Tunneling and Port Forwarding

Most network environments are not flat. In a flat network, all devices are able to communicate freely with each other, This is little or no attempt to limit the access that each device has to other devices on the same network, regardless of whether devices need to communicate during normal operations.

A more secure design for networks is segmented networks. This type of network is broken into smaller networks, each of which is called a subnet. Network segmentation severely limits attackers, because compromising a single host no longer gives free access to every other device on the network.

Firewalls

Firewalls are frequents implemented at the endpoint software level to control the flow of traffic between subnets. The Linux kernel has firewall capabilities that can be configured with the iptables tool suite, while Windows offers the built-in Windows Defender Firewall

Most firewalls tend to allow or block traffic in line with a set of rules based on IP addresses and port numbers, so their functionality is limited. However, sometimes Deep Packet Inspection monitors monitor the contents of incoming and outgoing traffic and terminates it based on a set of rules.

Port Redirection

Port redirection and tunneling are both strategies we can use to traverse these boundaries. Port redirection means modifying the flow of data so that packets sent to one socket will be taken and passed to another socket. Tunneling means encapsulating one type of data stream within another, for example, transporting HTTP traffic within a SSH connection (so from an external perspective, only SSH traffic will be visible).