Jul 30 2023

Top 7 Open Source Firewall

Category: Firewall,next generation firewalldisc7 @ 2:39 pm

What is an Open Source Firewall?

An Open Source Firewall refers to a network security solution that is developed and distributed as open-source software. Open-source software is typically released with a license that allows users to view, modify, and distribute the source code freely. This means that anyone can access the inner workings of the firewall, make improvements, and share those improvements with the community.

Open Source Firewalls are popular because they offer several advantages:

  1. Transparency: Since the source code is open and accessible to the public, users can review the code to ensure there are no hidden functionalities or security vulnerabilities.
  2. Customizability: Organizations can modify the firewall’s source code to meet their specific security requirements and network configurations.
  3. Community Support: Open-source projects often have active communities of developers and users who collaborate, share knowledge, and provide support. This community-driven approach can lead to faster bug fixes, updates, and improvements.
  4. Cost-Effectiveness: Open Source Firewalls are typically free to use, reducing licensing costs and making them attractive to organizations with budget constraints.
  5. Stability and Reliability: Many open-source projects have been around for years and have undergone extensive testing and development, resulting in stable and reliable solutions.

Source: https://hackersonlineclub.com/open-source-firewall/

Top 7 open-source firewalls known for their reliability and robust network security features:

1. pfSense:

pfSense is a powerful open-source firewall and routing platform based on FreeBSD. It provides a feature-rich web interface that allows users to configure and manage their network security easily.

Key Features: VPN support, traffic shaping, intrusion detection and prevention, content filtering, and multi-WAN load balancing.

Practical OPNsense: Building Enterprise Firewalls with Open Source

2. OPNsense:

OPNsense is another FreeBSD-based open-source firewall that offers advanced security features and a user-friendly interface. It focuses on providing a secure and stable platform for network protection.

Key Features: Firewall rules, Virtual LAN (VLAN) support, captive portal, SSL decryption, and forward caching proxy.

Practical OPNsense: Building Enterprise Firewalls with Open Source

3. IPFire:

IPFire is a Linux-based  firewall designed with a modular architecture, allowing users to add various add-ons and extensions to enhance functionality.

Key Features: Intrusion detection and prevention system (IDPS), a proxy server, support for Virtual Private Networks (VPN), Quality of Service (QoS) capabilities, and compatibility with Wi-Fi access points.

4. Untangle NG Firewall:

Untangle NG Firewall is a Linux-based open-source solution that provides comprehensive network security and unified threat management (UTM) features.

Key Features: Web filtering, application control, antivirus, spam blocker, and intrusion prevention system.

5. ClearOS:

ClearOS is a Linux-based open-source firewall that offers a range of security features and is suitable for small businesses and home users.

Key Features: Web content filter, antivirus, intrusion protection, Virtual Private Network (VPN), and bandwidth manager.

6. Smoothwall:

Smoothwall is a Linux-based firewall that provides secure internet access and content filtering for schools, businesses, and organizations.

Key Features: Web proxy, bandwidth management, time-based access control, URL filtering, and reporting tools.

7. Endian Firewall Community:

Endian Firewall Community is an open-source UTM solution that offers essential security features to protect networks from various threats.

Key Features: Stateful inspection firewall, antivirus, spam filtering, VPN support, and content filtering.

Smoothwall and Endian Firewall Community have garnered a loyal user base due to their simplicity and effectiveness in securing networks. Regular updates and community support are crucial in maintaining a reliable and secure firewall solution, as with any open-source software.

The important thing is your network’s specific needs, and choose the best firewall that best aligns with your requirements and resources.

Each of the above open-source firewalls comes with its features and capabilities, so the choice as per the specific requirements and the level of complexity needed for your network. Stay updated with the latest releases and security patches to maintain a secure network environment.

When choosing an Open Source Firewall, it’s essential to consider factors such as the size and complexity of your network, the required features, and the level of community support available for the specific project. Proper configuration and ongoing maintenance are critical to ensure the firewall’s effectiveness in protecting your network from various cyber threats.

InfoSec books | InfoSec tools | InfoSec services

Tags: Open Source Firewall

Mar 12 2023

Bring a firewall anywhere you go with this Deeper Connect Pico

Category: Firewall,Information Security,next generation firewallDISC @ 10:44 am

As threats to both data security and personal privacy pile up, fighting back has never been more important. The Deeper Connect Pico packs both privacy tools and cybersecurity protection into a unit you can drop into your pocket.

