Presentation is loading. Please wait.

Presentation is loading. Please wait.

6.6 Firewalls Packet Filter (=filtering router)

Published byCaroline Garrison Modified over 5 years ago

Similar presentations

Presentation on theme: "6.6 Firewalls Packet Filter (=filtering router)"— Presentation transcript:

1 6.6 Firewalls Packet Filter (=filtering router)
Passes/blocks packets, based on IP address and/or port number of source/destination Application gateway (=proxy) All requests/response of certain application must go through its proxy in intranet. Direct access to Internet is forbidden Need gateway for each type of application (telnet, ftp, http, X-window, etc). 2018/9/21

2 Telnet example In client machine, telnet is configured to use application gateway (software). When user invokes telnet, request is sent to local telnet gateway, which prompts user for destination. Application gateway works as intermediary (proxy) throughout telnet session. 2018/9/21

3 Firewall location Internet Intranet Intranet Packet filter and/or
- Application gateway 2018/9/21

4 Typical configurations
DMZ 2018/9/21

5 (a) Filtering router Mail server (port=25) Filtering router Internet
Intranet 2018/9/21

6 Filtering router implementation
- Blocks all incoming packets, except those with certain destination IP addresses and/or port numbers (25, 80) - It may also block outgoing packets, depending on source and/or destination. Action Our host Port Their host Block * SPIGOT Allow Our-MailServ 25 Our-WebServ 80 2018/9/21

7 (b) Filtering router and Bastion host
Internet Protected Intranet Router only permits traffic to/from bastion host 2018/9/21

8 Bastion Host Runs special, secured OS. Can communicate with
Machines in Internet Machines in protected network whose addresses are not externally visible. 2018/9/21

9 (c) Demilitarized Zone (DMZ)
Modem access Bastion host Protected intranet inside router Internet outside router Web server DMZ 2018/9/21

10 DMZ Routers only permit traffic to/from DMZ network
IP addresses in protected net not made public Unlike configuration (b), intranet is not affected by excessive attacking traffic from Internet to Bastion. It is also safe if Web server is compromised. 2018/9/21

11 More on proxy server (application gateway)
Can deny requests from certain internal users IP addresses of internal machines never appear in Internet Can also function as caching proxy All packets can be logged with address of requesting machines May run on Bastion host, intranet or in DMZ Disadvantages= extra delay 2018/9/21

12 HTTP proxy 2018/9/21

13 Local HTTP proxy Proxy Server Internet (B) HTTP (A) Proxy HTTP
Client is configured to use proxy HTTP via (B). (B) Sends GET page.html to on behalf of (A). 2018/9/21

14 HTTP proxy = application gateway
Works in application level. Can check if requested URL is allowed for this user. Can search, e.g., for “CAFEBABE” (written in hex) in first 4 bytes of payload to block java bytecode being transferred. 2018/9/21

15 RMI thru firewall HTTP server Internet RMI server client_stub port
POST “data” to java-rmi.cgi?forward=<rmiServerPort> 2018/9/21

16 Intrusion detection system
DMZ may contain Intrusion Detection System (IDS) It inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate network or system attack from someone attempting to break into or compromise system. 2018/9/21

17 IDS vs. firewall IDS differs from firewall in that firewall looks out for intrusions in order to stop them from happening. Firewall limits access between networks in order to prevent intrusion and does not signal attack from inside network. IDS evaluates suspected intrusion once it has taken place and signals an alarm. IDS also watches for attacks that originate from within system. 2018/9/21

18 Private network 2018/9/21

19 Hybrid network 2018/9/21

20 Virtual private network
2018/9/21

21 Addressing in a VPN 2018/9/21

22 Tunneling 2018/9/21

23 Virtual Private Network (VPN)
Internet Intranet B Intranet A Tunneling Router RA Router RB RB Data Station 200 Station 100 encrypted 2018/9/21

24 Reverse proxy Controls inbound requests (accept/reject)
May be placed in DMZ or outside firewall If request is accepted, it communicates securely with the server in the intranet Some web pages may be made accessible to only to remote company employees Company net Firewall W eb server Random external user Remote company Internet Reverse proxy 2018/9/21

25 Filtering router 2018/9/21

26 Bastion host 2018/9/21

27 Web server directly accessible
Web server invasion doesn’t endanger intranet. 2018/9/21

28 Intranet protected from compromised web server
penetration detected and some actions will be taken 2018/9/21

Download ppt "6.6 Firewalls Packet Filter (=filtering router)"

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.
Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.

Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.

5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Guide to Computer Network Security

Guide to Computer Network Security
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 6: Packet Filtering

Chapter 6: Packet Filtering

Similar presentations

Ads by Google