Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewalls Check incoming and outgoing TCP/IP messages Try to roughly identify abnormal traffic Regulate Inbound and Outbound connections - Make your machine.

Published byArthur Fitzgerald Modified over 8 years ago

Similar presentations

Presentation on theme: "Firewalls Check incoming and outgoing TCP/IP messages Try to roughly identify abnormal traffic Regulate Inbound and Outbound connections - Make your machine."— Presentation transcript:

1 Firewalls Check incoming and outgoing TCP/IP messages Try to roughly identify abnormal traffic Regulate Inbound and Outbound connections - Make your machine “invisible” - Alert you to suspicious behavior Adjust Security Settings - Generic “sliding bar” - Precise rule definition Keep Logs - Useful for forensics after the attack - Not so important for home user

2 Firewall Functions Packet filtering - check network packet headers before admitting traffic Network Address Translation (NAT) - translate external IP addresses to internal IP addresses Application Proxy - Inspect application-specific header information Data Logging Basic Functions:

3 Firewall Rules Packet filtering is performed based on a set of rules Rules can be pre-defined of user-defined Default Strategy Allow-All - Allows all network packets except those explicitly denied by rules Deny-All - Denies all network packets except those explicitly allowed by rules Deny-All is safer but more annoying Allow-All may be set as the default, so check it

4 Firewall Rule Structure Rules are defined based on information that the firewall has access to 1. TCP/IP header information - source address, dest. address, port number, etc. 2. User Information - Filtering may be different for each user 3. Content - Can tell this from the application protocol 4. Time - Some activity may not be allowed at certain times i.e. video downloads during the day

5 Example Firewall Rules Assume Deny-All Port/ContentUsersTimeAction Port 80/except videoAllAlwaysAllow Port 80/videoTrainersDayAllow Port/ContentUsersTimeAction All ports, except 80AllAlwaysDeny Port 80/videoAll,not TrainersAlwaysDeny Port 80/videoTrainersNightDeny Assume Allow-All

6 Weaknesses of Firewalls Only looks at header information, not packet contents - Cannot see malicious code in the content Access control is not precise - Close off entire ports/applications/addresses Mistakes can be made in defining rules - Assume Allow-All and forget to Deny Good packets may be stopped - Assume Deny-All and forget to Allow - Many cryptic warnings may appear - Need to understand rules to interpret warnings

Download ppt "Firewalls Check incoming and outgoing TCP/IP messages Try to roughly identify abnormal traffic Regulate Inbound and Outbound connections - Make your machine."

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.
Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.

Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.

Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Firewalls: General Principles & Configuration (in Linux)

Firewalls: General Principles & Configuration (in Linux)
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
FIREWALL Mạng máy tính nâng cao-V1.

FIREWALL Mạng máy tính nâng cao-V1.
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google