Winter 20021 CMPE 155 Week 7. Winter 20022 Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

Slides:



Advertisements
Similar presentations
Network Security Essentials Chapter 11
Advertisements

Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.
Firewalls Uyanga Tserengombo
IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.
Kittiphan Techakittiroj (21/05/58 10:00 น. 21/05/58 10:00 น. 21/05/58 10:00 น.) Firewall Kittiphan Techakittiroj
Lecture 14 Firewalls modified from slides of Lawrie Brown.
Security Firewall Firewall design principle. Firewall Characteristics.
—On War, Carl Von Clausewitz
Chapter 11 Firewalls.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.
Chapter 10 Firewalls. Introduction seen evolution of information systems now everyone want to be on the Internet and to interconnect networks has persistent.
Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Sonia FahmyPurdue University Firewalls and Firewall Testing Techniques Sonia Fahmy Department of Computer Sciences Purdue University
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Spring 2004 CMPE 151: Network Administration Lecture 6.
Cryptography and Network Security Chapter 20 Fourth Edition by William Stallings.
Winter 2005 CMPE 151: Network Administration Network Gateways.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: Term: Spring 2001.
A Brief Taxonomy of Firewalls
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Chapter 20 Firewalls.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
NW Security and Firewalls Network Security
Intranet, Extranet, Firewall. Intranet and Extranet.
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
Chapter 6: Packet Filtering
1 Pertemuan 13 IDS dan Firewall Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
The Security Aspect of Social Engineering Justin Steele.
Chapter 11 Firewalls.
8: Network Management1 Firewalls. 8: Network Management2 Firewalls Two firewall types: m packet filter m application gateways To prevent denial of service.
1 Internet Firewalls What it is all about Concurrency System Lab, EE, National Taiwan University R355.
Firewalls, etc.. Network Security2 Outline Intro Various firewall technologies: –Static Packet Filtering (or nonstateful packet filter) –Dynamic Packet.
1 Chapter 20: Firewalls Fourth Edition by William Stallings Lecture slides by Lawrie Brown(modified by Prof. M. Singhal, U of Kentucky)
Defense Techniques Sepehr Sadra Tehran Co. Ltd. Ali Shayan November 2008.
NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.
Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through.
1.1 1 Purpose of firewall : –Control access to or from a protected network; –Implements network access policy connections pass through firewall and are.
Karlstad University Firewall Ge Zhang. Karlstad University A typical network topology Threats example –Back door –Port scanning –…–…
Firewall – Survey  Purpose of a Firewall  To allow ‘proper’ traffic and discard all other traffic  Characteristic of a firewall  All traffic must go.
1 An Introduction to Internet Firewalls Dr. Rocky K. C. Chang 12 April 2007.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography and Network Security
Computer Security Firewalls and Intrusion Prevention Systems.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Why do we need Firewalls?
Firewall.
Firewalls.
Computer Data Security & Privacy
Prepared By : Pina Chhatrala
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
* Essential Network Security Book Slides.
Firewalls Purpose of a Firewall Characteristic of a firewall
POOJA Programmer, CSE Department
دیواره ی آتش.
Firewalls.
Presentation transcript:

Winter CMPE 155 Week 7

Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes vital information/resources available (corporations, educational and research institutions). But, security threats from (mainly) the “outside world”. Secure each machine and/or protect the whole network.

Winter Firewalls “Outer security wall”. Protect organization’s network from attacks originating outside network. –Also, single “choke point” for security and auditing purposes. Firewall can be a single machine or a group of machines performing the firewall functions collaboratively.

Winter Firewall design goals All incoming/outgoing traffic must pass through firewall. Only authorized traffic (as defined by local security policy) allowed to pass. Firewall itself immune to penetration (trusted system + secure OS).

Winter Types of firewall access control Service control: types of service that can be accessed (inside and outside). Direction control: determines directions in which certain traffic allowed to flow. User control: determines which user allowed to access which service. Behavior control: controls access to particular services (e.g., filtering out spam).

Winter Service control Filtering (e.g., by IP address, TCP port #). Proxy’ing (receives requests and interprets them before passing them on). Hosting (e.g., Web or mail).

