Presentation is loading. Please wait.

Presentation is loading. Please wait.

IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works.

Published byLeo Townsend Modified over 8 years ago

Similar presentations

Presentation on theme: "IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works."— Presentation transcript:

1 IP packet filtering Breno de Medeiros

2 Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works by controlling what data can flow to and from a network. –Packet filtering occurs at routers –A router inspects each packet entering and/or leaving the network to make routing decisions. –A filtering router also makes policy decisions.

3 Breno de MedeirosFlorida State University Fall 2005 Dropping spoofed/malformed packets From textbook: Building Internet Firewalls

4 Breno de MedeirosFlorida State University Fall 2005 Basic IP-filtering policies Source and destination addresses Session and application ports –enforce visibility/connectivity policies of internal network to the Internet –prevent certain protocols from being executed between specific hosts in different networks Maintains no state information about connections

5 Breno de MedeirosFlorida State University Fall 2005 Stateful packet filtering Allows for more complex policies based on current state of connections between two machines. –Let incoming UDP packets through only if they are responses to outgoing UDP packets you have seen. –Accept TCP packets with SYN set only as part of TCP connection initiation.

6 Breno de MedeirosFlorida State University Fall 2005 Stateful/dynamic filtering Routers must keep state information –For how long? If multiple routers are used, they need to synchronize the state information very fast, or else there will be incorrect decisions. Protocol-based filtering: –ensure that packets contain properly formed protocol data –prevent protocols being run on other ports

7 Breno de MedeirosFlorida State University Fall 2005 Default deny/drop Disallow all by default; add rules to permit traffic explicitly Log dropped packets Log some allowed packets For some protocols, such as mail authentication, require that send an ICMP error message in response to a disallowed packet. In most cases, better to drop the packet and say nothing to sender.

8 Breno de MedeirosFlorida State University Fall 2005 Examples Allow outgoing TCP port 80 requests Allow incoming SMTP to mail server only Disallow outgoing packets with external source addresses Disallow incoming packets with internal source addresses Disallow incoming packets for TCP/UDP port 79 (finger)

Download ppt "IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works."

Similar presentations

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.

Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.

Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
Firewalls Screen packets coming into the Privet Networks from external, Untrusted Networks (Internet) Ingress Packet Filtering  Firewall examine incoming.

Firewalls Screen packets coming into the Privet Networks from external, Untrusted Networks (Internet) Ingress Packet Filtering  Firewall examine incoming.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.

Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
A Brief Taxonomy of Firewalls

A Brief Taxonomy of Firewalls
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)

1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
FIREWALL Mạng máy tính nâng cao-V1.

FIREWALL Mạng máy tính nâng cao-V1.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.

January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
Chapter 6: Packet Filtering

Chapter 6: Packet Filtering
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 12: Routing.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 12: Routing.

Similar presentations

Ads by Google