ISP Glossary Find an ISP Term

Search ISP Sites

Search: Search internet.com

ISP Resources ISP-Lists ISP Glossary ISP News CLEC-Planet The List ISPCON Free Newsletter IT Developer Internet News Small Business Personal Technology Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers internet.commerce Be a Commerce Partner

Search for an ISP term
by a keyword...	...or by category. choose one... Communications Computer Industry Companies Computer Science Data Graphics Hardware Internet and Online Services Mobile Computing Multimedia Networks Operating Systems Programming Software Standards Types of Computers World Wide Web

firewalking Last modified: Friday, August 27, 2004
(fīr´wâk-ing) (n.) Developed by Mike Schiffman and David Goldsmith, a technique for testing the vulnerability of a firewall and mapping the routers of a network that sits behind a firewall. Firewalking is a method of disguising port scans. In practical applications, firewalking is similar to tracerouting and works by sending into the firewall TCP or UDP packets that have a TTL set at one hop greater than the targeted firewall. If the packet makes it through the gateway, it is forwarded to the next hop where the TTL equals zero and elicits a TTL "exceeded in transit" message, at which point the packet is discarded. Using this method, access information on the firewall can be determined if successive probe packets are sent. Other forms: firewalk (v.)
A Traceroute-Like Analysis of IP Packet Responses to Determine Gateway Access Control Lists This 1998 paper from Goldsmith and Schiffman describes firewalking and examines the risks of using the technique. (pdf)	Related Categories Networks Security Related Terms firewall hop packet ping port scanning TCP traceroute TTL UDP