Author: Pappu Mandal, Cyber Forensic Analyst, Specialist Advisory & Intervention Group.
Firewalls are the most important network security elements and one of the most targeted components due to its presence on the perimeter of the network. Though firewalls claim to be effective against malicious attempts, due to it being the first line of defense and bearing the motoring’s responsibility, the network traffic is subjected to multiple and repeated threats of attack. Malicious attackers and applications can misuse even the simplest protocols to bypasses the firewall’s control, hence mandating the need for penetration testing in order to understand the risk an organization might face concerning its cyber operations. The current manuscript discusses firewall penetration testing and touches upon the different modes of attack, such as spoofing, tunneling, proxying, etc., from which the penetration tester could choose to construct a pen testing strategy to bypass the firewall. The manuscript also touches upon some of the popular tools used in the penetration testing process.