Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Part III: Security Appliances Firewalls.

Published byAlisha Watkins Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Security Part III: Security Appliances Firewalls."— Presentation transcript:

1 Network Security Part III: Security Appliances Firewalls

2 SECURITY INNOVATION ©2003 2 Common Security Attacks and Their Countermeasures Finding a way into the network –Firewalls Exploiting software bugs, buffer overflows –Intrusion Detection Systems Denial of Service –Ingress filtering, IDS TCP hijacking –IPSec Packet sniffing –Encryption (SSH, SSL, HTTPS) Social problems –Education

3 SECURITY INNOVATION ©2003 3Firewalls Basic problem – many network applications and protocols have security problems that are fixed over time –Difficult for users to keep up with changes and keep host secure –Solution Administrators limit access to end hosts by using a firewall Firewall is kept up-to-date by administrators

4 SECURITY INNOVATION ©2003 4Firewalls A firewall is like a castle with a drawbridge –Only one point of access into the network –This can be good or bad Can be hardware or software –Ex. Some routers come with firewall functionality –ipfw, ipchains, pf on Unix systems, Windows XP and Mac OS X have built in firewalls

5 SECURITY INNOVATION ©2003 5FirewallsIntranet DMZ Internet FirewallFirewall Web server, email server, web proxy, etc

6 SECURITY INNOVATION ©2003 6Firewalls Used to filter packets based on a combination of features –These are called packet filtering firewalls There are other types too, but they will not be discussed –Ex. Drop packets with destination port of 23 (Telnet) –Can use any combination of IP/UDP/TCP header information –man ipfw on unix47 for much more detail But why don’t we just turn Telnet off?

7 SECURITY INNOVATION ©2003 7Firewalls Here is what a computer with a default Windows XP install looks like: –135/tcp open loc-srv –139/tcp open netbios-ssn –445/tcp open microsoft-ds –1025/tcp open NFS-or-IIS –3389/tcp open ms-term-serv –5000/tcp open UPnP Might need some of these services, or might not be able to control all the machines on the network

8 SECURITY INNOVATION ©2003 8Firewalls What does a firewall rule look like? –Depends on the firewall used Example: ipfw –/sbin/ipfw add deny tcp from cracker.evil.org to wolf.tambov.su telnet Other examples: WinXP & Mac OS X have built in and third party firewalls –Different graphical user interfaces –Varying amounts of complexity and power

Download ppt "Network Security Part III: Security Appliances Firewalls."

Similar presentations

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Cyber Security for Smart Grids Prof. Biplab Sikdar Department of Electrical, Computer and Systems Engineering Rensselaer Polytechnic Institute Troy NY.

Cyber Security for Smart Grids Prof. Biplab Sikdar Department of Electrical, Computer and Systems Engineering Rensselaer Polytechnic Institute Troy NY.
Jonas Lippuner. Overview IPCop  Introduction  Network Structure  Services  Addons Installing IPCop on a SD card  Hardware  Installation.

Jonas Lippuner. Overview IPCop  Introduction  Network Structure  Services  Addons Installing IPCop on a SD card  Hardware  Installation.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
1 Firewalls Types of Firewalls  Screening router firewalls  Computer-based firewalls  Firewall appliances  Host firewalls (firewalls on clients and.

1 Firewalls Types of Firewalls  Screening router firewalls  Computer-based firewalls  Firewall appliances  Host firewalls (firewalls on clients and.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.

1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.
Web Server Administration Chapter 10 Securing the Web Environment.

Web Server Administration Chapter 10 Securing the Web Environment.
Honeypot and Intrusion Detection System

Honeypot and Intrusion Detection System
OV 12 - 1 Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Similar presentations

Ads by Google