Scribd Logo
Importer

Bienvenue sur Scribd !

  • Firewall Rev

    Transféré par

    acasumitchhabra
    14 vues27 pages
    fire

    Copyright

    © © All Rights Reserved

    Formats disponibles

    PPT, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    fire

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    14 vues27 pages

    Firewall Rev

    Transféré par

    acasumitchhabra
    fire

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 27

    FIREWALL

    Firewalls
    Specialized device that selectively filters
    or blocks traffic between networks
    Firewalls
     Firewalls are H/w and S/w combinations
    that are built using routers, servers and a
    variety of software.
     They should sit in the most vulnerable
    point between a corporate network and
    Internet, and they can be as simple or
    complex as corporate Information security
    policy demands.
    Firewalls
    Firewall types
     That monitor the communication between internal
    and external networks
     That block the access to the particular files on
    internet
     That restrict some users from accessing server’s
    services
     That investigate and detect network penetration
     That create virtual private network(VPNs) whereby
    encrypted packets are sent over the Internet
    Firewalls

    Firewall Types
     Packet Filtering Firewalls
     Application level Firewalls
     Stateful Inspection Firewalls
    Packet Filtering Firewalls
    Routers can work as packet filtering firewalls
    Packet Filtering Firewalls
    Packet Filtering Firewalls
     Criteria that a firewall might use to accept
    or deny data:
     Source and destination IP addresses
     Source and destination ports
     TCP, UDP, or ICMP protocols
    Packet Filtering Firewalls
     Criteria that a firewall might use to accept
    or deny data (cont.):
     Packet’s status as the first packet in a new data
    stream or a subsequent packet
     Packet’s status as inbound or outbound to or
    from your private network
     Packet’s status as originating from or being
    destined for an application on your private
    network
    Packet Filtering Firewalls
     Network firewalls are typically used when
    speed is essential.
     Since packets are not passed to the
    application layer and the contents of the
    packet are not being analyzed, packets can
    be processed quicker.
     This can be advantageous for firewalls that
    scan for connections to web and email
    servers, especially ones that have high
    amounts of traffic.
    Packet Filtering Firewalls

    Three common exploits are:


     Buffer overruns
     IP spoofing
     ICMP tunneling.
    Application Level Firewalls

     They are software application run on a network


    host that acts as an intermediary between
    external and internal networks
     Network host that runs the proxy service is
    known as a proxy server, or gateway
    Application Level Firewalls
    Application Level Firewalls

     It masks the data origin by transferring a copy each


    of accepted packet from one network to another.
     It aids in protecting the network from outsiders who
    may be trying to get information about network
    design.
     It is also called Application Layer Gateway.
     It reduces network performance.
    Application Level Firewalls
    Application Level Firewalls

     Can make intelligent decisions about what


    to do with packets that are passing
    through
     Can do a large amount of logging
     Support the ability to report to intrusion
    detection software
    Stateful Inspection Firewalls

     Data packets are captured by an inspection engine


    and analysed by examining that response is coming
    from the host from which the information was
    requested.
     It controls the flow by matching information
    contained in the headers of connection-oriented or
    connectionless IP packets.
     It works at transport layer.
    Stateful Inspection Firewalls

    While stateful inspection provides speed and


    transparency, one of its biggest disadvantages
    is that inside packets make their way to the
    outside network, thus exposing internal IP
    addresses to potential hackers.
    Stateful Inspection Firewalls
    Read packet of
    connection

    Yes Yes
    Is it first Is it Update
    packet ? permitted ? DST

    No
    No
    Is packet state No Reject
    consistent
    packet
    with DST ?

    Yes
    Accept DST : Dynamic
    packet State Table
    Firewalls
    Questions to ask when choosing a firewall:
     Does the firewall support encryption?
     Does the firewall support authentication?
     Does the firewall allow you to manage it
    centrally and through a standard interface?
     How easily can you establish rules for access to
    and from the firewall?
    Firewalls
    Questions to ask when choosing a firewall
    (cont.):
     Does the firewall support filtering at the
    highest layers of the OSI Model?
     Does the firewall provide logging and
    auditing capabilities, or alert you to
    intrusions?
     Does the firewall protect the identity of your
    internal LAN’s addresses from the outside
    world?
    Firewalls
    Problems faced by organisations where
    firewalls are implemented:
     Firewalls are not clearly understood
     Firewalls are not configured properly
     Activities are not monitored regularly
     Firewalls are circumvented through the use of
    modems
     If the hackers are inside a corporate network, their
    action can not be controlled

    Vous aimerez peut-être aussi