Packet Filtering
7. Lessons learned
We have learned that:
- A firewall can be a risk in itself. A badly configured firewall is worse than not having one at all.
- How to setup a basic gateway and a transparent proxy.
- The key to a good firewall is to know the protocols you want do allow.
- That IP traffic does not always contain legitimate data, e.g. ICMP packets, which can contain a malicious payload.
- How to prevent SYN attack.
- Filtering HTTP traffic by removing offensive pictures and downloads of viruses.
- Combining packet filters and application gateways provides better control.
Now, if you really need to, go create a firewall that matches your needs.