Presentation is loading. Please wait.

Presentation is loading. Please wait.

Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos 110512.

Published byLindsey Jordan Modified over 7 years ago

Similar presentations

Presentation on theme: "Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos 110512."— Presentation transcript:

1 Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos 110512

2 Polytechnic University Problems faced by corporate networks Leaking of critical information External threats A scheme named firewall was introduced

3 Polytechnic University Firewalls isolates organization’s internal net from larger Internet, allowing some packets to pass, blocking others. firewall Internet privately administered 222.22/16 By conventional definition, a firewall is a partition made of fireproof material designed to prevent the spread of fire from one part of a building to another.

4 Polytechnic University Firewall goals: All traffic from outside to inside and vice- versa passes through the firewall. Only authorized traffic, as defined by local security policy, will be allowed to pass. The firewall itself is immune to penetration.

5 Polytechnic University Firewalls: types 1. Traditional packet filters ◦ filters often combined with router, creating a firewall 2. Stateful filters 3. Application gateways Major firewall vendors: Checkpoint Cisco PIX

6 Polytechnic University Traditional packet filters source IP address destination IP address source port destination port TCP flag bits ◦ SYN bit set: datagram for connection initiation ◦ ACK bit set: part of established connection TCP or UDP or ICMP ◦ Firewalls often configured to block all UDP direction ◦ Is the datagram leaving or entering the internal network? router interface ◦ decisions can be different for different interfaces Analyzes each datagram going through it; makes drop decision based on:

7 Polytechnic University Filtering Rules - Examples Policy Firewall Setting No outside Web access. Drop all outgoing packets to any IP address, port 80 External connections to public Web server only. Drop all incoming TCP SYN packets to any IP except 222.22.44.203, port 80 Prevent IPTV from eating up the available bandwidth. Drop all incoming UDP packets - except DNS and router broadcasts. Prevent your network from being used for a Smurf DoS attack. Drop all ICMP packets going to a “broadcast” address (eg 222.22.255.255). Prevent your network from being tracerouted Drop all outgoing ICMP

8 Polytechnic University Access control lists action source address dest address protocol source port dest port flag bit allow 222.22/16 outside of 222.22/16 TCP > 102380 any allow outside of 222.22/16 TCP80 > 1023ACK allow 222.22/16 outside of 222.22/16 UDP > 102353--- allow outside of 222.22/16 UDP53 > 1023---- denyall Apply rules from top to bottom:

9 Polytechnic University Access control lists Each router/firewall interface can have its own ACL Most firewall vendors provide both command-line and graphical configuration interface

10 Polytechnic University Advantages and disadvantages of traditional packet filters Advantages ◦ One screening router can protect entire network ◦ Can be efficient if filtering rules are kept simple ◦ Widely available. Almost any router, even Linux boxes Disadvantages ◦ IP address spoofing ◦ Source routing attacks ◦ Tiny fragment attack ◦ Can possibly be penetrated ◦ Cannot enforce some policies. For example, permit certain users.

11 Polytechnic University Stateful Filters In earlier example, any packet with ACK=1 and source port 80 gets in. ◦ Attacker could, for example, attempt a malformed packet attack by sending ACK=1 segments Stateful filter: Adds more intelligence to the filter decision-making process ◦ Stateful = remember past packets ◦ Memory implemented in a very dynamic state table

12 Polytechnic University

13 Application gateways (aka proxy gateways) Gateway sits between user on inside and server on outside. Instead of talking directly, user and server talk through proxy. Allows more fine grained and sophisticated control than packet filtering. For example, ftp server may not allow files greater than a set size. A mail server is an example of an application gateway ◦ Can’t deposit mail in recipient’s mail server without passing through sender’s mail server host-to-gateway ftp session gateway-to-remote host ftp session application gateway

14 Polytechnic University Configuring client Tools/options/connections/LAN settings/proxies:

15 Polytechnic University Advantages and disadvantages of proxy gateways Advantages ◦ Proxy can log all connections, activity in connections ◦ Proxy can provide caching ◦ Proxy can do intelligent filtering based on content ◦ Proxy can perform user-level authentication Disadvantages ◦ Not all services have proxied versions ◦ May need different proxy server for each service ◦ Requires modification of client ◦ Performance

16 Polytechnic University Application gateways + packet filter Filters packets on application data as well as on IP/TCP/UDP fields. Example: allow select internal users to ftp outside. 1. Require all ftp users to ftp through gateway. 2. For authorized users, gateway sets up ftp connection to dest host. Gateway relays data between 2 connections 3. Router filter blocks all ftp connections not originating from gateway. host-to-gateway ftp session gateway-to-remote host ftp session application gateway router and filter

17 Polytechnic University Chaining Proxies proxy 1 proxy 2

18 Polytechnic University SOCKS Proxy protocol Generic proxy protocol ◦ Don’t have to redo all of the code when proxifying an application. Can be used by HTTP, FTP, telnet, SSL,… ◦ Independent of application layer protocol Includes authentication, restricting which users/apps/IP addresses can pass through firewall.

19 Polytechnic University SOCKS proxy protocol HTTP SOCKS Library TCP SOCKS Daemon TCP Apache/IIS Firefox/Oper a/IE HTTP TCP Firewall Application 1. For example, let’s assume that browser requests a page 2. SOCKS Library is a collection of procedures. It translates requests into a specific format and sends them to SOCKS Daemon 3. The SOCKS Daemon runs on the firewall host. The daemon authenticates the user and forwards all the data to the server. 4. The server receives requests as ordinary HTTP. It does not need a SOCKS library.

20 Polytechnic University Demilitarized Zone (DMZ) Web server FTP server DNS server application gateway Internet Demilitarized zone Internal network firewall

21 Polytechnic University Firewalls: Summary Filters ◦ Widely available in routers, linux Stateful filters ◦ Maintains connection state Application gateways ◦ Often implemented with SOCKS today

Download ppt "Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos 110512."

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Local Wireless Network - An wireless Access Point (AP) which is the bridge the ethernet network and the wireless network -The AP protect its wireless network.

Local Wireless Network - An wireless Access Point (AP) which is the bridge the ethernet network and the wireless network -The AP protect its wireless network.
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.

Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Similar presentations

Ads by Google