Winter Types of firewalls Packet-filtering. Application-level. Stateful inspection. Circuit-level.

Winter Packet-filtering firewalls Restricts type of traffic that go through. Applies set of rules to each IP packet. –Decides to forward or discard it. Filters packets in both directions. Filtering based on packet header (IP and transport) information (e.g., destination/source address, port number, IP protocol field).

Winter Rules Consist of and. : IP/TCP/UDP fields and values. : discard or forward. Default policies: –Discard: whatever is not expressly permitted is discarded. –Forward: … Rules are added as new threats become known.

Winter Example rules actionourhostporttheirhostport allow OUR-GW 25 * * block * * * *

Winter Observations Service-specific filtering based on client using non-privileged port to contact privileged server port. FTP uses 2 TCP connections: one for control and another for data. –Client initiates control connection and server initiates data connection. –If FTP is allowed, need to allow inbound access to all non-privileged TCP ports.

Winter Two-stage filtering One machine gateways to the Internet; the other lies between the outer gateway and the rest of the local net. –Outer gateway relatively open. –Inner gateway very conservative. –FTP and other “less secure” network services available from outer gateway.

Winter Limitations Cannot protect against attacks bypassing the firewall (e.g., local users with dial-up connections to ISP). Cannot protect against internal threats (e.g., malicious local user). Cannot protect against transfer of virus- infected files.

Winter Application-level firewalls Also called service proxy firewalls. Acts as relay for application-level traffic. Intercepts connections to/from outside world and establish connections to service outside/inside local network. User contacts firewall using specific application (e.g., telnet, http, etc.); firewall contacts remote host and relays application traffic between two endpoints. Firewall must support specific applications.

Winter Observations Application-level firewalls tend to be more secure: they only need to secure a few applications. –Easier to log and audit application-level traffic. Drawbacks: –Non-transparent. –Slower. –Less flexible.

Winter Stateful inspection firewalls Inspect traffic that flows through to detect “abnormal” activity. Example: –Examine FTP control exchange for data port; firewall should expect data connection to that port. Problem: keep state for all active connections using different protocols. –Current stateful inspection firewalls inspect limited number of connections/protocols. –Or, search for known attack patterns.

Winter Circuit-level firewalls Acts as intermediate to all TCP connections. –Always sets up 2 connections: between local user and itself and itself and remote host. –Usually relays data without inspection. –Security relies on determining which connections to allow.

Winter Using circuit-level firewalls Local users are trusted. Supports application-level proxying on inbound traffic. And, circuit-level functions on outbound connections. Overhead in examining inbound traffic but none on outgoing traffic.

Winter Circuit-level gateway example SOCKS package. –SOCKS version 5 specified in RFC Client opens connection to appropriate SOCKs port on SOCKs server (port 1080). Authentication exchange and then relay request. Server evaluates request and establishes TCP connection or denies it.

Winter Firewall configurations More complex configurations. Combine multiple firewalls. For more details, “Network Security Essentials”, Stallings.

Winter How safe are firewalls? Should not be the single defense. Supplemental security measure. –Negative effect if it causes other defenses to be weakned/not employed. Individual hosts should be protected. –Tools like crack, COPS, tripwire.

Winter Security policies Local users should be able to connect to any Internet service. But, outside users should only be allowed to connect to limited set of local services (e.g., FTP access to local archive, SMTP connections to mail server).

Winter Sources of security-related information CERT –Computer Emergency Response Team. –DARPA sponsored organization at CMU. –Basically, informational: CERT advisories. Vendor security patches. Security tool announcements. Known security attacks. –

Winter More sources of security info… SecurityFocus.com –Security information repository: news, relevant papers, tools. –BugTraq mailing list. Discussion of security vulnerabilities and fixes. Mail to SANS –System Administrator, Networking and Security Institute. –Sponsors conferences, training, etc. –

Winter More details “Network Security Essentials”, Stallings. “UNIX System Administrator Handbook”, Nemeth et al. Also, look at references on both books.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.