Firewalking is a technique developed by Mike Schiffman and David Goldsmith that utilizes traceroute techniques and TTL values to analyze IP packet responses in order to map networks and determine gateway ACL filters. It is an active reconnaissance network security analysis technique that attempts to determine which layer 4 protocols a specific firewall will allow.

Firewalk is a software tool that performs Firewalking.

To protect a firewall or gateway against firewalking one can block outgoing TTL messages to avoid exposing information about your network. Additionally, using Network address translation is useful to hide internal network addresses. [1]

See also

edit

References

edit
  1. ^ Irby, David (c. 2000). "Firewalk : Can Attackers See Through Your Firewall?". GIAC Certifications. Archived from the original on 2022-03-20. Retrieved 2024-05-09.
edit