The Pico is easy to install, taking just a minute to set up and connect. It has no subscriptions to manage or add-ons to buy, as it’s a hardware tool. Nor will it require any updates, as it’s built to be a plug-and-play device and comes with a wireless adapter.

Powered from any USB source and drawing only 1W of power, it weighs just .11 lbs and is only 3.4 inches long by 1.2 inches wide. The brushed aluminum casing is rugged and discreet, so you can throw it in your bag, hang it off your keychain, or keep it in your pocket.

Once connected, the Pico drops an enterprise-grade seven-layer firewall in front of snoops and malicious actors. Using an onboard quad-core ARM processor strong enough to work on the blockchain while you’re idle, the firewall prevents common attacks and alerts you when they happen, so you can take further action.

Also built into the hardware is an ad blocker that cuts off certain attacks and guards your privacy. It’s backed up by one-click parental control, so kids can log onto public networks while you keep the rules in place.

Providing extra security, the decentralized private network (DPN) uses other Picos as nodes for its network, with smart routing, multi-routing, and other functions across an ever-changing network that adds an extra layer of obfuscation for would-be snoops.

The world is becoming more complex, with more risks to your data when you connect to public networks. This hardware cybersecurity and VPN tool takes the worry out of connecting with others.

TP-Link ER7206 | Multi-WAN Professional Wired Gigabit VPN Router | Increased Network Capacity| SPI Firewall | Omada SDN Integrated | Load Balance | Lightning Protection


InfoSec Threats | InfoSec books | InfoSec tools | InfoSec services

Tags: Deeper Connect Pico

Jan 23 2023

10 Best Free Firewall Software – 2023

Category: Firewall,next generation firewallDISC @ 10:27 am
10 Best Free Firewall Software – 2023

In this article, we have done a depth analysis and listed your top 10 best Free Firewall software that provided extended security to protect your system from bad actors.

Generally, every computer is connected to the internet and is susceptible to being the victim of a hacker or an unwanted attack.

The whole procedure, which is used generally, consists of mopping the network in search of a connected computer or laptop.

Then the attacker simply looks for the security “hole” simply to gain access to the data present on the computer or laptop.

10 Best Free Firewall Software 2020

All these threats could even become greater if the computer permanently remains connected to the internet.

If the PC is connected without permanent supervision, then undoubtedly it will become a gold mine for the attackers or hackers.

Hence, to protect us from intruders, we have in our favor a fantastic tool which is known as Firewall.

Frequently Asked Questions Related to Best Free Firewall Software

Q#1 What is a Firewall?

Detailed Answer: Basically, firewalls are tools that can be used to improve the security of computers attached to a network, just like LAN or the Internet.

So, if we think about what a firewall is a first and foremost thing that comes to our mind is that a firewall is a computer software program that restricts illegal and unapproved access to or from a separate or private network.

These are integral elements of a complete security framework for your system or network.

Hence a firewall works as a wall between your computer and the internet. It cleans out all the wicked traffic originating from the outside world, whereas software and hardware-based firewalls are also available.

Apart from software, USB firewall sticks are also available, and they are generally known as Armadillo and USG.

Hence, many people believe that a firewall is a device that is established on the network, and it checks the traffic that crosses within the network section.

However, apart from all these things you can also have a host-based firewall that can be administered on the computer systems themselves, along with ICF (Internet Connection Firewall). 

Fundamentally, the work of both firewalls is identical: to stop the intervention and present a robust process of access control policy.

Well, we can define, firewalls are nothing but a system that protects your computer.

Basically, the firewall achieves all these tasks by examining the data packets upon the rules that have been set up.

Hence, if the data packs are in trade with these rules, then they are allowed by the firewalls. If they lose to meet the rules, then the firewall refuses them and blocks them.

Well, in today’s generation, firewalls are serving to defend PCs and other related devices over the world, whether they refer to individual users, huge companies, or the administration.

Q#2 How Firewall Work?

Detailed Answer: Well, after knowing what a firewall is, now you must be thinking about how it works.

Basically, a firewall entirely confines your computer from the internet practicing a “wall of code” that investigates each individual “packet” of data as it appears on both sides of the firewall —that is inbound to or outbound from your device— to conclude whether it should be allowed to cross or gets rejected.

