FCP Related Links

By janakj

Created 2006-08-28 16:01

Standardization efforts
- List of related Internet Drafts [1]
- Aravox FCI [2] (A Tiphon Submission) (Aravox also published a short paper on their firewall control [3].)
- RFC 2979 on Firewall Requirements [4]
Internet Telephony ALGs
- SIP Linux [5]
- H.323 Linux [6]
- SIP IOS [7]
Links to resources on port numbers (and reports who uses them, incl. Trojan horses)
- Firewall Forensics (What am I seeing?) [8]
- SANS [9]
- NiteRyders Reference Desk: Trojan Horse Ports [10]
- Simovits: Ports used by trojans [11]
- TLSecurity: Trojan ports [12]
- IANA: Port number assignments [13]
- Ofir Arkin's Trojan Horse Port List [14]
Performance Related
- FireWall-1 Performance Tuning Guide [15]
- Seven Firewalls Fit for Your Enterprise (Network Computing, Nov. 15, 1998) [16] (Comparison of 7 '98 products; througput and delay with and without NATi [17] shown; an updated though not so detailed test available at this address [18] -- sorry, it will not help you unless you happen to speak Czech)
Resources
- COAST Firewall Hotlist [19]
- eEyes Security Resources [20]
- ITPRC's Resources on Network Security [21] (Good!)
- Marcus Ranum: Publications, Rants, Presentations, and Code [22]
- ICSA's firewall webpage [23]
Products
- Cisco-specific info
  - The Cost of Security on Cisco Routers [24]
  - Demystifying Cisco Access Control Lists [25]
  - IOS ACL example [26]
  - Cisco claims to habe SIP support [27] in PIX 5.2 firewalls
  - ITPRC: Cisco ACL Resources [28] (links to firewall comparisons, and other firewall resources also included)
- www.thegild.com/firewall [29]
- http://ipw.internet.com/protection/firewalls/ [30].
- A survey of FW-1s tateful inspection [31]
- The Ultimately Secure Firewall [32] ;-)
- Linux: IP Chains [33], IP Tables [34], Firewall Control Tool [35], FC GUI Tool [36], NetFilter [37]
- Known SIP-enabled products: SIP Firewall Server [38], Linux Masquerading Module [39]. Aravox [40] announced the intention to build a kind of FCP.
- AccordNetworks claims to have a VoIPi [41] solution V2gc-20 [42]
- Marconi also has a Media Firewall [43]
Subverting firewall policy
- Linux Firewall Piercing [44]
- Http Tunnel [45]
- RTP Tunnel [46]
- Rosenberg, Schulzrinne: Application-layer Policy Enforcement at SIP Firewalls [47]
Mailing Lists
- The Firewall-Wizardsxae Mailing List [48]
NAT Considerations
- Keith Moore: What NATS break [49]
- Srisuresh, Egevang: Traditional IP NAT [50] (RFC 3022)
- Hain: Architectural Implications of NAT [51] (RFC 2993)
- Carpenter: Internet Transparency [52] (RFC 2775)
- Fred Baker's comments about "evil NAT" on ietf mailing list: 1 [53], 2 [54]
- Brian Carpenter's comments about problem size [55] on ietf mailing list

Links:
[1] http://www.fokus.gmd.de/research/cc/glone/projects/ipt/fw.html
[2] http://docbox.etsi.org/tech-org/tiphon/Document/tiphon/05-200007-Munich/19TD035r1.doc
[3] http://www.aravox.com/Solutions/sip-based_network.pdf
[4] ftp://ftp.isi.edu/in-notes/rfc2979.txt
[5] http://www.siphappens.com/masquerade/
[6] http://www.coritel.it/coritel/ip/sofia/nat/nat.html
[7] http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn521.htm#xtocid2350933
[8] http://www.robertgraham.com/pubs/firewall-seen.html
[9] http://www.sans.org/newlook/resources/IDFAQ/oddports.htm
[10] http://nethog.net/feeds/niteryder/trojans.htm
[11] http://www.simovits.com/nyheter9902.html
[12] http://www.tlsecurity.net/trojanh.htm
[13] http://www.isi.edu/in-notes/iana/assignments/port-numbers
[14] http://www.sys-security.com/html/papers/trojan_list.html
[15] http://www.checkpoint.com/techsupport/documentation/FW-1_VPN-1_performance.html
[16] http://www.networkcomputing.com/921/921f2.html
[17] http://www.iptel.org/glossary#term187
[18] http://www.networkcomputing.cz/texty/aktualni_cislo/techmonitor-firewalls.htm
[19] http://www.cerias.purdue.edu/coast/firewalls/
[20] http://www.eeye.com/html/Resources/index.html
[21] http://www.itprc.com/security.htm
[22] http://pubweb.nfr.net/~mjr/pubs/index.shtml
[23] http://www.icsa.net/html/communities/firewalls/index.shtml
[24] http://www.nwc.com/1004/1004ws2.html
[25] http://www.nwc.com/907/907ws1.html
[26] http://www.pasadena.net/cisco/secure.html
[27] http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn521.htm#xtocid2350933
[28] http://www.itprc.com/security.htm
[29] http://www.thegild.com/firewall/
[30] http://ipw.internet.com/protection/firewalls/
[31] http://www.enteract.com/~lspitz/fwtable.html
[32] http://pubweb.nfr.net/~mjr/pubs/a1fwall/index.htm
[33] http://netfilter.filewatcher.org/ipchains/
[34] http://firewall.langistix.com/
[35] http://indev.insu.com/Fwctl/
[36] http://icarus.autostock.co.kr
[37] http://netfilter.kernelnotes.org/
[38] http://www.microappliances.com/poducts_real.html
[39] http://sip-happens.com/masquerade/
[40] http://www.aravox.com
[41] http://www.iptel.org/glossary/term/162
[42] http://www.accordnetworks.com/cr_products/vipera/firewallsolutions.html
[43] http://www.marconi.com/html/solutions/mediafirewall.htm
[44] http://www.linux.org/docs/ldp/howto/mini/Firewall-Piercing.html
[45] http://www.nocrew.org/software/httptunnel.html
[46] http://gphone.sourceforge.net/template.php3?page=rtptunnel
[47] http://www.iptel.org//glone/projects/ipt/ietf/firewall/#draft-rosenberg-sip-entfw
[48] http://www.nfr.net/forum/firewall-wizards.html
[49] http://www.cs.utk.edu/~moore/what-nats-break.html
[50] http://www.normos.org/ietf/rfc/rfc3022.txt
[51] http://www.normos.org/ietf/rfc/rfc2993.txt
[52] http://www.normos.org/ietf/rfc/rfc2775.txt
[53] http://www.iptel.org/fcp/fb1
[54] http://www.iptel.org/fcp/fb2
[55] http://www.iptel.org/fcp/bc1