ICMP Redirect is a type 5 ICMP error message sent by a gateway router to a sending host informing of an optimal alternate route to the destination host and to update its routing table with the new host route to the target destination host. The router forwards the original packet to the next hop router or to the destination host and sends the ICMP Redirect message to the sending host so that the subsequent packets to the destination host can be sent via the new route.
Tag: Security
Ziptie – Opensource Network Inventory & Configuration Management Framework
Ziptie is an Opensource Network Inventory and Configuration Management framework that can discover and manage network devices such as Routers,Switches and Firewalls. Ziptie out of the box support network devices from multiple major vendors. Ziptie is java based and is built on Eclipse framework. Ziptie can run on many Operating System platforms including Windows, Ubuntu, Fedora,Redhat, Madnriva amd most other Linux Distributions.
Configure Cisco Port Security on Switches and Router interface
Cisco Port Security is a features that can help secure access to the physical network. Any Network admins nightmare is an unauthorised device or a PC connecting to the network. This could be as simple as an innocent guest plugging his PC into a floor port hoping to get an internet connection or a malicious intruder connecting to the network trying to gain access to confidential information.
Consequences could as bad as
- Virus, Spyware or malware infection from a PC unprotected PC
- A malicious hacker or an intruder gaining access to the network
- A malicous attacker launching a Denial of Service attack using MAC Address flooding
Cisco IOS has the port-security feature which can be used to restrict the MAC-Address of the devices that connects to each of the physical switchports.
Arpwatch – Monitor ARP activity and detect ARP Spoofing
ArpWatch is an opensource tool that monitors ethernet or FDDI network activity in the network and maintains a database of IP Address to MAC address mappings. Arpwatch notify via email if there is a change. Arpwacth is most commonly used to detect ARP Spoofing security issues in the network. Arpwatch can run on most of the Linux distributions,UNIX and Sun Solaris.
Firewall Builder – Multiplatform Firewall Configuration Manager
Firewall Builder is an Opensource multi-vendor Firewall Configuration and Management GUI tool. It uses a set of policy compilers for the different firewalls supported. If you are a Network administrator supporting multiple sites and multiple firewall devices then you would know what difference a central Firewall Manager can make to the day to day task. A Netscreen Security Manager for Junipers or the admin tool for checkpoints is an example, despite these being expensive commercial options from the very own vendors. Firewall Builder on the other hand a hetrogenous, vendor neutral configuration and management tool with support to more than one single platform and an easy design allowing expanding support more platforms.
Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.
Vuurmuur – OpenSource Firewall Manager for Linux IPTables
Vuurmuur is an Opensource Firewall Manager based on iptables in Linux. Vuurmuur works with both Linux Kernel 2.4 and Linux Kernel 2.6
Vuurmuur has a simple and easy interface with a nice GUI support for simple to complex configurations. Vuurmuur allows remote administration through SSH or through the system console.
ClarkConnect – OpenSource Firewall Intrusion Prevention networking and collabration suite
ClarkConnect is an all-in-one Opensource networking suite from Point Clark Networks. It is a full blown security suite on one front with Stateful firewall protection, Intrusion Detection and prevention, Maile Gateway with Antivirus, Anti-spam and Anti-phishing support, proxy & web content filtering, peer to peer connection filtering for web protection while is also a networking suite with IPSec and PPTP support, bandwdith and system monitoring and a server with web-server, Database server support, file & print sharing, mail server, system and mail backup. All built on a cut down redhat linux with a good web interface.