Transcript from the "Firewalls" Lesson
>> Jem Young: Now let's talk about something with a really cool name. Firewalls, that's a cool name. So what is a firewall? Someone tell me other than a cool sounding security name.
>> Jem Young: Nothing, nobody? Nobody can tell me what a firewall is, come on, people, you're engineers.
>> Speaker 2: A layer of protection.
>> Jem Young: Yeah, [LAUGH], that's pretty good.
>> Speaker 2: [LAUGH]
>> Jem Young: A firewall is just a way of blocking your ports. So on any given computer, you have ports, ways of connecting into that machine, the OS, or the network layer, things like that. Firewall just says, nah, bro, I don't know you, it just prevents people from connecting to open ports.
[00:00:40] Right now we have probably about one open port on our machine, that's port 22, the SSH port. We have that open through the firewall. If we close that port, we would not be able to SSH because the machine's just going to reject all the incoming connections. Firewall, can't believe you don't know what a firewall is, man, I'm embarrassed for you, no, it's okay, we're here to learn.
[00:01:01] In a building, a firewall is the wall that prevents a fire from coming through it. Totally unrelated to this course whatsoever, but firewall's a cool name. So we talked about blocking ports, how do we know what ports are open on our machine right now, what's the easiest way to do it?
[00:01:20] It's a tool called nmap, and nmap is a very useful tool. So on your local machine, mind you, your local machine, not your server, let's nmap against your server IP. Everybody, local machine, not your sever, just in case, so I'm going to switch to a new shell. First let me get my IP.
>> Jem Young: Bloop, and we're on nmap.
>> Jem Young: And we have one open port, that's our port 22 or SSH port. That's great, that's the way it should be, everybody with me so far? We ran nmap against our server IP.
>> Speaker 3: How can we install that command if we don't have it?
>> Jem Young: Try brew install if you have Homebrew, nmap.
>> Jem Young: Did it find it?
>> Speaker 3: It's thinking about it.
>> Jem Young: [LAUGH] Awesome. Yeah, if you have Homebrew on, and you are running OSX, run nmap, Windows, I am not sure honestly. But there's probably a tool out there, a port scanning tool, and this is always a useful tool, it's more useful than you think.
[00:02:36] So why is it useful? I'm going to tell you a tale from real life, this happened to me three or four months ago. So I live in a big apartment complex in San Francisco, and I have really fast Internet. But the problem is, my connection will always be getting dropped, like all the time, I think there's just too much interference.
[00:02:54] So I decided to get a new router, but not just a new router, a new fancy, shiny router. These plug into individual ports and they kind of broadcast signal throughout my apartment. And they signal hop and it's really, really cool. But when I logged in, I first got everything set up, it has an app, I logged in, I said, it showed a weird device on my network.
[00:03:15] And I didn't know what that was. And honestly, if you note the time, it's at 2:48 in the morning because I was that excited to get my Internet up and running. And then I see that there's an IP camera on my network, and that kind of freaked me out, because I'm like, what?
[00:03:30] What is happening here? Like, there's a camera in my, connected to my home router, my encrypted network? So, what did I do? Well first I freaked out for a bit, because I looked for a camera, but then I thought, no, I'm an engineer, what kind of tools can I use?
[00:03:44] Well, I can get the IP address from my app, it tells me the local IP address, because it's connected to my network obviously. So I ran nmap against that IP address, and in general, 192.168 are almost always local addresses. I think they're always local addresses, so I ran it against that.
[00:04:02] It told me that there is two open ports, 8099 and 9080. Those aren't very common ports that I know about, but I thought, let's see what's going on. So naturally I tried to curl into one of those ports, just to see if it returns anything, maybe it's a web server running, I don't know.
[00:04:18] Nothing, it didn't give me anything. So next I tried it on 9080, and it gave me something back, which is interesting. This just gave me back a regular 200 response, standard HTTP, okay. Not really that useful, because I tried connecting to my browser to see if it was going to give me anything, nothing.
[00:04:36] So what did I do next? I ran nmap dash s, dash v, and what that did is it showed me, it's actually my smart TV that was miscategorized by my app. It was actually just my Visio TV, but again, because I knew these tools, it's just tales of real life.
[00:04:53] You never know when just knowing these tiny little tools are going to help you. Nmap.s/v, this is just going to tell me the software OS, if it can determine that, and just all the info it can. Pretty useful to keep me from freaking out, I sent a very nasty email to them.
[00:05:08] [LAUGH] It's not cool saying there is a camera connected to my network. But anyways, nmap, it's a useful tool, not just for port scanning, if you just want to know what's going on with the machine.