How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant.

Slides:



Advertisements
Similar presentations
Personal Info 1 Prepared by: Mr. NHEAN Sophan  Presenter: Mr. NHEAN Sophan  Position: Desktop Support  Company: Khalibre Co,. Ltd 
Advertisements

 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Security Firewall Firewall design principle. Firewall Characteristics.
Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.
Controlling access with packet filters and firewalls.
Web Server Administration
Firewall Raghunathan Srinivasan October 30, 2007 CSE 466/598 Computer Systems Security.
Spring 2004 CMPE 151: Network Administration Lecture 6.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Firewall Slides by John Rouda
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
E0: Unix System Administration AfNOG 2006 Nairobi, Kenya Security introduction Brian Candler Presented by Hervey Allen.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
IT Security for Users By Matthew Moody.
Chapter 6: Packet Filtering
Honeypot and Intrusion Detection System
Internet and Intranet Fundamentals Class 8 Session A.
Advanced Higher Computing Computer Networking Topic 1: Network Protocols and Standards.
COMP1321 Digital Infrastructure Richard Henson February 2014.
Internet and Intranet Fundamentals Class 9 Session A.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
1 CHAPTER 2 LAWS OF SECURITY. 2 What Are the Laws of Security Client side security doesn’t work Client side security doesn’t work You can’t exchange encryption.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
1 Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
Firewalls First notions. Breno de MedeirosFlorida State University Fall 2005 Types of outsider attacks Intrusions –Data compromise confidentiality, integrity.
1 Firewalls G53ACC Chris Greenhalgh. 2 Contents l Attacks l Principles l Simple filters l Full firewall l Books: Comer ch
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
1.1 1 Purpose of firewall : –Control access to or from a protected network; –Implements network access policy connections pass through firewall and are.
OV Copyright © 2005 Element K Content LLC. All rights reserved. Hardening Internetwork Devices and Services  Harden Internetwork Connection Devices.
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
FIREWALL. The member in group 1. Bhummikorn M.2/5 No.5 2.Borwornrat Khrongsiriwat M.2/5 No.6 3. Panaphon sangobsakun M.2/5 No.20 4.Kalint Muangsornkeaw.
1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.
1 Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.
Transmission Control Protocol (TCP) Internet Protocol (IP)
1 An Introduction to Internet Firewalls Dr. Rocky K. C. Chang 12 April 2007.
 1DT014 Datakommunikation I › (Thur) 9-14 › Polacksbacken, Skrivsal  9 Questions › 5 Short questions › 4 Long questions.
TCP/IP Protocol Suite ©Richard L. Goldman September 25, 2002.
Advanced Higher Computing Computer Networking Topic 1: Network Protocols and Standards.
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
Chapter 40 Internet Security.
Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
Network Security (the Internet Security)
FIREWALL configuration in linux
Unit 4 IT Security.
PROJECT PRESENTATION ON INTERNET FIREWALLS PRESENTED BY THE GUARDS
Topic 5: Communication and the Internet
* Essential Network Security Book Slides.
Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
Transport Protocols An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
دیواره ی آتش.
Network hardening Chapter 14.
6. Application Software Security
Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
Presentation transcript:

How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant

0420 How (not) to use your firewall Jurjen N.E. Bos2 Overview Introduction Principles of information security Strengths and weaknesses of a firewall Basic principles Conclusion

0420 How (not) to use your firewall Jurjen N.E. Bos3 Introduction A firewall, originally, is a wall that prevents spreading of fire through a building More generally, it isolates things in case of hazard Specifically, we will discuss isolating the Internet from a company network

0420 How (not) to use your firewall Jurjen N.E. Bos4 A firewall Internet Firewall LAN

0420 How (not) to use your firewall Jurjen N.E. Bos5 Principles of information security What do you want to protect? Your data Your data secrecy reliability availability Your hardware Your hardware Your reputation Your reputation

0420 How (not) to use your firewall Jurjen N.E. Bos6 What do you want your firewall to do? Increase security Simplify maintenance of network Save money Be user friendly and non-disruptive

0420 How (not) to use your firewall Jurjen N.E. Bos7 What can your firewall do A firewall protects your company LAN against known threats known threats coming from outside coming from outside via the firewall via the firewall at connection level at connection level by making things harder to use. by making things harder to use.

