Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Major Problems Network Security Major Problems Why Firewall? Why Firewall? Problems with Firewalls Problems with Firewalls What is.

Published byTheodora Blankenship Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Security Major Problems Network Security Major Problems Why Firewall? Why Firewall? Problems with Firewalls Problems with Firewalls What is."— Presentation transcript:

1

2

3 Network Security Major Problems Network Security Major Problems Why Firewall? Why Firewall? Problems with Firewalls Problems with Firewalls What is an Intrusion Detector? What is an Intrusion Detector? Problems with Intrusion Detectors Problems with Intrusion Detectors What is a Content Management Firewall? What is a Content Management Firewall? HACKTRAP Features HACKTRAP Features Future Trends Future Trends Demo Demo Topics

4 Network Security Major Problems Providing information confidentiality. Providing information confidentiality. Providing data integrity. Providing data integrity. Protecting network services availability. Protecting network services availability.

5 Why Firewall?

6 Problems with Firewalls Checks packet headers ONLY Checks packet headers ONLY Does NOT detect header intrusions Does NOT detect header intrusions

7

8 What is an Intrusion Detector? A tool that detects intrusion attempts. A tool that detects intrusion attempts. Alerts the network administrator with detected intrusions. Alerts the network administrator with detected intrusions.

9 Problems with Intrusion Detectors Does NOT take permanent actions Does NOT take permanent actions Does NOT block specific IPs and PORTs Does NOT block specific IPs and PORTs

10 Intrusion Detector

11 What is a Content Management Firewall? A new approach of firewalls. A new approach of firewalls. Combines the features of BOTH Firewalls and Intrusion Detectors. Combines the features of BOTH Firewalls and Intrusion Detectors. Checks NOT ONLY packet’s header but contents as well. Checks NOT ONLY packet’s header but contents as well. Blocks the source of the detected intrusions. Blocks the source of the detected intrusions.

12 HACKTRAP A content management firewall IS OUR SOLUTION

13 HACKTRAP

14 HACKTRAP Features Three Security Levels Three Security Levels FRA ( Fast Response Action ) Firewall RulesFRA ( Fast Response Action ) Firewall Rules IDS ( Intrusion Detection system ) AlertsIDS ( Intrusion Detection system ) Alerts ISS (Integrated security system) feedback from IDS to FRAISS (Integrated security system) feedback from IDS to FRA

15 External Network Internal Network ISS FRA IDS 1 2 3 13 HACKTRAP Model Generate FRA

16 HACKTRAP Features Dynamic Action Generation Dynamic Action Generation FWRule IDSPRule IDMPRule FRActions

17 Administrator point of viewAdministrator point of view Add and Remove types of attacks. Add and Remove types of attacks. Different types of alerts : popup messages, Data base, XML format,TCP dump format. Different types of alerts : popup messages, Data base, XML format,TCP dump format. Restrict and unrestrict hosts accessing firewall. Restrict and unrestrict hosts accessing firewall. Close and open different services (ports) for outside hosts. Close and open different services (ports) for outside hosts. Developer point of viewDeveloper point of view Intrusions can be easily implemented Intrusions can be easily implemented HACKTRAP Features

18 Future Work Enhance for better performance. Enhance for better performance. Using iptables with the ipchains. Using iptables with the ipchains. Using ACID to make a good analysis on the intrusion detection output to the data base and display neat graphs representing it. Using ACID to make a good analysis on the intrusion detection output to the data base and display neat graphs representing it. Adding another output modules such as email & SMS. Adding another output modules such as email & SMS.

19 Internet LAN Hacker Web Server Unix Server

20 Internet xy yz x y Packet forwarding And NAT (Masquerading) xy x V Z V

21 rule4 rule3 rule2 rule1 Input chain rule4 rule3 rule2 Forward chain rule4 rule3 rule2 Output chain router d e m a s q log host Local process DENYACCEPT

22

23 + preprocessorAttacks rules Input chain Forward chain Output chain Log file Samba alert database Alert file

24 Demo

25 Internet LAN Hacker Windows Lunix HACKTRAP

Download ppt "Network Security Major Problems Network Security Major Problems Why Firewall? Why Firewall? Problems with Firewalls Problems with Firewalls What is."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.

ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.
Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.

Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.
Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.

Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Snort: A Network Intrusion Detection Software Matt Gustafson Becky Smith CS691 Semester Project Spring 2003.

Snort: A Network Intrusion Detection Software Matt Gustafson Becky Smith CS691 Semester Project Spring 2003.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.

Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.
1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.

1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
INTRUSION DETECTION SYSTEM

INTRUSION DETECTION SYSTEM
Network Perimeter Security Yu Wang. Main Topics Border Router Firewall IPS/IDS VLAN SPAM AAA Q/A.

Network Perimeter Security Yu Wang. Main Topics Border Router Firewall IPS/IDS VLAN SPAM AAA Q/A.
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
1 Guide to Network Defense and Countermeasures Chapter 6.

1 Guide to Network Defense and Countermeasures Chapter 6.
LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

Similar presentations

Ads by Google