Stealth Firewall: Invisible Wall for Network Security

Abstract

Firewall is one of the crucial pillars of network security. Conventional network firewalls are IP visible and hence vulnerable to network-based attack. IP visible firewalls are IP reachable by attackers from untrusted external network as well as from trusted internal network. A grave situation would result if an attacker managed to break into the firewall and reconfigure it. In this case, attacker can reconfigure the firewall to allow either some specific network service access or in worst case make entire private network reachable by anyone. The risks are Brobdingnagian, once the firewall is compromised, leads to fall the whole network within the mercy of the attacker. To address the security concern due to IP visibility, we designed a stealth packet filtering firewall leveraging the bridging and Netfilter framework of Linux kernel. This paper describes our approach of stealth firewall to overcome limitations of conventional gateway firewall.