Common Network Administration Tasks That Use Firewall Service
Your firewall is the first line of defense against unauthorized network intruders, malicious users, and network virus attacks. There are many ways that such attacks can harm your data or use your network resources. This section lists a few of the common uses of firewall service in network administration.
Preventing Denial-of-Service (DoS) Attacks
When the server receives a TCP connection request from a client to whom access is denied, by default it sends a reply rejecting the connection. This stops the denied client from resending over and over again. However, a malicious user can generate a series of TCP connection requests from a denied IP address and force the server to keep replying, locking out others trying to connect to the server. This is one type of Denial-
To prevent ping denial-of-service attacks:
1In Server Admin, choose Firewall from the Computers & Services list.
2Click Settings.
3Select the General tab.
4Select the Any address group.
5Deselect “ICMP Echo (ping) reply.”
6Click Save.
Important:
Controlling or Enabling Peer-to-Peer Network Usage
Sometimes network administrators need to control the use of
You can cut off P2P networking by blocking all traffic incoming and outgoing on the port number used by the P2P application. You’ll have to determine the port used for each P2P network in question. By default, Mac OS X Server’s firewall blocks all ports not specifically opened.
You can choose to limit P2P network usage to IP addresses behind the firewall. To do so, you’ll need to open the P2P port for your LAN interface, but continue to block the port on the interface connected to the Internet (WAN interface). To learn how to make a firewall filter, see “Creating an Advanced IP Filter for TCP ports” on page 51.
Chapter 3 IP Firewall Service
59