0420 How (not) to use your firewall Jurjen N.E. Bos8 What can’t your firewall do Solve your security problem Solve your security problem Protect against viruses Protect against viruses Protect data that doesn’t flow through it Protect data that doesn’t flow through it Be “user friendly” Be “user friendly” Protect against every threat Protect against every threat Protect against attacks from the inside Protect against attacks from the inside

0420 How (not) to use your firewall Jurjen N.E. Bos9 Examples A firewall does not protect against viruses There’s a new example every month A firewall does not protect against unknown attacks Firewall-1 DOS attack: July 2000 A firewall makes life harder If you had no front door lock, you wouldn’t have to stay home for the heating repairman. Wouldn’t that be convenient?

0420 How (not) to use your firewall Jurjen N.E. Bos10 Maintaining a firewall Most attacks are published in enough detail that people can figure out for themselves how to attack your machines. Install your system properly Install your system properly Read the news on known holes (e.g. SANS), and download the patches Read the news on known holes (e.g. SANS), and download the patches Watch out for fake patches Watch out for reliability of your machines Read your log files Read your log files

0420 How (not) to use your firewall Jurjen N.E. Bos11 A firewall is not a machine A firewall does not only consist of the firewall host machine, but also of: A security model A security model A list of firewall settings (e.g., allowed services) A list of firewall settings (e.g., allowed services) Procedures to maintain the firewall host machine Procedures to maintain the firewall host machine An operator or group of operators An operator or group of operators A list of guidelines A list of guidelines

0420 How (not) to use your firewall Jurjen N.E. Bos12 Basic rules A few trivial but important rules for security maintenance: Use multiple layers of protection Use multiple layers of protection Keep it simple Keep it simple “No, unless” instead of “Yes, if” “No, unless” instead of “Yes, if” Monitor your systems Monitor your systems Not only the firewall, but also the network behind it Decide on your security model Decide on your security model Risk analysis is a very useful tool

0420 How (not) to use your firewall Jurjen N.E. Bos13 Layers of protection ABC A B C

0420 How (not) to use your firewall Jurjen N.E. Bos14 Protocol stack Application Layer Transport Layer Internet Layer Network Access Layer SMTP, FTP, Telnet TCP, UDP, ICMP IP Ethernet, ATM User Layer Word, PDF

0420 How (not) to use your firewall Jurjen N.E. Bos15 Example: firewall settings Allow useful low risk services: SMTP, POP (mail), NNTP (news), HTTP (surfing) Allow useful low risk services: SMTP, POP (mail), NNTP (news), HTTP (surfing) If you really need it, allow services like DNS (naming), IRC (chat), MBONE (video conferencing and the like) If you really need it, allow services like DNS (naming), IRC (chat), MBONE (video conferencing and the like) Don’t allow games, NTP(time), RIP, OSPF (routing), SNMP (management), NIS, WINS (naming) Don’t allow games, NTP(time), RIP, OSPF (routing), SNMP (management), NIS, WINS (naming)

0420 How (not) to use your firewall Jurjen N.E. Bos16 Train your users Users must know basic things in order to make effective use of security measures: The Internet is unreliable. The Internet is unreliable. Security through obscurity doesn’t work (they won’t notice I have all my passwords in a file called “secret”). Security through obscurity doesn’t work (they won’t notice I have all my passwords in a file called “secret”). Social engineering is hard to recognise. Social engineering is hard to recognise. I recommend to write a guidelines document for Internet usage.

0420 How (not) to use your firewall Jurjen N.E. Bos17 Guidelines for users Things to consider putting in a guidelines document: Use the connections that are available Use the connections that are available No own phone connections, for example No downloading of objectionable material No downloading of objectionable material Filters annoy “good” users, and don’t stop “bad” users Don’t trust the outside world Don’t trust the outside world Social engineering is a serious threat Digital data is often more valuable than physical objects Digital data is often more valuable than physical objects

0420 How (not) to use your firewall Jurjen N.E. Bos18 Useful literature There are a zillion books about information security out there. The ones I read recently and liked: Elizabeth D. Zwicky, Simon Cooper and D. Brent Chapman: “Building Internet Firewalls”, second edition, O’Reilly Bruce Schneier: “Secrets and Lies”

0420 How (not) to use your firewall Jurjen N.E. Bos19 Conclusion Basic rules of using any security system: Don’t trust anything Don’t trust anything Don’t put all your eggs in one basket Attacks may come from everywhere Know what you want to protect Know what you want to protect Use the simplest protection that protects it Train your users Train your users Stay alert Stay alert

0420 How (not) to use your firewall Jurjen N.E. Bos20 How to make a firewall useless Trust your users Use the default installation Use a sophisticated self designed system that locks out everything dangerous Assume the firewall will protect you forever

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.