Kittiphan Techakittiroj Firewall Kittiphan Techakittiroj engktc@au.ac.th
Firewall Isolate two side of network Work on higher layer Two main kinds: Packet Filtering Bastion Server http://fbox.vt.edu:10021/T/thalgali/
Packet Filtering Filter out the prohibit traffic Firewall Packet Filtering Filter out the prohibit traffic Usually on layer 3 & 4 IP number: allow & prohibit TCP port number: allow & prohibit e.g. #21 for FTP #23 for telnet #25 for E-mail (SMTP) #80 for world wide web
Packet Filtering cont. Transparent for the allow service Firewall Packet Filtering cont. Transparent for the allow service Standard Configuration dual homed: hosting two network card screening router http://fbox.vt.edu:10021/T/thalgali/
Bastion Server Server act like a gateway Firewall Bastion Server Server act like a gateway NOT allow any packet to go through Proxy server http://fbox.vt.edu:10021/T/thalgali/
Reference Books Developing Secure Commerce Applications by Online O’Reilly Web Development Courses (http://208.233.153.3/oreilly/security/westnet: 1999) Client/Server Survival Guide by Robert Orfali, Dan Harkey, Jeri Edwards (John Wiley & Sons: 1999)