FIREWALL By : Himanshu Mishra Nimish Agarwal CPSC 624

21 Slides329.26 KB

FIREWALL By : Himanshu Mishra Nimish Agarwal CPSC 624

What is a Firewall? A system designed to prevent unauthorized access to or from a private network. It must have at least two network interfaces.

What Firewall does? Examines all traffic routed between the two networks. Filters both inbound and outbound traffic. Used to log all attempts to enter the private network.

Types The several classifications of firewalls depends on Where the communication is taking place. Where the communication is intercepted. The state that is being traced.

Network Layers and Packet Filters Examines five characteristics of a packet. Operates on Level 3 i.e. Network Layer of OSI Model. Has rules by default or defined by the firewall administrator. Packets either allowed, rejected or dropped.

Application Layer Operates on Layer 7 .i.e Application Layer of OSI Model. Intercept all packets traveling to or from an application. Adds extra latency. Application filters apply filtering rules on a per process basis instead of filtering connections on a per port basis

Proxies

Proxies contd Every packet stopped, examined and compared. Re-created and sent. Drawback: Separate proxy application written for each application e.g. An HTTP proxy for web traffic, an FTP proxy for file transfers, a Gopher proxy for Gopher traffic

Network Address Translation Allows a single device to act as an agent between the Internet (or "public network") and a local (or "private") network. Nat sits between an internal network and the rest of the world. Extensive filtering and traffic logging.

Nat vs Proxies Nat sometimes confused with Proxies. Nat is transparent. Proxy server works at Level 4 or higher in OSI Model. Proxy servers are slower.

Nat vs Proxies contd

Firewall Configuration Firewalls are customizable. IP address. Domain names. Protocols. Ports. Specific words or phrases.

IP Address and Domain names IP address: Each machine has unique IP address. Typical IP address : 216.27.61.137 e.g. certain IP reading too many files can be blocked. Domain Names: Hard to remember string of numbers. Since IP addresses change, hence human-readable names.

Protocols Protocol is the pre-defined way that someone who wants to use a service talks with that service. Protocols are often text. Some common protocols: IP TCP HTTP ICMP SMTP SNMP FTP UDP TELNET Company might set one or two protocols on a particular machine.

Ports and Specific words and phrases Ports: Server machine makes its services available to the Internet using numbered ports. For e.g. if a server machine is running a Web (HTTP) server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. Specific words and phrases: sniff each packet of information for an exact match of the text listed in the filter

Hardware firewall Advantages: Easy to set up. Pre-defined set of rules. Consumes no resources on the computer and is faster. Works on a network. Disadvantages: Not dynamic and will block everything defined in filter.

Software Firewall Advantages: Easy to install. Customizable. Upgradable. Disadvantages: Protects single computer on which they are installed. Eats resources and slows down.

Why Firewall Security? To prevent against following threats: Remote login Application backdoors SMTP session hijacking Operating system bugs Denial of service E-mail bombs Macros Viruses Spam Redirect bombs Source routing

Conclusion Use both hardware and software for maximum protection Each offers different but much-needed security features and benefits. Updating and testing are both essentially important to ensure it is connected and working properly.

Thank You References: http://www.webopedia.com/DidYouKnow/Hardware Softw are/2004/firewall types.asp http://en.wikipedia.org/wiki/Firewall (computing) http://computer.howstuffworks.com/firewall.htm http://computer.howstuffworks.com/nat5.htm

Back to top button