Stateful Firewall

This lab will explore firewalls in the IT environment through configuring a stateful firewall and test the server’s defenses against an attack. A stateful firewall monitors and detects states of all traffic to defend the network using traffic patterns and flows.

outcomes:

In this lab, you will learn to:

Configure a stateful firewall
Test the defenses again a DoS attack

videos:

Before you start this lab, review these videos.

Setting Up the Virtual Environment

Editing Rule 200 to Be Stateful

Verifying the Stateful Firewall

Overview

A stateless firewall does not retain the state for any of its connections. A stateful firewall on the other hand, does. A stateful firewall will track the connection state for all communications between two devices. Anything that is deemed out of order will be blocked. In this lab, we demonstrate how a stateful firewall will mitigate a TCP SYN ACK DoS attack.

Stateful Firewall Mitigating a TCP SYN ACK DoS Attack

Courses

Pentesting and Understanding Vulnerabilities - Skill Labs

Key terms and descriptions

stateful firewall

A stateful firewall monitors and detects states of all traffic to defend the network using traffic patterns and flows.

TCP Flood

TCP Flood is a denial of service (DOS) attack to

Denial of Service

A common cyber-attack is a denial-of-service attack (DoS attack) that makes a machine or network resource unavailable temporarily or indefinitely disrupting services on a machine connected to a network.