Moreover, firewalls also have further ability to improve security by enabling granular control over what types of system roles and methods have access to networking sources.

Hence, firewalls can utilize various kinds of signs and host situations to enable or disallow traffic.

However, they seem complicated, but firewalls are comparatively easy to install, set up, and work.

Establishing antivirus software as well as an extra firewall is your best opportunity to keep your system malware-free.

Furthermore, firewalls work by controlling the data traffic to allow or accept the ‘good data’ while refusing or blocking the ‘bad or malicious data.’

But, if we get into the details of the features, then the firewall uses one of the three methods or sequences of these to measure the traffic that passes in and out of the network.

Hence, the firewall permits the information to go through if the connection yields a decisive match unless the record of the data or data packet is refused.

Q#3 Types of a Firewall?

Detailed Answer: Following are the three types of firewalls.

  1. Packet-Filtering Firewalls
  2. Circuit-level gateways.
  3. Stateful Inspection Firewalls.

Packet-filtering firewalls: This is one of the original types of firewalls, which simply operates online at junction points where the devices like routers and switches simply do their job.

However, this firewall does not route packets. But it actually compares each packet received with a set of established standards like IP addresses, packet type, port number, etc.

Circuit-level gateways: It simply monitors the TCP link protocols on the network.

As they are simply established between local and remote hosts to determine if the session that is started is legitimate or not. However, apart from all these things, it does not inspect the packages.

Stateful inspection firewalls: It not only examines each packet but also track if that packet is part of an established TCP session.

Moreover, it offers more security than packet filtering or simple circuit-level gateways. And not only that even it also generates a greater impact on network performance.

However, apart from all these things, we have mentioned all the well-known and best free firewall software in 2023.

Best Free Firewall Software and Key Features

Gbhackers on Security

So, now without wasting much time, let’s get started and simply explore the whole list that we have mentioned below.

Best Free Firewall Software

  1. Comodo Free Firewall
  2. GlassWire
  3. Zone Alarm Basic Firewall
  4. TinyWall
  5. Malwarebytes Windows Firewall
  6. OpenDNS
  7. Windows Firewall
  8. Netdefender
  9. AVS Firewall
  10. Agnitum Outpost Firewall

best hardware firewall for home network

Internet Firewall Appliances

Tags: Free Firewall

Dec 12 2022

New Technique Discovered To Bypass Web Application Firewalls (WAF) Of Several Vendors

Category: Firewall,next generation firewallDISC @ 11:20 am
New Technique Discovered To Bypass Web Application Firewalls (WAF) Of Several Vendors

Experts from Industrial and IoT cybersecurity company Claroty developed a generic method for bypassing the web application firewalls (WAF) of a variety of leading manufacturers.

Following a study of the wireless device management platform from Cambium Networks, Claroty’s researchers identified the technique. They found a SQL injection flaw that might allow unauthorized access to private data such as session cookies, tokens, SSH keys, and password hashes.

Reports stated that the vulnerability could be exploited against the on-premises version, but the Amazon Web Services (AWS) WAF prohibited all attempts to do so against the cloud version by flagging the SQL injection payload as malicious.

“This is a dangerous bypass, especially as more organizations continue to migrate more business and functionality to the cloud,” Noam Moshe, a vulnerability researcher at Claroty, wrote in a company blog post.

“IoT and OT processes that are monitored and managed from the cloud may also be impacted by this issue, and organizations should ensure they’re running updated versions of security tools in order to block these bypass attempts.”

Later finding revealed that the WAF could be bypassed by abusing the JSON data-sharing format. All of the significant SQL engines support JSON syntax and it is turned on by default.

“Using JSON syntax, it is possible to craft new SQLi payloads. These payloads, since they are not commonly known, could be used to fly under the radar and bypass many security tools.” Claroty reports.

CVE-2022-1361 Improper Neutralization of Special Elements Used In a SQL Command (‘SQL INJECTION’)

Further, a specific Cambium vulnerability the researchers uncovered proved more challenging to exploit (CVE-2022-1361). Moshe says “at the core of the vulnerability is a simple SQL injection vulnerability; however, the actual exploitation process required us to think outside the box and create a whole new SQL technique”. 

