Presentation is loading. Please wait.

Presentation is loading. Please wait.

How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant."— Presentation transcript:

1 How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant

2 0420 How (not) to use your firewall Jurjen N.E. Bos2 Overview Introduction Principles of information security Strengths and weaknesses of a firewall Basic principles Conclusion

3 0420 How (not) to use your firewall Jurjen N.E. Bos3 Introduction A firewall, originally, is a wall that prevents spreading of fire through a building More generally, it isolates things in case of hazard Specifically, we will discuss isolating the Internet from a company network

4 0420 How (not) to use your firewall Jurjen N.E. Bos4 A firewall Internet Firewall LAN

5 0420 How (not) to use your firewall Jurjen N.E. Bos5 Principles of information security What do you want to protect? Your data Your data secrecy reliability availability Your hardware Your hardware Your reputation Your reputation

6 0420 How (not) to use your firewall Jurjen N.E. Bos6 What do you want your firewall to do? Increase security Simplify maintenance of network Save money Be user friendly and non-disruptive

7 0420 How (not) to use your firewall Jurjen N.E. Bos7 What can your firewall do A firewall protects your company LAN against known threats known threats coming from outside coming from outside via the firewall via the firewall at connection level at connection level by making things harder to use. by making things harder to use.

8 0420 How (not) to use your firewall Jurjen N.E. Bos8 What can’t your firewall do Solve your security problem Solve your security problem Protect against viruses Protect against viruses Protect data that doesn’t flow through it Protect data that doesn’t flow through it Be “user friendly” Be “user friendly” Protect against every threat Protect against every threat Protect against attacks from the inside Protect against attacks from the inside

9 0420 How (not) to use your firewall Jurjen N.E. Bos9 Examples A firewall does not protect against viruses There’s a new example every month A firewall does not protect against unknown attacks Firewall-1 DOS attack: July 2000 A firewall makes life harder If you had no front door lock, you wouldn’t have to stay home for the heating repairman. Wouldn’t that be convenient?

10 0420 How (not) to use your firewall Jurjen N.E. Bos10 Maintaining a firewall Most attacks are published in enough detail that people can figure out for themselves how to attack your machines. Install your system properly Install your system properly Read the news on known holes (e.g. SANS), and download the patches Read the news on known holes (e.g. SANS), and download the patches Watch out for fake patches Watch out for reliability of your machines Read your log files Read your log files

11 0420 How (not) to use your firewall Jurjen N.E. Bos11 A firewall is not a machine A firewall does not only consist of the firewall host machine, but also of: A security model A security model A list of firewall settings (e.g., allowed services) A list of firewall settings (e.g., allowed services) Procedures to maintain the firewall host machine Procedures to maintain the firewall host machine An operator or group of operators An operator or group of operators A list of guidelines A list of guidelines

12 0420 How (not) to use your firewall Jurjen N.E. Bos12 Basic rules A few trivial but important rules for security maintenance: Use multiple layers of protection Use multiple layers of protection Keep it simple Keep it simple “No, unless” instead of “Yes, if” “No, unless” instead of “Yes, if” Monitor your systems Monitor your systems Not only the firewall, but also the network behind it Decide on your security model Decide on your security model Risk analysis is a very useful tool

13 0420 How (not) to use your firewall Jurjen N.E. Bos13 Layers of protection ABC A B C

14 0420 How (not) to use your firewall Jurjen N.E. Bos14 Protocol stack Application Layer Transport Layer Internet Layer Network Access Layer SMTP, FTP, Telnet TCP, UDP, ICMP IP Ethernet, ATM User Layer Word, PDF

15 0420 How (not) to use your firewall Jurjen N.E. Bos15 Example: firewall settings Allow useful low risk services: SMTP, POP (mail), NNTP (news), HTTP (surfing) Allow useful low risk services: SMTP, POP (mail), NNTP (news), HTTP (surfing) If you really need it, allow services like DNS (naming), IRC (chat), MBONE (video conferencing and the like) If you really need it, allow services like DNS (naming), IRC (chat), MBONE (video conferencing and the like) Don’t allow games, NTP(time), RIP, OSPF (routing), SNMP (management), NIS, WINS (naming) Don’t allow games, NTP(time), RIP, OSPF (routing), SNMP (management), NIS, WINS (naming)

16 0420 How (not) to use your firewall Jurjen N.E. Bos16 Train your users Users must know basic things in order to make effective use of security measures: The Internet is unreliable. The Internet is unreliable. Security through obscurity doesn’t work (they won’t notice I have all my passwords in a file called “secret”). Security through obscurity doesn’t work (they won’t notice I have all my passwords in a file called “secret”). Social engineering is hard to recognise. Social engineering is hard to recognise. I recommend to write a guidelines document for Internet usage.

17 0420 How (not) to use your firewall Jurjen N.E. Bos17 Guidelines for users Things to consider putting in a guidelines document: Use the connections that are available Use the connections that are available No own phone connections, for example No downloading of objectionable material No downloading of objectionable material Filters annoy “good” users, and don’t stop “bad” users Don’t trust the outside world Don’t trust the outside world Social engineering is a serious threat Digital data is often more valuable than physical objects Digital data is often more valuable than physical objects

18 0420 How (not) to use your firewall Jurjen N.E. Bos18 Useful literature There are a zillion books about information security out there. The ones I read recently and liked: Elizabeth D. Zwicky, Simon Cooper and D. Brent Chapman: “Building Internet Firewalls”, second edition, O’Reilly Bruce Schneier: “Secrets and Lies”

19 0420 How (not) to use your firewall Jurjen N.E. Bos19 Conclusion Basic rules of using any security system: Don’t trust anything Don’t trust anything Don’t put all your eggs in one basket Attacks may come from everywhere Know what you want to protect Know what you want to protect Use the simplest protection that protects it Train your users Train your users Stay alert Stay alert

20 0420 How (not) to use your firewall Jurjen N.E. Bos20 How to make a firewall useless Trust your users Use the default installation Use a sophisticated self designed system that locks out everything dangerous Assume the firewall will protect you forever

Download ppt "How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant."

Similar presentations

Personal Info 1 Prepared by: Mr. NHEAN Sophan  Presenter: Mr. NHEAN Sophan  Position: Desktop Support  Company: Khalibre Co,. Ltd 

Personal Info 1 Prepared by: Mr. NHEAN Sophan  Presenter: Mr. NHEAN Sophan  Position: Desktop Support  Company: Khalibre Co,. Ltd 
 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.

 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Winter 20021 CMPE 155 Week 7. Winter 20022 Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.

Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.
Controlling access with packet filters and firewalls.

Controlling access with packet filters and firewalls.
Web Server Administration

Web Server Administration
Firewall Raghunathan Srinivasan October 30, 2007 CSE 466/598 Computer Systems Security.

Firewall Raghunathan Srinivasan October 30, 2007 CSE 466/598 Computer Systems Security.
Spring 2004 CMPE 151: Network Administration Lecture 6.

Spring 2004 CMPE 151: Network Administration Lecture 6.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.

Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Firewall Slides by John Rouda

Firewall Slides by John Rouda
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Similar presentations

Ads by Google