SHRI VAISHNAV INSTITUTE OF TECHNOLOGY &

SCIENCE,INDORE
Seminar On Firewall
 CONTENTS
 Keywords
 What is firewall ?
 Installation Steps for Windows XP
 Main purpose of using firewalls
 How a firewall works ?
 Firewall types
 Popular hardware & software firewalls
 What is proxy ?
 Main purpose of using proxies
 How a proxy works ?
 Proxy types
 Popular hardware & software proxies
 Conclusion
 KEYWORDS
DSL # Digital Subscriber Line . A family of standards for transmitting
data over twisted pair telephone lines at multi mega bit per second
speeds.
FTP # File Transfer Protocol . The standard protocol of the internet -
architecture for transferring files between hosts.
HTTP # Hyper Text Transfer Protocol . An application level protocol based
on a request /reply paradigm and used in WWW.
ISDN # Integrated Service Digital Network . A digital communication
service offered by telephone carriers .
SMTP # Simple Mail Transfer Protocol . The electronic mail protocol of the
internet .
URL # Uniform Resource Locator. A text string used to identify the
location of internet resources.
 What is firewall ?
Firewall

Firewall is hardware / software

protects the resources of a private network from users from other

networks

Organization , universities , companies use firewall systems

Firewall can act as gateway

Firewall can act as proxy

Firewall filter Incoming & Outgoing information

LAN INTERNET
nstallation Steps for Windows XP:
Steps to Install Firewall In Windows Xp are
as follows:-
Step-1:-Lets get started by clicking the
start button and navigate to settings and
then click on the control panel option.
 Step-2:-
Now you will see a window similar to

Find the "Security Center" icon and double click it.

Step-3:-
The windows security center window
will open. Choose the "Change the
way Security Center alerts me"
choice/link located on the left side
under the heading of "Resources"
and click it.(Window is shown on Next
Slide)
Step-4:-
In this section uncheck all the boxes
and click "Ok".
Step-5
Click the "Automatic Updates" link
under the heading of "Virus
Protection: Manage security settings
for”.(Window is shown on Next Slide)
Step-6
Check the radio button next to
"Notify me but don't automatically
download or install them" option.
Click "Ok". (Window is shown on Next
Slide)
Step-7
Click on the "Windows Firewall"
option in the same area as the last
item. (Window is shown on Next
Slide)
Step-8
Select the "General" tab and click the
radio button next to "Off (not
recommended)" option. Click "Ok".
(Window is shown on Next Slide)
 Main purpose of using
firewalls
 Packet filtering
– Analyzing packets
 Proxy service
– Provide access to other networks e.g INTERNET

INTERNET

LAN



 How a firewall works ?
Sniffing Mode
1) An attacker tries to compromise a service on the protected
network.
2) The Firewall identifies the attempt.

Reset


Harden

Alert

The FIREWALL can now:

LOG • Log the attempt
• Alert the admin
• Harden the firewall
• Or reset a TCP/IP connection
 Types of firewalls ?
Firewalls use one or more of three methods to control traffic flowing in and out of the
network .
1 # FILTER BASED FIREWALL
2# PROXY BASED FIREWALL
3# STATEFUL INSPECTION
Filter based firewalls are configured with a table of addresses that characterize
the packets they will , and will not, forward . By addresses, we mean more than just the
destination’s IP address,although this in one possibility. Ex : (*,*,128.7.6.5,80)
Generally. Each entry in the table is a 4tuple : it gives the IP address and TCP port
number for both source and destination . It sometimes called as LEVEL 4 SWITCHES.
To understand proxy based firewalls works and why you would want one -
consider a corporate web server,where the company wants to make some the servers
page accessible to all external users ,but it wants to restrict certain of the pages to
corporate users at one or more remote sites . Continues…
…...
The solution is to put an HTTP proxy on the firewall . Remote users establish an
HTTP/TCP connection to the proxy , which looks at the URL contained in the
request message . If the requested page is allowed for source host,the proxy
establishes a second HTTP/TCP connection to the server and forwards the request
on to the server. The proxy then forwards the response in the reverse direction
between the two TCP connection.
A newer method that doesn’t examine the contents of each packet
but instead compares certain key parts of the packet to a database of trusted
information. Information traveling from inside the firewall to the outside is monitored
for specific defining characteristics . If the comparison yields a reasonable match,
the information is allowed through . Otherwise it is discarded .
 What firewall protects us
from
 Remote login
 Application backdoors
 Operating system bugs
 Denial of service
 E-mail bombs
 Viruses
 SPAMs
 Trojans
 ….
 Popular hardware & software
firewalls
Software Firewall Hardware Firewall
Ms. ISA Server Cisco PIX
Norton Internet Security Blue Coat
Mcafee Internet Security Cyberoam
ZoneAlarm Check Point
Kerio NetScreen
BlackICE D-link SECURESPOT
Outpost WatchGuard
 What is proxy ?
Proxy

Proxy is hardware / software

Indirect access to other networks e.g INTERNET. all computers on

the local network have to go through it before accessing information
on the Internet.