Hence, they were able to exfiltrate users’ sessions, SSH keys, password hashes, tokens, and verification codes using this vulnerability. 

The vulnerability’s main problem was that the developers in this instance did not utilize a prepared statement to attach user-supplied data to a query.

“Instead of using a safe method of appending user parameters into an SQL query and sanitizing the input, they simply appended it to the query directly”, he added

New SQL Injection Payload That Would Bypass the WAF 

The WAF did not recognize the new SQL injection payload that Claroty researchers created, but it was still valid for the database engine to parse. 

They did this by using JSON syntax. They did this by utilizing the JSON operator “@<” which put the WAF into a loop and let the payload reach the intended database.

Reports say the researchers successfully reproduced the bypass against Imperva, Palo Alto Networks, Cloudflare, and F5 products.

Claroty added support for the technique to the SQLMap open-source exploitation tool. 

“We discovered that the leading vendors’ WAFs did not support JSON syntax in their SQL injection inspection process, allowing us to prepend JSON syntax to a SQL statement that blinded a WAF to the malicious code,” the security firm explained.

Hence Claroty says, by adopting this innovative method, attackers might gain access to a backend database and utilize additional flaws and exploits to leak data directly to the server or via the cloud.

Bypass Web Application Firewalls

Web Application Firewall WAF A Complete Guide

Tags: Web Application Firewall

Dec 31 2021

What is a Personal Firewall?

Category: Firewall,next generation firewallDISC @ 7:55 am
What is a Personal Firewall?

What is a Firewall?

A Firewall is the controller of incoming and outgoing traffic between your computer and internet network.

Who should use a Firewall, and for what?

  1. Those wanting to prevent unauthorized remote access.
  2. Those looking to block immoral content (such as adult sites).
  3. Online gamers – at a high risk for getting hacked in online games.
  4. Business owners and those working from home – at a high risk for getting hacked.
  5. Anyone not wanting to risk their data and privacy.

Why is a Firewall important?

A Firewall is important for several reasons:

  1. Promotes privacy
    A Firewall blocks or alerts the user about all unauthorized inbound or outbound connection attempts. It allows the user to control which programs can access the local network and internet.
  2. Stops viruses and spyware
  3. Prevents hacking
    A Firewall blocks and prevents hacking attempts and attacks.
  4. Monitors network traffic and applications
    It regulates all incoming and outgoing internet users as well as applications that are listening for incoming connections. Moreover, it tracks recent events and intrusion attempts to see who has tried to access your computer.

What’s the difference between a personal and business-grade Firewall?

• A personal Firewall usually only protects the computer on which it is installed, whereas a business-grade Firewall is normally installed on a designated interface between two or more networks (allowing for a greater number of computers to be protected).
• Personal Firewalls allows a security policy to be defined for individual computers, while a business-grade Firewall controls the policy between the networks that it connects.
• Personal Firewalls are useful in protecting computers that are moved through different networks (as the protection is per computer vs. the network). It can be used at public hotspots, allowing the user to decide the level of trust and the option to reconfigure the settings to limit traffic to and from the computer.
• Unlike business-grade Firewalls, many personal firewalls have the ability to control network traffic for programs on the secured computer. For instance, when an application needs to establish outbound connection, the personal Firewall will scan it for safety, block it if it’s blacklisted, or ask for permission to blacklist it if not known.
• Personal Firewalls may also help block intruders by allowing the software to block connectivity where it suspects an intrusion is being attempted.

Risks of not having a Firewall

  • Loss of data
  • Open access
  • Network crashes

Personal computer firewall

Tags: data privacy, data protection, Firewall, Network Security, Online Privacy, Online Safety

Mar 14 2021

Next-Gen WAF protection for recent Microsoft Exchange vulnerabilities

Category: Firewall,next generation firewallDISC @ 11:41 am
Next-Gen WAF protection for recent Microsoft Exchange vulnerabilities

We strongly suggest that customers using Signal Sciences Next-Gen WAF in front of their Microsoft Exchange servers enable this rule as soon as possible and configure it to block requests if the signal is observed. Additionally, follow all guidance from Microsoft to patch affected systems. The vulnerabilities in question are actively being exploited globally and have severe impact.

