[ Pobierz całość w formacie PDF ]

attacked from the bastion host should it be overcome.
Be very particular about the specific services that are permitted to exist
between your bastion host and your internal network.
These configured and shared services can be the target of an attacker if
the bastion host is ever compromised.
9-12 Solaris Network Security
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
9
Fundamental Concepts
Limitations
Problems that are not addressed using firewalls:
Attacks initiated from inside the firewall
Attack methodologies not presently discovered
Attacks originating from viruses
Attacks resulting from insufficient filtering requirements
Attacks facilitated through the absence of basic host security
Attacks originating from connections not known to firewall
Firewalls 9-13
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
9
Module Checklist
Having completed this module, you should be able to answer the
following:
What is a firewall and what is it designed to do?
What are the critical components of firewalls?
What are the capabilities of firewalls?
What are the limitations of firewalls?
9-14 Solaris Network Security
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
Introduction to the Inspection
Language A
Objectives
Upon completion of this Appendix, you will be able to:
Describe the basic advantages and disadvantages of using the
Inspection Language.
Describe the major elements of the Inspection Language.
A-1
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
A
General
Solstice FireWall-1 is equipped with a powerful language with which
you can run rule descriptions without the GUI. This language is called
Filter Script language (or Inspection Language).
Advantages of Using Inspection Languages
The following possibilities should be pointed out:
Rules can be assigned to specific interfaces.
The limitation of commands is eliminated; random commands can
be defined.
The limitation of protocol variants is eliminated.
The restrictions in the GUI are not important.
Example:
Service Manager other services (fields incoming and outgoing)
Disadvantages
When using the Inspection language, the created filter cannot be
further used with the GUI.
It is difficult to write bigger filters without mistakes, as a test
mechanism such as Policy Verify does not exist.
When to Use Inspection Language
Normally the GUI is used to describe the policy. Its capabilities are no
longer sufficient, the Inspection Language will be used.
Through this procedure, necessary predefinitions are automatically
included.
A-2 Solaris Network Security
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
A
General
When to Use Inspection Language (Continued)
While starting this language, it should be mentioned that you can
analyze the filter script created by the GUI. A subwindow is opened in
the Rulebase Editor by the Policy View, which contains the filter
script.
Introduction to the Inspection Language A-3
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
A
Arranging the Decision Statements
The decision statements can be roughly divided into three parts:
Scope
The Scope contains the relevant interfaces and systems.
Action
Here the treatment of the packets is decided.
Condition
This part contains the necessary information about Source,
Destination, and Service.
Scope Block
The Scope Block consists of three parts:
Direction.Interfaces @ Hosts.
Direction
The direction in which the packets must be monitored. Allowed
values are:
Incoming (=>)
Outgoing (
Eitherbound ( )
A-4 Solaris Network Security
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
A
Arranging the Decision Statements
Scope Block (Continued)
Interfaces
The participating interfaces. Single interfaces are specified, several
of which are summarized in braces {le0,ipd0}. You can specify
the key word all.
Hosts
The host name is separated by an ampersand (@). As with the
Interfaces, braces or all are possible.
Introduction to the Inspection Language A-5
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
A
Arranging the Decision Statements
Action Block
The Action Block, principally, has the following form:
action log alert_action log_type
The action block can consist of one action and (or) one protocol
statement. The latter requires a form of logging and can contain an
alarm action. All variants are shown below:
action
action log log_type
action log alert_action log_type
log log_type
log alert_action log_type
Theaction block can theoretically be empty, but this would not make
sense.
Action
This field can have the values accept, reject or drop.
Log
This keyword initiates the protocolling. It can also appear in the
condition block (separated by a comma).
Log_type
Here every $FWDIR/lib/formats.def-defined protocol format
can be entered. Predetermined are, for example, long and short.
Alert_action
The basic format is   , whereas the
optional string (with  [ and  ] braced) is entered into the
protocol, and the command will be started. The agreed-upon
protocol format (log_type) is delivered to the command by means
of a standard entry.
A-6 Solaris Network Security
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
A
Arranging the Decision Statements
Condition Block
The condition block is freely formidable. Single statements, separated
by a comma will be joined by the logical AND operator. The key word
 or acts as an OR operator. The latter, is stronger bound; the binding
behavior can, as usual, be manipulated by brackets.
Key Words
Three key words describe the interpretation of the following data:
src (source)
A description of the senders follows.
dst (destination)
The receiving network objects follow.
svc (service)
The service names follow. This keyword may also be omitted if a
specific service is designated. To enable the creation of a group, the
introducing keyword is followed by the following combinations:
Is
Is not
In
Not in
Introduction to the Inspection Language A-7
Copyright 1997 Sun Microsystems, Inc. All Rights Reserved. SunService August 1996
A
Arranging the Decision Statements
Examples
Two simple examples are:
eitherbound ipd0@serial-gate reject src not in my.com,\
dst in my.com, (finger or FTP or Telnet) short;
# Source Destination Proto. Action Track Install On
1 !my.com my.com finger Reject Short serial-gate
Telnet log
FTP
The major difference to the GUI rule is that, here, only the interface
ipd0 will be controlled.
all@my-host accept tcp, established;
This rule relates to the earlier edition of the  Established TCP [ Pobierz całość w formacie PDF ]