Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Fire walking is the method of determining the movement of a data packet from an untrusted external host to a protected internal host through a firewall.
The idea behind fire walking is to determine which ports are open and whether packets with control information can pass through a packet filtering device.
Gathering information about a remote network protected by a firewall can be accomplished using fire walking. One of the uses of fire walking is to determine the hosts present inside the perimeter of the protected network. Another application is to determine the list of ports accessible via a firewall.
Trace route is a utility used while debugging to determine the various hosts present between a particular source and destination. The time-to-live (TTL) field corresponding to an IP packet header, which is used to determine the number of hosts the packet can pass through, is decremented at every router. Trace route uses Internet Control Message Protocol ping packets sent to a destination. The TTL field is incremented by one after each successive round. When the TTL reaches 0, the router sends back an error message to the source indicating the router at which the packet expired.
An attacker looking to fire walk needs to send successive packets by ensuring that the TTL of each successive packet is one more than the previous one. Trace route is a form of network reconnaissance. Since trace route is implemented at the IP layer, any protocol such as ICMP, Transmission Control Protocol or User Datagram Protocol can be used. Trace route determines the last gateway that accepted the packet.
The IP address of a gateway before the firewall and the IP address of a host within the secure perimeter are the only two things required to implement fire walking. Firewall protocol scan is one type of application in which packets of different protocols are passed through various ports to determine what protocol is supported and what type of packets are allowed by the firewall.