Patching Microsoft Exchange systems

We are seeing a large uptick in exploitation attempts in the wild. This is an evolving story and our teams are working continuously to ensure the rules are catching the latest attacks, but this should not be your only line of defense. We strongly recommend that you patch affected systems, perform incident response,  and follow recommendations from Microsoft.

Exploit chain

The observed attacks on Microsoft Exchange systems chain together multiple CVEs (Common Vulnerabilities and Exposures) to carry out the attack. The impact of these attacks range from full system takeover through Remote Code Execution (RCE), as well as email inbox exfiltration and compromise. At a high level, the exploit chain is carried out as follows:

  1. A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Exchange Server identified as CVE-2021-26855 allows attackers to send HTTP requests to the exposed Exchange server and access other endpoints as the Exchange server itself. This is an unauthenticated step of the attack which makes the vulnerability exceptionally easy to exploit.
  2. An insecure deserialization vulnerability identified by CVE-2021-26857 leverages the SYSTEM-level authentication obtained by the above SSRF attack to send specially-crafted SOAP payloads which are insecurely deserialized by the Unified Messaging Service. This gives the attacker the ability to run code as SYSTEM on the Exchange server.
  3. After CVE-2021-26855 is successfully exploited, attackers can then utilize CVE-2021-27065 and CVE-2021-26858 to write arbitrary files to the Exchange server itself on any path. This code that is uploaded by the attacker is run as SYSTEM on the server. Lateral movement, malware implanting, data loss, escalation, and more can be carried out through these vulnerabilities.

By enabling the Signal Sciences Next-Gen WAF templated rule, the first step in the exploit chain cannot be carried out. If you would like to dig deeper into the technical details of this chain of attacks please see this post by the folks at Praetorian. To enable the templated rule, please refer to our documentation for details on how to enable templated rules.

The post Next-Gen WAF protection for recent Microsoft Exchange vulnerabilities appeared first on Signal Sciences.

Your best practice guide to configuring Cisco’s Next Generation Firewall

Tags: Next Generation Firewall, Next-Gen WAF protection

Feb 08 2021

SonicWall Zero-Day

Category: Firewall,next generation firewallDISC @ 4:01 pm
SonicWall Zero-Day

Jan 20 2021

Web application firewalls bypasses collection and testing tools

Category: Firewall,Information Security,next generation firewallDISC @ 11:18 pm
WAF bypass RCE by nil0x42

Jan 03 2021

Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways

Category: Backdoor,FirewallDISC @ 11:11 am

The username and password (zyfwp/PrOw!aN_fXp) were visible in one of the Zyxel firmware binaries.

More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel.

The backdoor account, discovered by a team of Dutch security researchers from Eye Control, is considered as bad as it gets in terms of vulnerabilities.

Device owners are advised to update systems as soon as time permits.

Security experts warn that anyone ranging from DDoS botnet operators to state-sponsored hacking groups and ransomware gangs could abuse this backdoor account to access vulnerable devices and pivot to internal networks for additional attacks

Source: Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways | ZDNet



[Tech News] Backdoor Account Discovered in More Than 100,000 Zyxel Firewalls, VPN Gateways podcast
httpv://www.youtube.com/watch?v=tQeBp_oim4A






Feb 28 2011

Is the next generation Firewall in your Future?

Category: App Security,Firewall,next generation firewallDISC @ 3:02 pm

Download a Free copy of “Next-Generation Firewalls for Dummies” ebook to find out why traditional firewalls can’t protect your network | Checkout the sample chapter online

By Ellen Messmer

The traditional port-based enterprise firewall, now looking less like a guard and more like a pit stop for Internet applications racing in through the often open ports 80 and 443, is slowly losing out to a new generation of brawny, fast, intelligent firewalls.

The so called next-generation firewall (NGFW) describes an enterprise firewall/VPN that has the muscle to efficiently perform intrusion prevention sweeps of traffic, as well as have awareness about the applications moving through it in order to enforce policies based on allowed identity-based application usage. It’s supposed to have the brains to use information such as Internet reputation analysis to help with malware filtering or integrate with Active Directory.

But how long will it take for the NGFW transition to truly arrive?

To read the full article …..

Download free ebook for next gereration firewall how it may protect your information assets

Download a Free copy of “Next-Generation Firewalls for Dummies” ebook to find out why traditional firewalls can’t protect your network | Checkout the sample chapter online




Tags: Application security, IDS, IPS, NGFW