Firewalk (computing)

This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages) The topic of this article may not meet Wikipedia's general notability guideline. Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. If notability cannot be shown, the article is likely to be merged, redirected, or deleted. Find sources: "Firewalk" computing – news · newspapers · books · scholar · JSTOR (January 2011) (Learn how and when to remove this message) This article relies excessively on references to primary sources. Please improve this article by adding secondary or tertiary sources. Find sources: "Firewalk" computing – news · newspapers · books · scholar · JSTOR (January 2011) (Learn how and when to remove this message) (Learn how and when to remove this message)

Firewalking is a technique developed by Mike Schiffman and David Goldsmith that utilizes traceroute techniques and TTL values to analyze IP packet responses in order to determine gateway ACL (Access Control List) filters and map networks. It is an active reconnaissance network security analysis technique that attempts to determine which layer 4 protocols a specific firewall will allow.

Firewalk is a software tool that performs Firewalking.

To protect a firewall / gateway against firewalking one can block ICMP Time Exceeded messages.^[1]

• Access Control List
• Firewall (computing)
• Traceroute

• Firewalk tool, an Open Source tool that determines gateway ACL filters and maps networks by analyzing IP packets responses.
• WooterWoot, an Open Source set of tools that builds Check Point, Cisco ASA, or Netscreen policies from logfiles.
• Use Firewalk in Linux/UNIX to verify ACLs and check firewall rule sets, article on using Firewalk, by Lori Hyde CCNA.
• firewalk(8) - Linux man page
• GIAC / SANS Institute Description of Firewalking

This computer security article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e