Download presentation
Presentation is loading. Please wait.
Published byJack Thompson Modified over 9 years ago
1
Firewalls Marin Stamov
2
Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts Invented in the early 1990s First line of defense Protect against hackers and worms
3
Firewall types Packet filter (stateless) Packet filter (stateful) Hardware firewall NAT firewall Proxy firewall Transparent firewall Personal firewall
4
Packet filters
5
Packet filter (stateful) When a packet reaches the firewall, it is run against a set of rules. The rules determine an action to take for the packet Accept – Let the traffic pass through Reject – Block the packet and return an ICMP “Communication administratively prohibited” Drop – Block the packet Packets with the SYN bit set are considered by the firewall as new connections
6
Firewall rules
7
Hardware firewall CiscoPIX
8
NAT firewall, AKA "Masquerading" NAT stands for Network Address Translation Originally developed to address the limited number of IPv4 routable addresses Hides the true address of protected hosts Requires no special configuration on the client side. Clients just have to know their default gateway.
9
NAT
10
Proxy firewall Runs software that allows specific programs to function Can provide anonymity Allowing only specific protocols that you wish to support Aware of the data format it handles, and can look for many things inside the data.
11
Proxy firewall Squid - a proxy server and web cache daemon.
12
Transparent firewall
13
Personal firewall Protect only the computer on which it is installed. May prompt the user each time a connection is attempted and adapt security policy accordingly. May provide some level of intrusion detection
14
Firewalls
15
Conclusion Each type of firewall does different things, and can be more or less useful depending on the current scenario Open only ports that you need Always test your firewall from the outside
16
Questions?
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.