1 / 12

Firewalls

Firewalls. Types of Firewalls Inspection Methods Static Packet Inspection Stateful Packet Inspection NAT Application Firewalls Firewall Architecture Configuring, Testing, and Maintenance. Internet. Server Host. Client 192.168.5.7. Figure 5-12: Network Address Translation (NAT).

eitan
Download Presentation

Firewalls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Firewalls • Types of Firewalls • Inspection Methods • Static Packet Inspection • Stateful Packet Inspection • NAT • Application Firewalls • Firewall Architecture • Configuring, Testing, and Maintenance

  2. Internet Server Host Client 192.168.5.7 Figure 5-12: Network Address Translation (NAT) From 192.168.5.7, Port 61000 From 60.5.9.8, Port 55380 1 2 NAT Firewall 3 To 60.5.9.8, Port 55380 4 Sniffer To 192.168.5.7, Port 61000 Internal External IP Addr Port IP Addr Port Translation Table 192.168.5.7 61000 60.5.9.8 55380 . . . . . . . . . . . .

  3. Firewalls • Types of Firewalls • Inspection Methods • Static Packet Inspection • Stateful Packet Inspection • NAT • Application Firewalls • Firewall Architecture • Configuring, Testing, and Maintenance

  4. Figure 5-13: Application Firewall Operation 3. Examined HTTP Request From 60.45.2.6 2. Filtering 1. HTTP Request From 192.168.6.77 4. HTTP Response to 60.45.2.6 6. Examined HTTP Response To 192.168.6.77 Browser HTTP Proxy Webserver Application 5. Filtering on Post Out, Hostname, URL, MIME, etc. In FTP Proxy SMTP (E-Mail) Proxy Webserver 123.80.5.34 Client PC 192.168.6.77 Outbound Filtering on Put Inbound and Outbound Filtering on Obsolete Commands, Content Application Firewall 60.45.2.6

  5. Figure 5-14: Header Destruction With Application Firewalls Header Removed Arriving Packet New Packet X App MSG (HTTP) App MSG (HTTP) Orig. TCP Hdr Orig. IP Hdr App MSG (HTTP) New TCP Hdr New IP Hdr Application Firewall 60.45.2.6 Attacker 1.2.3.4 Webserver 123.80.5.34 Application Firewall Strips Original Headers from Arriving Packets Creates New Packet with New Headers This Stops All Header-Based Packet Attacks

  6. Figure 5-15: Protocol Spoofing 2. Protocol is Not HTTP Firewall Stops The Transmission Trojan Horse X 1. Trojan Transmits on Port 80 to Get Through Simple Packet Filter Firewall Application Firewall Attacker 1.2.3.4 Internal Client PC 60.55.33.12

  7. 2. Transmission 4. Reply Figure 5-16: Circuit Firewall 1. Authentication 3. Passed Transmission: No Filtering 5. Passed Reply: No Filtering Webserver 60.80.5.34 External Client 123.30.82.5 Circuit Firewall (SOCKS v5) 60.34.3.31

  8. Firewalls • Types of Firewalls • Inspection Methods • Firewall Architecture • Single site in large organization • Home firewall • SOHO firewall router • Distributed firewall architecture • Configuring, Testing, and Maintenance

  9. Figure 5-17: Single-Site Firewall Architecture for a Larger Firm with a Single Site 2. Main Firewall Last Rule=Deny All 1. Screening Router 60.47.1.1 Last Rule=Permit All 3. Internal Firewall Internet 172.18.9.x Subnet 4. Client Host Firewall Public Webserver 60.47.3.9 External DNS Server 60.47.3.4 6. DMZ SMTP Relay Proxy 60.47.3.10 HTTPProxy Server 60.47.3.1 Marketing Client on 172.18.5.x Subnet Accounting Server on 172.18.7.x Subnet 5. Server Host Firewall

  10. Internet Service Provider Home PC Figure 5-18: Home Firewall PC Firewall Always-On Connection UTP Cord Coaxial Cable Broadband Modem

  11. Ethernet Switch Figure 5-19: SOHO Firewall Router Internet Service Provider UTP UTP User PC UTP Broadband Modem (DSL or Cable) SOHO Router --- Router DHCP Sever, NAT Firewall, and Limited Application Firewall User PC User PC Many Access Routers Combine the Router and Ethernet Switch in a Single Box

  12. Management Console Home PC Firewall Internet Figure 5-20: Distributed Firewall Architecture Site A Site B

More Related