Presentation is loading. Please wait.

Presentation is loading. Please wait.

Survey of Information Assurance FIREWALLS. The term "firewall" originally meant a wall to confine a fire or potential fire within a building. Later uses.

Published byProsper Lee Modified over 9 years ago

Similar presentations

Presentation on theme: "Survey of Information Assurance FIREWALLS. The term "firewall" originally meant a wall to confine a fire or potential fire within a building. Later uses."— Presentation transcript:

1 Survey of Information Assurance FIREWALLS

2 The term "firewall" originally meant a wall to confine a fire or potential fire within a building. Later uses refer to similar structures, such as the metal sheet separating the engine compartment of a vehicle or aircraft from the passenger compartment. Ref: http://en.wikipedia.org/wiki/Firewall_(networking)

3 Agenda Why firewalls Types of firewalls Design considerations Challenges in designing firewalls for: HTTP, SMTP/POP3, FTP Limitations Latest trends Q & A

4 Scope of Discussions The following are not covered in today’s presentation:  Security implementations other than firewalls i.e. IPSEC, VPN etc  Detailed discussion on all possible protocols that may be attacked and may need to be secured

5 Why do we need firewalls? Enormous amount of mal-activities on the Internet For fun i.e. corrupting data/OS/applications – Integrity compromised Obtaining useful data from users i.e. bank passwords – Secrecy compromised Obtaining access to bring down enterprise resources (DOS) – Availability compromised Using victim’s resources to hack into other systems – Identity compromised

6 Types of Attacks Intrusion  Social engineering  Guesswork Denial of Service  Flooding the network (e-mails, worms, requests, processes etc. )  Disable or re-route services  Use of Trojans Information Theft  Internet services that take user data

7 Types of Attackers! Joyriders – boredom killing activity Vandals – vengeance Scorekeepers – ego booster Spies – money or intellectual property stealth

8 What are Firewalls? Prevents “FIRE” from spreading into the “WALLED” area Effective security measure to:  Restrict entry at a control point  Prevent attacker to get close to other defense mechanisms  Restrict exit at a control point

9 Firewalls: Capability… First line of defense Focal point for security decisions Enforce security policy Log internet activity Limit exposure of internal network

10 Firewalls: Incapable of… Handling Insider activity Monitoring bypassed connections Protecting against very new threats Protecting against all viruses Self-configuration

11 Types of Firewalls (1 of 5) Packet filtering Proxy services Network address translation (NAT)

12 Types of Firewalls (2 of 5) Packet Filtering The firewall screens each packet header Uses screening router for look-up Reads header information (source and destination IP, port, ICMP message type etc.) Reads route information (incoming and outgoing interface Can be stateful of stateless packet filter Can take decisive actions (send/drop/log/alarm)

13 Types of Firewalls (3 of 5) Packet Filtering Advantages  Needs just one screening router at choke-point  Efficient – can reach line-rate processing  Stateless are more efficient (processing time)  Easily available Disadvantages  Difficult configuration, easy to go wrong  Reduces router performance  Cannot process every policy

14 Typical packet filter operation

15 Types of Firewalls (4 of 5) Proxy services Application layer gateways (ALGs) Dual-homed hosts and packet-filters Advantages  Authentication  Logging and Caching  Intelligent filtering Disadvantages  Time lag for proxy processing  May require modifications to clients/applications

16 Types of Firewalls (5 of 5) Network Address Translation (NAT) Not exactly a firewall technology Packet modification at gateway Advantages  Control over both inbound and outbound connections  Conceal internal network architecture Disadvantages  Stateful information required for routing  Embedded IP problems, encryption issues  Logging issues, packet-filtering issues (dynamicity)

17 Designing Firewalls Single-Box architecture  Screening router  Dual-homed host Screened Host architecture Screened Subnet architecture - DMZ  Perimeter Network (Interior and Exterior Routers)  Bastion Host Multiple screened subnets

18 Screening Router Architecture

19 Screened Host Architecture

20 Screened subnet architecture

21 Dual-Homed Host with Proxy server

22 Real Firewalls Considerations while designing Firewalls

23 Firewall for HTTP based attacks (1 of 3) What is HTTP? (Brief Review) HTTP –Hyper Text Transfer Protocol Stateless Protocol Flexible Difficult to secure Implemented over any layer Port 80 dedicated for HTTP Proxy -HTTP Used to enhance cache Used to restrict internet activities of LAN

24 Firewall for HTTP based attacks (2 of 3) What could go wrong with HTTP? Remote logging on server Privacy request & response Abuse of source and resources Exploiting bugs and security Client should be prompted from use of http as web servers are vulnerable.

25 Firewall for HTTP based attacks (3 of 3) What should a Firewall do? Configuring HTTP – Deny access to raw IP address pages Re-configuring can be allocated to system admin or LAN Make sure that each derivate * has only one name Reboot the system after every change made in the file “access.config” Always have access control to list of important documents.

26 Firewall for FTP based attacks (1 of 2) How vulnerable is FTP? FTP -File transfer protocol It is most insecure protocol – Do you know why? Username and password can be sniffed Unauthorized access is possible Data transmission is unencrypted and be sniffed

27 Firewall for FTP based attacks (2 of 2) What should a Firewall do? Continuous verification of status of the server Usage of SSL (Security Socket Layer) client server program SSL requires third party (CA) authentication Passwords must be encrypted Anonymous FTP root and subdirectories must be separated

28 An illustration of how SMTP/POP3 work… Ref: http://www.csolve.net/images/smtp.pnghttp://www.csolve.net/images/smtp.png

29 Firewall for SMTP based attacks (1 of 2) What could go wrong with SMTP? SMTP-Simple Mail Transfer protocol  E mail bombing It is the method of sending 1000’s of messages to an email id  Spamming It is the method of sending same mail to 100’s of users Combination of spoofing, email bombing and spamming cannot be tracked. Overloaded network, filled up storage space are also issues to be concentrated

30 Firewall for SMTP based attacks (2 of 2) Use DNS mail Exchange Bastion hosts used to differentiate the internal and external mails Internal systems must be configured such that all messages are send through bastion host

31 Limitations of Firewalls Not a single answer all network security issues Backup of firewall settings Single point of failure Managing your accounts Managing of your disc space Up to date protection

32 Latest Trends Content Inspection Engine IDS/IPS implementation in hardware Firewall device security

33 Questions?

34 References Wikipedia (concept of physical “firewall”) Building Internet Firewalls – Elizabeth Zwicky, Simon Cooper, D. Brent Chapman Firewall architecture pictures from http://www.unix.org.ua/orelly/networking/firewall/fi gs/ http://www.unix.org.ua/orelly/networking/firewall/fi gs/

Download ppt "Survey of Information Assurance FIREWALLS. The term "firewall" originally meant a wall to confine a fire or potential fire within a building. Later uses."

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Firewall Configuration Strategies

Firewall Configuration Strategies
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Guide to Network Defense and Countermeasures Third Edition

Guide to Network Defense and Countermeasures Third Edition
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Firewall Slides by John Rouda

Firewall Slides by John Rouda
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Similar presentations

Ads by Google