Embed Size (px)
DESCRIPTION
Firewalls In nutshell....complexity level 03
Citation preview
29 December 2008 abhiroop@cdac 1
Firewalls
The function of a strong position is to make the forces holding it practically unassailable
-On War,(Carl Von Clausewitz)
ABHIROOP GHATAKen no: 0771184406
29 December 2008 abhiroop@cdac 2
What is a Firewall?
A firewall is hardware, software, or a combination of both that is used to prevent unauthorized programs or Internet users from accessing a private network and/or a single computer.
A firewall is simply a program or h/w device that filters the info.coming through the internet connection into your private network or comp-system.IF an incoming packet of info.is flagged by the filters,it is not allowed through.
29 December 2008 abhiroop@cdac 3
Hardware vs. Software Firewalls
Hardware Firewalls
Protect an entire network
Implemented on the router level
Usually more expensive, harder to configure
Software Firewalls
Protect a single computer
Usually less expensive, easier to configure
29 December 2008 abhiroop@cdac 4
How does a software firewall work?
Inspects each individual “packet” of data as it arrives at either side of the firewall
Inbound to or outbound from your computer
Determines whether it should be allowed to pass through or if it should be blocked
29 December 2008 abhiroop@cdac 5
Protected Private Network
Internet
Firewalls denies or permits access based on rules and policies
29 December 2008 abhiroop@cdac 6
Firewall Rules
Allow – traffic that flows automatically because it has been deemed as “safe” (Ex. Meeting Maker, Eudora, etc.)
Block – traffic that is blocked because it has been deemed dangerous to your computer
Ask – asks the user whether or not the traffic is allowed to pass through
29 December 2008 abhiroop@cdac 7
What a personal firewall can do
Stop hackers from accessing your computer
Protects your personal information
Allow virtual private networks
locks “pop up” ads and certain cookies
Determines which programs can access the Internet
29 December 2008 abhiroop@cdac 8
Firewalls DON’T
Protect against attacks that bypass the firewall
Dial-out from internal host to an ISP
Protect against internal threats
disgruntled employee
Insider cooperates with and external attacker
Protect against the transfer of virus-infected programs or files
29 December 2008 abhiroop@cdac 9
Type is Firewalls ..
Firewalls fall into four broad categories .
Packet filters
Application level
Circuit level
Stateful inspection firewalls
29 December 2008 abhiroop@cdac 10
Packet filtering firewall
29 December 2008 abhiroop@cdac 11
Packet Filtering Routers
• Forward or discard IP packet according a set of rules
• Filtering rules are based on fields in the IP and transport header
29 December 2008 abhiroop@cdac 12
Packet-filter firewall
29 December 2008 abhiroop@cdac 13
Application level gateway
Proxy serverFirewall
Data Link
Network
InternetPhysical
Data Link
NetworkInternalNetwork
Physical
Router
Transport
Application
Transport
Application
Application Proxies
29 December 2008 abhiroop@cdac 14
Continue …
Act as relay of application-level traffic.The user contacts the gateway using TCP/IP application,such as FTP ,and the gateway asks the user for the name of a remote host to be accessed.When the user responds and provides a valid user ID and authentication info. the gateway contacts the application on the remote host and relays TCP segments containing the application data between the two points.
29 December 2008 abhiroop@cdac 15
Proxy firewall
29 December 2008 abhiroop@cdac 16
Circuit level gateway(Firewall)
Circuit level gateways work at the session layer of the OSI model.They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to a remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks. Circuit level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets.
29 December 2008 abhiroop@cdac 17
Circuit level gateway
29 December 2008 abhiroop@cdac 18
Continue ..
Whether a connection is valid may for examples be based upon:
destination IP address and/or port
source IP address and/or port
time of day
protocol
user
password
Every session of data exchange is validated and monitored and all traffic is disallowed unless a session is open.
29 December 2008 abhiroop@cdac 19
Stateful
inspection firewalls
Firewall/Router
Router
Network - Access Rules
Transport - Access Rules
Application - State Table
Inspection Module
Data Link
Network
Data Link
Network
InternalNetwork
PhysicalInternet
Physical
29 December 2008 abhiroop@cdac 20
How to trust firewalls?
Firewalls can be trusted if they provide the following services
1)Authentication 2)access control 3)data confidentiality 4)data integrity 5)non repudiation
29 December 2008 abhiroop@cdac 21
uses of firewalls
Virtual private network
Demiltarised zone
A DMZ can be viewed as a layer of privacy between the corporate infrastructure and the Internet, exposing only those systems that
must be known to the public.
Ip security
29 December 2008 abhiroop@cdac 22
VPN
29 December 2008 abhiroop@cdac 23
De-militarised
zone
Protected private network
Demilitarised Zone
MailServer
WEBServer
Internet
DMZ
Open accessbetween
private LANand DMZ
Static filtersbetween private LAN
and DMZ used to control access
Allow SMTP,
From hereto there
only
29 December 2008 abhiroop@cdac 24
Ip security
Firewalls are needed when any organization relies heavily on the internet.
29 December 2008 abhiroop@cdac 25
conclusion
Firewall must continue to advance
Firewalls must be developed to scan virus
$377 million (approx.) lost till datedue to network attacks
.
29 December 2008 abhiroop@cdac 26
29 December 2008 abhiroop@cdac 27
For additional information visit
http://www.pc- help.org/www.nwinternet.com/pchelp/security /firewalls.htm
