Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewalls Anand Sharma Austin Wellman Kingdon Barrett.

Published byNathalie Cumberledge Modified over 9 years ago

Similar presentations

Presentation on theme: "Firewalls Anand Sharma Austin Wellman Kingdon Barrett."— Presentation transcript:

1 Firewalls Anand Sharma Austin Wellman Kingdon Barrett

2 Overview Firewall Knowledge from UNIX Entry-Level Firewalls What is a Firewall? What is an IDS? –IDS implementation methodologies –Who needs an IDS? Firewall or IDS?

3 What is a Firewall?

4 How are they used?  Where do firewalls live?  On the borders of Network Segments  Two-way static routes between mutually trusting subnets  Interdepartmental routing within an organization

5 How are they used?  NAT configuration for a private/business network  Firewall Interfaces: external (public presence) and internal (gateway address)  whiteruby.rit.edu vs. whiteruby.tuesday.local  Internal Network Addresses: *.tuesday.local

6 Basic Firewall Operation

7 Why do you need it? Protection against unauthorized connections Blocking unnecessary port access Preventing malicious and “harmless” software from phoning home

8 Firewalls fall into four broad categories: Packet filters. Circuit level gateways. Application level gateways. Stateful multilayer inspection firewalls.

9 Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. They are usually part of a router.

10 Second Generation - Circuit Level

11 Application Layer Firewalls work at the top level. They evaluate packet data according to rules to allow or deny connections.

12 Stateful Multilayer Inspection Firewalls

13 Software Firewall

14 Pros Does not require additional hardware. Does not require additional computer wiring. A good option for single computers. They are very easy to configure Cons Since they run on your computer they require resources (CPU, memory and disk space) from your system. They can introduce incompatibilities into your operating system. One copy is typically required for each computer.

15 Hardware Firewall

16 Pros  They tend to provide more complete protection than software firewalls A hardware firewall can protect more than one system at a time They do not effect system performance since they do not run on your system. They are independent of your operating system and applications. Cons They tend to be expensive, although if you have a number of machines to protect it can cost less to purchase one hardware firewall than a number of copies of a software product. Since they do not run on your computer, they can be challenging to configure.

17 Choosing the right firewall: The size of your network The level of security you’re looking for The amount of money your willing to pay Compatibility and interoperability

18 Available Firewalls - Windows Built in Pros  Available on every Windows computer by default as of SP2 No configuration needed beyond enabling it for it to work Cons Who will police the police? Outgoing transmissions limited very little if at all Could create a false sense of security in normal users

19 Available Firewalls - ISA Server Useful for a large business network Based on a combination of Application Layer and Packet Filtering technology Allows restriction of outgoing access by user, program, destination, and other criteria Restricts incoming access as necessary VPN support

20 Scriptable Firewall Systems  OpenBSD (pf)  http://www.openbsd.org/faq/pf/ http://www.openbsd.org/faq/pf/  FreeBSD (ipf, ipfw)  http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html  http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls- ipfw.html http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls- ipfw.html  Linux 2.4 and later (iptables)  http://www.netfilter.org/ http://www.netfilter.org/

21 Getting Started with Firewalls  You Need:  One (1) computer with two (2) network interfaces  Somebody else's network (read: the Internet)  Several of your own computers  A hub or a switch to connect your own computers together

22 Getting Started with Firewalls  Software Firewalls:  m0n0wall – http://m0n0.ch/wall/http://m0n0.ch/wall/  Smoothwall – http://smoothwall.net/ or http://smoothwall.org/ (Clever marketing! Check this out, it's two different websites)http://smoothwall.net/ http://smoothwall.org/

23 Intermission Talk amongst yourselves!

24 What is Intrusion Detection?  Host-based IDS  Single tapped network host  Network-based IDS  One or more tapped network segments  Tapped gateways or firewalls

25 Circuit-Level Firewalls  TCP Handshaking  Authorized connections are counted  New traffic is automatically allowed for open connections  Every circuit acts as a data source for IDS-type analysis or logging  “Intelligent” network switches  Paranoia? Watch what you say!

26 Big Brother IDS  Snort: The De-Facto IDS  http://www.snort.org/docs/ http://www.snort.org/docs/  Monitor Everything, Log and Classify  Build Signatures for:  Legitimate Use Patterns  Attacks Patterns  Tap Placement is Everything:  http://www.snort.org/docs/iss-placement.pdf http://www.snort.org/docs/iss-placement.pdf

27 Where to Tap?  Network Gateways  Connections from users to the internet  Circuit-level Tap  Monitor connections between local network users  Host-based IDS  System Logs and user information  Decrypted traffic

28 Conclusions  Is there anybody left in the audience who wants to see a large-scale IDS implemented here at RIT?  Definitely not me!  Or across your ISP's network?  Definitely not me!  Questions?

Download ppt "Firewalls Anand Sharma Austin Wellman Kingdon Barrett."

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.

Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Lecture 14 Firewalls modified from slides of Lawrie Brown.

Lecture 14 Firewalls modified from slides of Lawrie Brown.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Lecture 25: Firewalls Introduce several types of firewalls

Lecture 25: Firewalls Introduce several types of firewalls
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 7 Network Perimeter Security.

J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 7 Network Perimeter Security.
Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.

Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.
Firewalls CS591 Topics in Internet Security November 15 1999 Steve Miskovitz, Steve Peckham, Kan Hayashi.

Firewalls CS591 Topics in Internet Security November Steve Miskovitz, Steve Peckham, Kan Hayashi.
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.

Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
A Guide to major network components

A Guide to major network components
Computer Networking Devices Seven Different Networking Components.

Computer Networking Devices Seven Different Networking Components.
Networking Components Chad Benedict – LTEC 4550 1.

Networking Components Chad Benedict – LTEC

Similar presentations

Ads by Google