall.
Letβs startβ¦.!
A firewall acts as a digital gatekeeper, protecting your network from unauthorized access and cyber threats. It monitors and controls incoming and outgoing traffic based on predefined security rules.
Types of Firewalls:
- Packet Filtering Firewall: Examines individual data packets and either permits or blocks them based on predefined criteria. π¦
- Stateful Inspection Firewall: Maintains a record of active connections and evaluates incoming packets based on the context of the entire session. π§
- Proxy Firewall: Acts as an intermediary between internal and external networks, intercepting and filtering requests on behalf of the clients. π‘οΈ
- Next-Generation Firewall (NGFW): Integrates traditional firewall capabilities with advanced features like intrusion detection/prevention and application-level filtering. π
Firewall Rules:
- Allow Inbound HTTP Traffic:
- Rule Name: Allow_HTTP_Inbound π
- Action: Allow β
- Source: Any π
- Destination: Firewallβs External Interface (e.g., WAN IP) π‘οΈ
- Protocol: TCP π
- Destination Port: 80 (HTTP) π
- Description: Permits incoming HTTP traffic from any source to access web services hosted within the network.
2. Deny Outbound SMTP Traffic for Unauthorized Users:
- Rule Name: Deny_SMTP_Outbound π«
- Action: Deny β
- Source: Internal Network (LAN IP Range) π
- Destination: Any π
- Protocol: TCP π
- Destination Port: 25 (SMTP) π§
- Description: Blocks outgoing SMTP traffic from internal network devices to prevent unauthorized users from sending emails directly.
3. Allow SSH Access to Specific Server:
- Rule Name: Allow_SSH_to_Server πͺ
- Action: Allow β
- Source: Specific IP Address (e.g., Adminβs IP) π§βπΌ
- Destination: Serverβs IP Address π₯οΈ
- Protocol: TCP π
- Destination Port: 22 (SSH) π
- Description: Permits SSH access from a designated administrative IP address to manage a specific server securely.
4. Block UDP DNS Queries from External Sources:
- Rule Name: Block_UDP_DNS_External π«
- Action: Deny β
- Source: Any π
- Destination: DNS Server (Internal IP) π₯οΈ
- Protocol: UDP π
- Destination Port: 53 (DNS) π
- Description: Prevents external sources from sending UDP DNS queries to the internal DNS server, reducing the risk of DNS spoofing or amplification attacks.
5. Allow Outbound HTTPS Traffic with Web Filtering:
- Rule Name: Allow_HTTPS_Outbound_With_Filtering π
- Action: Allow β
- Source: Internal Network (LAN IP Range) π
- Destination: Any π
- Protocol: TCP π
- Destination Port: 443 (HTTPS) π
- Description: Enables outbound HTTPS traffic from internal network devices while applying web filtering policies to restrict access to specific categories of websites (e.g., social media, gambling).
Impact Without Firewall: π¨ Without a firewall, your network is vulnerable to various cyber threats, including:
- Unauthorized access: Hackers can infiltrate your network and steal sensitive data. π΅οΈββοΈ
- Malware infections: Viruses, worms, and other malware can spread freely, causing system damage and data loss.
- Denial of Service (DoS) attacks: Attackers can flood your network with traffic, disrupting services and rendering them unavailable. β
- Data breaches: Confidential information may be exposed, leading to financial losses and reputational damage. πΈ
Remediation:
π Implementing a firewall is crucial to mitigate these risks. Hereβs how to proceed:
- Select the Right Firewall: Choose a firewall type that aligns with your security requirements and network infrastructure.
- Configure Firewall Rules: Define clear and effective rules to regulate traffic flow and enforce security policies.
- Regular Updates and Monitoring: Keep your firewall software up to date with the latest patches and security updates. Monitor firewall logs for suspicious activity and adjust rules as needed.
- Educate Users: Train employees on safe browsing habits and the importance of adhering to security policies to minimize the risk of security breaches. π
Okayβ¦ will see in the next blog ππββοΈ.
Reach out to me, If you have any queries π€
π LinkedIn: Abinesh M
π± Instagram: Abi_Hecker