1. Firewalls Marin Stamov

2. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts Invented in the early 1990s First line of defense Protect against hackers and worms

3. Firewall types Packet filter (stateless) Packet filter (stateful) Hardware firewall NAT firewall Proxy firewall Transparent firewall Personal firewall

4. Packet filters

5. Packet filter (stateful) When a packet reaches the firewall, it is run against a set of rules. The rules determine an action to take for the packet Accept – Let the traffic pass through Reject – Block the packet and return an ICMP “Communication administratively prohibited” Drop – Block the packet Packets with the SYN bit set are considered by the firewall as new connections

6. Firewall rules

7. Hardware firewall CiscoPIX

8. NAT firewall, AKA "Masquerading" NAT stands for Network Address Translation Originally developed to address the limited number of IPv4 routable addresses Hides the true address of protected hosts Requires no special configuration on the client side. Clients just have to know their default gateway.

9. NAT

10. Proxy firewall Runs software that allows specific programs to function Can provide anonymity Allowing only specific protocols that you wish to support Aware of the data format it handles, and can look for many things inside the data.

11. Proxy firewall Squid - a proxy server and web cache daemon.

12. Transparent firewall

13. Personal firewall Protect only the computer on which it is installed. May prompt the user each time a connection is attempted and adapt security policy accordingly. May provide some level of intrusion detection

14. Firewalls

15. Conclusion Each type of firewall does different things, and can be more or less useful depending on the current scenario Open only ports that you need Always test your firewall from the outside

16. Questions?