bwbe

An
effective way to bypass firewall is using IP address spoofing where users gain
an unauthorised access to a computer or network then deceiving the IP address
of the machine by making it seem like the message sent came from a trusted
machine. It also includes techniques that attackers commonly use to perform
malicious activities such as Denial of Service (DOS), Dedicated Denial of
Service (DDoS) and Man in the Middle (MitM). To counter this, a good understanding
of how and why an attacker would use the spoofing attack would help, in
addition to performing regular assessment of the firewall and its configuration
against best range of configuration practices. [14]

 

Source
routing is another effective method to bypass firewall. The sender of the
packets can designate the route that the packet would take in the network and
when the packets have travelled among the nodes within the network, each router
will perform checks on the IP address of the destination in the packets,
forwarding them to the next node. Using this technique, the sender makes some,
or most, of the decisions on the router. An attacker can change the decisions
but a way to prevent it is through record route, where the route of an IP
packet is traced, strict source routing where the sender specifies the exact
route for the packet to take or through loose source routing where the set of
routers to visit is recorded using a source routing option. [15]

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

 

Attackers
can bypass firewall using tiny fragments. This is when the user uses the IP fragmentation
in order to create small fragments, where the TCP header information is forced to
separate into packet fragments. The purpose is to bypass the filtering rules
that depends on the TCP header information, in hope that only the first
fragment is examined by the filtering router, and as a result, pass the
remaining fragments through. To prevent this attack is by blocking the fragments
that holds less than a complete header. [16]

Leave a Reply

Your email address will not be published. Required fields are marked *