Installing theTrusted Information SystemsInternet Firewall Toolkit

3/23/99

Click here to start

Table of Contents

Installing theTrusted Information SystemsInternet Firewall Toolkit

The TIS Firewall Toolkit

The TIS Firewall Toolkit (cont)

The TIS Firewall Toolkit (cont)

Blocking Traffic Between Networks

Blocking Traffic (cont)

Blocking Traffic (cont)

Blocking Traffic (cont)

Installing the Toolkit

Helpful Hint: Tripwire

Follow Conventions

Reboot Often While Testing

Configure TCP/IP

Adaptive Routing

Typical Firewall Routing

Nasty Routing (cont)

Kernel Configuration

Ipforwarding (cont)

Ipforwarding (cont)

Server Processes

Server Processes (cont)

Boot Time Servers

Boot Time Servers (cont)

Boot Time Servers (cont)

A Bare Process Table

Restricting Root Login

Restricting Root Login (cont)

Unpacking the Toolkit Sources

Configure the Sources

Configure the Sources (cont)

Configure the Sources (cont)

Compile the Toolkit

Toolkit Does not Build

Toolkit is Built, Now What?

Implementing Policy

Implementing Policy (cont)

Implementing Policy (cont)

Netperm-table (cont)

Netperm-table (cont)

Netperm-table (cont)

Logging Errors (cont)

/etc/inetd.conf (for a toolkit firewall)

/etc/inetd.conf (alternate form)

Netacl: a TCP wrapper

TN-Gw: Telnet Proxy

Rlogin-Gw: Rlogin Proxy

Rlogin-Gw (cont)

FTP-Gw: FTP Proxy

X-gw: X11 Proxy

Http-gw: Web proxy

Smap - SMTP queuer

Testing Smap (cont)

Authsrv Initialization

Authsrv Initialization (cont)

Authorizing a User

Authorizing users (cont)

Authorizing users (cont)

Backing up Authsrv

Netperm-table (cont)

Netperm-table (cont)

Netperm-table (cont)

Netperm-table (cont)

Testing Procedures

Testing Procedures (cont)

Maintaining the Software

Installing Patches

Author: Marcus Ranum

Email: mjr@nfr.net

Home Page: http://www.nfr.net