1 / 13

Introduction to Firewalls

-Mike Sconzo. Introduction to Firewalls. Oh, so they have internet on computers now! --Homer Simpson.

mac
Download Presentation

Introduction to Firewalls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. -Mike Sconzo Introduction to Firewalls

  2. Oh, so they have internet on computers now! --Homer Simpson

  3. usually fire-wall /'fIr-"wol/ : a computer or computer software that prevents unauthorized access to private data (as on a company's local area network or intranet) by outside computer users (as of the Internet) - Merriam-Webster What is a firewall?

  4. Why firewall? • Audit purposes • Limit exposure to attacks • Mitigate types of attack • ...

  5. Types • Stateful • Keeps connection information • Packet-filter • 'Dumb' firewall, no notion of state • Routing • Performs magic on layer 3 • NAT-ing • Maps IPs and blockes packets • Bridging • Layer 2 magic • Proxy • Does work on behalf of a client

  6. Stateful • Has some idea of a connection, and its state • Some even have an idea of UDP state • Mostly TCP • Can track connections and even dynamically open ports • Example: FTP • Can filter based on connection state • Example: new,established,related, etc...

  7. Packet Filter • A 'simple'/'dumb' firewall • No notion of state • Simply drop/accept packets • Can usually do this based on • Src/dst port/host • How does it work? • Usually drops all SYN packets for a port • Maybe drop other packets as well

  8. Routing • Can be either stateful or not • Has a notion of layer 3 layout • Can and does route traffic • Example: • ACLs on a router

  9. NAT-ing • Can be stateful or not • Maybe a notion of layer 3 routes • Can map IP-IP • public/private, 1-1, 1-many etc... • Example: • Linksys cable/dsl 'router'

  10. Bridging • Sits at layer 2 • Can be addressable for network access • 'Harder' to detect • Wont touch TTL, etc... • Similar to the rest

  11. Proxy • It requests services on the 'outside' based on user requests • Has knowledge of layer 4 • Web proxies, FTP proxies, telnet etc ... • Higher up the stack, so usually harder to defeat • 'Easy' to get out, hard to get in

  12. Other • Filter based on • Layer 2 information • Process information • UID/GID • Different IP field/properties • Lenght, TTL, etc ...

  13. How to 'filter' • Reject • Drop • Mangle • Change options, etc... • Queue to userspace • Redirect

More Related