Understanding the Limitations of IP-Tables: A Comprehensive Analysis

Verified

Added on 2019/10/30

AI Summary

This assignment discusses the limitations of using IP-Tables in firewalls, specifically highlighting its disadvantages. The main points include the removal of the 'I' flag from the IP-chain, lack of processing for packets routed through INPUT or OUTPUT chains, and limited support for NAT and SOCKS protocols. Additionally, it notes that the absence of the 'C' command in IP-Tables is a limitation compared to previous versions. Furthermore, the report emphasizes the importance of circuit-firewall security systems, particularly SOCKS protocol, which provides secured communication between internal and external systems.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: IP-Table FIREWALL SECURITY
IP-Table FIREWALL SECURITY
Name of the student
Name of the university
Author note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1IP-Table FIREWALL SECURITY
Executive summary:
The aim of the report was to analyze the use, advantages and limitations of IP-tables Firewall. A
media survey supported the analysis. The results indicate the different advantages and
disadvantages of firewall usage as well as the SOCKS protocol utilization in communication
server. This report concludes on different suggestive measures advisable to follow. It is
recommended serious measures and technical knowledge should be applied in securing the
systems.

2IP-Table FIREWALL SECURITY
Table of Contents
INTRODUCTION:..........................................................................................................................3
DISCUSSION:.................................................................................................................................3
CONCLUSION:..............................................................................................................................7
REFERENCES:...............................................................................................................................8

3IP-Table FIREWALL SECURITY
INTRODUCTION:
In the computer world of security, firewall is a programmed device used for protection of
systems through the network tagged along to block specific kinds of web trafficking potentially
building a barrier in between a trusted and un-trusted network provider. Analogous to the
physical representation of firewall, this security system blocks any potential web attacks. It limits
the unauthorized access to a computer system from any un-trusted source (Ifinedo, 2012). This
firewall facility is in forms of hardware and software both. IP-tables on the other hand is a
system utility available on public platforms, which allows the system administrator in
reconfiguration of tables implemented by Linux Kernel Firewall along with the orientations
stored. Different modules used for variant protocols are ip6tables to IPv6 and even from eb-
tables to Ethernet frames. This report presents the discussion the various advantages and
disadvantages involved in the usage of firewalls and possible mitigations to the limitations
involved. Alongside, a prominent significance of circuit-relay firewall is provided.
DISCUSSION:
The IP-table firewalls utilize the mode of operation, wherein, the security system
compares the trafficking with the set of rules against the same. The rule defines a specific set of
instructions that a packet has to match and accordingly, the actions are taken for the matched
packets (Ifinedo, 2014). Variant patterns determine the matching processes relative to a package
either the protocol type, the source or the destination, the interfaced used, and likewise. On
matching the set out patterns, the action that is witnessed is termed as target. This target defines a
code of policies for the packet such as acceptance or denial. Transferring the packet to different

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4IP-Table FIREWALL SECURITY
locations is also a possibility (Diekmann et al., 2016). Via certain module that can be loaded by
using rules, IP-tables can track connections using the same.
Discussing the utilities of this security system calls for an important notation that is the
various advantages involved on the usage of the IP-tables firewall. Few important ones are
discussed in the upcoming section of this report (Hu, Ahn & Kulkarni, 2012). Firstly, the
connection-tracking facilities provided by the IP-tables proves to be advantageous, which when
utilized following the correct techniques involving installation and functioning would help to
limit TCP hijackings surrounding non-IP masqueraded clients possessing low-level TCP
sequence in randomized number system, such a sample would be Windows System, alongside
the IBM configuration and other older versions in systems.
Another utility, which could prove to be beneficial basing on the same trait, is the
blocking of UDP packet hijacking which provides shield against the attackers while they inject
bogus ICMP integrations for the cracking and penetrating within the systems (Leblond et al.,
2012).
Next in the queue of advantages, is the fact that in the modern usage, matching the
packets is based on the MAC address, UID- the local technique, TTL- determining the rate at
which packets are sent. Thus, a proper and improved detection and rejection of potential
intruders with intention to penetrate in the system for personal benefits is possible.
In most of the organizations, TCP connections to the servers are distributed in a random
process, within various server locals to withstand the load. The utility of the IP-tables help in
figuring the reason the packet was logged in a much easier way specifying the string containing
the text in order to help the anticipation of logged message.

5IP-Table FIREWALL SECURITY
The IP-tables has the advantage of redirection of packets like the IP-chains and
established with it is the DNAT component helping in accessing the destination IP address and
port number by accepting arbitrary manipulation process. This helps in camouflaging packet
positions of the service provided. This has a wider range of implementations including honey-
spots and tarpits and web reserving (Kaur, Malhotra & Singh, 2014).
Proceeding with report, now stating the certain limitations prevailing with usage of the
IP-tables is another important point to be discussed will be done here (Porras et al., 2012). The
recorded list of disadvantages is presented in this section. Firstly, the ‘I’ flag present in the IP-
chain is removed from the target, which was initially specified by ‘j’. This calls for a mitigation
comprising the fact that logging criteria must have two rules, former is to match and later is to
DROP (AL-Musawi, 2012). The greatest disadvantage of this flag would be the fact that it would
not log the rule number responsible for the logging.
Secondly, the packets those are routed through the systems do not face the processing of
either the INPUT or the OUTPUT chains, only the processing via FORWARD chain and the
NAT chain is available. So a direct mitigation to this would be to set different collection of rules
dedicated to the packets, specifically to and from the firewall unlike for the packets being
forwarded.
IP masquerading that is NAT available for various applications, supported well by the IP-
chains are not compatible and likewise supported by the IP-tables. This specific listing consists
of variant types of games and other technical services (Xuan, & Wu, 2015).
Another recorded disadvantage would be the change of the IP-chains’ built in chains
suffered a change from lower to upper case.