Organization , universities , companies use proxy systems

Proxy act as gateway

Proxy act as Cache Server/Firewall

Proxy share a connection to others

LAN INTERNET
 Main purpose of using
proxies
 Improve Performance
– Act as Cache server
– Bandwidth control
 Filter Requests
– Prevent access to some web sites!!!
– Prevent access to some protocols
– Time division
 Surfing Anonymously
– Browsing the WWW without any identification!!!
 Improve Performance
 Caching
– Reduce latency Caching can greatly speed up Internet access. If one or more
Internet sites are frequently requested, they are kept in the
– Reduce Network Traffic proxy's cache, so that when a user requests them, they are
delivered directly from the proxy's cache instead of from the
original Internet site.

Caches diminish the need for network bandwidth, typically by

35% or more, by reducing the traffic from browsers to content
servers.
 Bandwidth control
– Policy-based Bandwidth Limits
– Deny by content type

INTERNET
512 Kbps
1 Mbps
128 Kbps

64 Kbps
 Filter Requests
 Prevent access to some web sites!!!
– Categories web sites
 Adult/Sexually Explicit
 Advertisements & Pop-Ups
 Chat
 Gambling
 Games
 Hacking
 Peer-to-Peer
 ……
– Check by content type
 .Exe / .Com
 .Mid / .MP3 / .Wav
 .Avi / .Mpeg / .Rm
 What do you need for
proxy installation?

 Proxy Software
 Ms ISA Server , Squid , WinRoute , …
 Server
 At least 2 network cards
 DIRECT INTERNET connection (Public IP Address)
 Switch/Hub (elective)
 Private IP Address
 10.0.0.1/8 – 172.16.0.1/16 – 192.168.0.1/24
 How a proxy works ?

 See the next Demo

 Source IP
LAN 172.16.0.2
www.yahoo.com
Dest IP
IP : 172.16.0.2 209.191.93.52
Gw : 172.16.0.1

IP : 172.16.0.1

Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
LAN IP : 172.16.0.2
Gw : 172.16.0.1

Source IP
172.16.0.2
www.yahoo.com Change Source IP Address
Source IP
Dest IP
209.191.93.52 217.219.66.2
www.yahoo.com
Dest IP
209.191.93.52
IP : 172.16.0.1

Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
LAN IP : 172.16.0.2
Gw : 172.16.0.1

IP : 172.16.0.1

Proxy Server
INTERNET
Source IP
IP : 217.219.66.2
209.191.93.52
Gw : 217.219.66.1
Dest IP
217.219.66.2

Change Source IP Address

& Destination IP Address
LAN IP : 172.16.0.2
Gw : 172.16.0.1

Source IP
209.191.93.52
Dest IP Source IP
172.16.0.2 Change Dest. IP Address
209.191.93.52
Dest IP
217.219.66.2
IP : 172.16.0.1

Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
LAN

IP : 172.16.0.2
Gw : 172.16.0.1

Source IP
209.191.93.52
Dest IP
172.16.0.2

IP : 172.16.0.1

Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
 Proxy types
 Web proxies
 Caching proxies
 Transparent proxies
 Open proxies

Proxy setting in IE
Popular hardware & software
proxies
Software Proxy Hardware Proxy
Ms. ISA Server Cisco PIX
Squid Blue Coat
WWWOFFLE Cyberoam
Ziproxy Alacer
SafeSquid
tinyproxy
Privoxy
WinGate
 Conclusion
The level of security you establish will determine how many
of these threats can be stopped by your firewall . The
highest level of security would be simply block everything
. Obviously that defeats the purpose of having an internet
connection . But a common rule of thumb is to block
everything,then begin to select what types of traffic you
will allow . One of the best things about a firewall from a
security standpoint is that it stops anyone on the outside
from logging onto a computer in your private network .
While this is a big deal for businesses.
In general , it is impossible for existing
firewalls to know who is accessing the work and, therefore
,who has the ability to connect to other machines on the
network . Ultimately , security mechanisms like IPSEC are
probably required to support such a level of security . Still
,putting a firewall in place provides some “ peace of mind
“.
References :
 www.cisco.com
 www.isaserver.org
 www.wikipedia.com
 www.cert.org
 www.google.com
 www.zonelabs.com
 www.symantec.com
Thank You