1 / 21

FIREWALL

FIREWALL. By : Himanshu Mishra Nimish Agarwal CPSC 624. What is a Firewall?. A system designed to prevent unauthorized access  to or from a private network. It must have at least two network interfaces. What Firewall does?. Examines all traffic routed between the two networks.

janae
Download Presentation

FIREWALL

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. FIREWALL By : HimanshuMishra NimishAgarwal CPSC 624

  2. What is a Firewall? • A system designed to prevent unauthorizedaccess to or from a private network. • It must have at least two network interfaces.

  3. What Firewall does? • Examines all traffic routed between the two networks. • Filters both inbound and outbound traffic. • Used to log all attempts to enter the private network.

  4. Types The several classifications of firewalls depends on • Where the communication is taking place. • Where the communication is intercepted. • The state that is being traced.

  5. Network Layers and Packet Filters • Examines five characteristics of a packet. • Operates on Level 3 i.e. Network Layer of OSI Model. • Has rules by default or defined by the firewall administrator. • Packets either allowed, rejected or dropped.

  6. Application Layer • Operates on Layer 7 .i.e Application Layer of OSI Model. • Intercept all packets traveling to or from an application. • Adds extra latency. • Application filters apply filtering rules on a per process basis instead of filtering connections on a per port basis

  7. Proxies

  8. Proxiescontd • Every packet stopped, examined and compared. • Re-created and sent. Drawback: • Separate proxy application written for each application e.g. An HTTP proxy for web traffic, an FTP proxy for file transfers, a Gopher proxy for Gopher traffic

  9. Network Address Translation • Allows a single device to act as an agent between the Internet (or "public network") and a local (or "private") network. • Nat sits between an internal network and the rest of the world. • Extensive filtering and traffic logging.

  10. Nat vs Proxies • Nat sometimes confused with Proxies. • Nat is transparent. • Proxy server works at Level 4 or higher in OSI Model. • Proxy servers are slower.

  11. Nat vs Proxies contd

  12. Firewall Configuration Firewalls are customizable. • IP address. • Domain names. • Protocols. • Ports. • Specific words or phrases.

  13. IP Address and Domain names IP address: • Each machine has unique IP address. • Typical IP address : 216.27.61.137 e.g. certain IP reading too many files can be blocked. Domain Names: • Hard to remember string of numbers. • Since IP addresses change, hence human-readable names.

  14. Protocols • Protocol is the pre-defined way that someone who wants to use a service talks with that service. • Protocols are often text. • Some common protocols: IP TCP HTTP FTP UDP ICMP SMTP SNMP TELNET • Company might set one or two protocols on a particular machine.

  15. Ports and Specific words and phrases Ports: • Server machine makes its services available to the Internet using numbered ports. • For e.g.  if a server machine is running a Web (HTTP) server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. Specific words and phrases: • sniffeach packet of information for an exact match of the text listed in the filter

  16. Hardware firewall Advantages: • Easy to set up. • Pre-defined set of rules. • Consumes no resources on the computer and is faster. • Works on a network. Disadvantages: • Not dynamic and will block everything defined in filter.

  17. Software Firewall Advantages: • Easy to install. • Customizable. • Upgradable. Disadvantages: • Protects single computer on which they are installed. • Eats resources and slows down.

  18. Why Firewall Security? To prevent against following threats: • Remote login • Application backdoors • SMTP session hijacking • Operating system bugs • Denial of service • E-mail bombs • Macros • Viruses • Spam • Redirect bombs • Source routing

  19. Conclusion • Use both hardware and software for maximum protection • Each offers different but much-needed security features and benefits. • Updating and testing are both essentially important to ensure it is connected and working properly.

  20. Thank You References: • http://www.webopedia.com/DidYouKnow/Hardware_Software/2004/firewall_types.asp • http://en.wikipedia.org/wiki/Firewall_(computing) • http://computer.howstuffworks.com/firewall.htm • http://computer.howstuffworks.com/nat5.htm

More Related