6IP-Table FIREWALL SECURITY
A ‘C’ command previously existed in the IP chains verifying the presence of any
matching protocol or destination for a specific packet and/or destination available for the same.
This as of now, no longer prevails within the system of the IP tables failure to avail a user with
the options of offers to acceptance and denial. The absence of the same can be recorded as a
limitation of the IP-tables.
Advancing to the role and significance of circuit-firewall surrounding the SOCKS
protocol, it would be appropriate to mention that this is a similar type of firewall security system
that is a proxy server that yields a controlled network connectivity between the internally and
externally established systems, analogously speaking, there would not be any air-gap in between
the two systems . An existence of a virtual circuit is witnessed between the internal and the proxy
server clients. A system to exchange the requests between the proxy server and the client is thus
established, wherein the acceptance and deliveries of requests are involved after changing the
Internet Protocol address (Winter, Pulls & Fuss, 2013). External user is only enabled to see the
IP address of the server while requests are received through this circuit and is reverted to the user
or the client. On the allowance of the traffic through the circuit, external systems are never
enabled to see the internal systems involved in the communication. This type of system is a
secured communicating circuit (Filasto & Appelbaum, 2012).
The supporting link stating the SOCKS protocol majorly, describes the protocol
supporting the application layer transversal of IP network firewalls. The security issue relative to
such a transversal is determined by a particular authentication and encapsulation methodologies
provided via specific implementation, and selective negotiation between client and the server of
SOCKS (John, 2013). Another important aspect noticed in the security issue is the failure; it is
advisable for the SOCKS service provider to terminate the TCP connection within duration of

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7IP-Table FIREWALL SECURITY
ten seconds, after the detection of the situational crisis. While securing the communication
method it is important to follow the field stating BIND. This requires the approval from the
client of the connections from the proxy server. This expected from the client side to abide by the
Bind rules that is just to establish secondary connections after the primary one using CONNECT
(Rosenberg, 2012).
CONCLUSION:
On the analysis of the pointers mentioned in the report, it is correct to conclude, users
should make sure to keep the present connections active throughout on implementation of a
default drop policy. This is a matter of relevance in case of SSH connectivity. Another important
notation would be that packets should not match a generalized set of matching instructions.
Based on this, top of a chain should consist of higher level of specific traits. Initially, specific
details in a packet should be prioritized. The default policy setting should be customized
carefully.

8IP-Table FIREWALL SECURITY
REFERENCES:
AL-Musawi, B. Q. M. (2012). Mitigating DoS/DDoS attacks using iptables. Int. J. Eng. Technol.
IJET-IJENS, 12(03).
Diekmann, C., Michaelis, J., Haslbeck, M., & Carle, G. (2016, May). Verified iptables firewall
analysis. In IFIP Networking Conference (IFIP Networking) and Workshops, 2016 (pp.
252-260). IEEE.
Filasto, A., & Appelbaum, J. (2012, August). OONI: Open Observatory of Network Interference.
In FOCI.
Hu, H., Ahn, G. J., & Kulkarni, K. (2012). Detecting and resolving firewall policy
anomalies. IEEE Transactions on dependable and secure computing, 9(3), 318-331.
Ifinedo, P. (2012). Understanding information systems security policy compliance: An
integration of the theory of planned behavior and the protection motivation
theory. Computers & Security, 31(1), 83-95.
Ifinedo, P., 2014. Information systems security policy compliance: An empirical study of the
effects of socialisation, influence, and cognition. Information & Management, 51(1),
pp.69-79.
John, M. (2013). U.S. Patent No. 8,407,777. Washington, DC: U.S. Patent and Trademark
Office.

9IP-Table FIREWALL SECURITY
Kaur, T., Malhotra, V., & Singh, D. (2014). Comparison of network security tools-firewall,
intrusion detection system and Honeypot. Int. J. Enhanced Res. Sci. Technol. Eng, 200-
204.
Leblond, E., Ayuso, P. N., McHardy, P., Engelhardt, J., & Four, D. (2012). Secure use of
iptables and connection tracking helpers. To Linux and beyond.
Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., & Gu, G. (2012, August). A security
enforcement kernel for OpenFlow networks. In Proceedings of the first workshop on Hot
topics in software defined networks(pp. 121-126). ACM.
Rosenberg, J. (2012). TCP candidates with interactive connectivity establishment (ICE).
Winter, P., Pulls, T., & Fuss, J. (2013, November). ScrambleSuit: A polymorphic network
protocol to circumvent censorship. In Proceedings of the 12th ACM workshop on
Workshop on privacy in the electronic society(pp. 213-224). ACM.
Xuan, L. F., & Wu, P. F. (2015, April). The optimization and implementation of iptables rules
set on linux. In Information Science and Control Engineering (ICISCE), 2015 2nd
International Conference on (pp. 988-991). IEEE.

1 out of 10

+13062052269

info@desklib.com

Understanding the Limitations of IP-Tables: A Comprehensive Analysis

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Network Security Essentials

Network Security and Internet Privacy

Next-generation Firewall | MIT Final Project Proposal Assessment