Post on 25-Feb-2016
description
transcript
FIREWALL
By : Himanshu MishraNimish Agarwal
CPSC 624
What is a Firewall?
A system designed to prevent unauthorized access to or from a private network.
It must have at least two network interfaces.
What Firewall does?
Examines all traffic routed between the two networks.
Filters both inbound and outbound traffic.
Used to log all attempts to enter the private network.
Types
The several classifications of firewalls depends on
Where the communication is taking place.
Where the communication is intercepted.
The state that is being traced.
Network Layers and Packet Filters
Examines five characteristics of a packet.
Operates on Level 3 i.e. Network Layer of OSI Model.
Has rules by default or defined by the firewall administrator.
Packets either allowed, rejected or dropped.
Application Layer
Operates on Layer 7 .i.e Application Layer of OSI Model.
Intercept all packets traveling to or from an application.
Adds extra latency.
Application filters apply filtering rules on a per process basis instead of filtering connections on a per port basis
Proxies
Proxies contd
Every packet stopped, examined and compared.
Re-created and sent.
Drawback: Separate proxy application written for each applicatione.g. An HTTP proxy for web traffic, an FTP proxy for file
transfers, a Gopher proxy for Gopher traffic
Network Address Translation
Allows a single device to act as an agent between the Internet (or "public network") and a local (or "private") network.
Nat sits between an internal network and the rest of the world.
Extensive filtering and traffic logging.
Nat vs Proxies
Nat sometimes confused with Proxies.
Nat is transparent.
Proxy server works at Level 4 or higher in OSI Model.
Proxy servers are slower.
Nat vs Proxies contd
Firewall ConfigurationFirewalls are customizable.
IP address. Domain names. Protocols. Ports. Specific words or phrases.
IP Address and Domain names
IP address: Each machine has unique IP address. Typical IP address : 216.27.61.137 e.g. certain IP
reading too many files can be blocked.
Domain Names: Hard to remember string of numbers. Since IP addresses change, hence human-readable
names.
Protocols Protocol is the pre-defined way that someone who wants to use
a service talks with that service. Protocols are often text.
Some common protocols:IP TCP HTTP FTP UDPICMP SMTP SNMP TELNET
Company might set one or two protocols on a particular machine.
Ports and Specific words and phrases
Ports: Server machine makes its services available to the
Internet using numbered ports. For e.g. if a server machine is running a Web (HTTP)
server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21.
Specific words and phrases: sniff each packet of information for an exact match of the
text listed in the filter
Hardware firewallAdvantages: Easy to set up. Pre-defined set of rules. Consumes no resources on the computer and is faster. Works on a network.
Disadvantages: Not dynamic and will block everything defined in filter.
Software FirewallAdvantages: Easy to install. Customizable. Upgradable.
Disadvantages: Protects single computer on which they are installed. Eats resources and slows down.
Why Firewall Security?To prevent against following threats:
Remote login Application backdoors SMTP session hijacking Operating system bugs Denial of service E-mail bombs Macros Viruses Spam Redirect bombs Source routing
Conclusion
Use both hardware and software for maximum protection
Each offers different but much-needed security features and benefits.
Updating and testing are both essentially important to ensure it is connected and working properly.
Thank You
References: http://www.webopedia.com/DidYouKnow/Hardware_Softw
are/2004/firewall_types.asp http://en.wikipedia.org/wiki/Firewall_(computing) http://computer.howstuffworks.com/firewall.htm http://computer.howstuffworks.com/nat5.htm