Presentation on theme: "Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts."— Presentation transcript:
Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts Invented in the early 1990s First line of defense Protect against hackers and worms
Packet filter (stateful) When a packet reaches the firewall, it is run against a set of rules. The rules determine an action to take for the packet Accept – Let the traffic pass through Reject – Block the packet and return an ICMP “Communication administratively prohibited” Drop – Block the packet Packets with the SYN bit set are considered by the firewall as new connections
NAT firewall, AKA "Masquerading" NAT stands for Network Address Translation Originally developed to address the limited number of IPv4 routable addresses Hides the true address of protected hosts Requires no special configuration on the client side. Clients just have to know their default gateway.
Proxy firewall Runs software that allows specific programs to function Can provide anonymity Allowing only specific protocols that you wish to support Aware of the data format it handles, and can look for many things inside the data.
Proxy firewall Squid - a proxy server and web cache daemon.
Personal firewall Protect only the computer on which it is installed. May prompt the user each time a connection is attempted and adapt security policy accordingly. May provide some level of intrusion detection