I have 2 basic questions about network security firewall

Toggle sidebar Toggle sidebar
C

coringa2112

Prominent
Sep 7, 2017
19
0
510
hi folks, i have some questions about firewall, i'm using iptables ( i don't know to code it i use a builder from internet) so i have 2 questions:

1- its possible to block on iptables all encrypted packets, and use this filter if it's encrypted to block it, or not?

2- Any other packet that is not encrypted, can i read and know what this is about or there will be no encrypted packets which i will not be able to see what data is that?

thanks for any help
 
Sort by date Sort by votes
B

bill001g

Titan
Aug 9, 2012
28,362
2,766
125,640
But what does "encrypted" mean. Lets say someone used ZIP to compress a file but you do not have the program to uncompress it does that make the file encrypted. Things like video are sent in compressed formats but generally there is no easy way to tell which codec they are using to compress it. Things like game companies use a proprietary communication method between the client and the server. Many are not actually encrypted but since they do not document how the data is sent it has the same effect.

Pretty much a firewall blocks by port numbers or ip addresses. Some can do deep packet inspection but they have to understand the protocol, does not pay to try to decode VoIP SIP packets using a filter designed for HTTP web pages.

Now days almost all traffic is encrypted. HTTPS is a fairly strong encryption and many web sites are moving away from normal HTTP to HTTPS
 
Upvote 0 Downvote
C

coringa2112

Prominent
Sep 7, 2017
19
0
510
by encrypted i mean on wireshark info, some packets are labeled "encrypted". So i can only filter the port and ip address, as you say, so i have my answer, thanks a lot
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom