Firewall Vulnerabilities Presented by Vincent J. Ohm.

Slides:



Advertisements
Similar presentations
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Advertisements

Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 7 Working with Proxy Servers & Application-Level Firewalls By Whitman, Mattord,
Working with Proxy Servers and Application-Level Firewalls Chapter 5.
Web Server Administration TEC 236 Securing the Web Environment.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
K. Salah1 Firewalls. 2 Firewalls Trusted hosts and networks Firewall Router Intranet DMZ Demilitarized Zone: publicly accessible servers and networks.
Firewalls Screen packets coming into the Privet Networks from external, Untrusted Networks (Internet) Ingress Packet Filtering  Firewall examine incoming.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Chapter 7: Working with Proxy Servers & Application-Level Firewalls
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Firewalls: General Principles & Configuration (in Linux)
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
A Brief Taxonomy of Firewalls
Firewalls. What are firewalls? a hardware device and/or software program which sits between the Internet and the intranet, internet, of an organization.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
FTP (File Transfer Protocol) & Telnet
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
Chapter 13 – Network Security
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Attacking Applications: SQL Injection & Buffer Overflows.
Network Firewall Technologies By: David W Chadwick Implementing a Distributed Firewall By: Sotiris Ioannidis Angelos D. Keromytis Steve M. Bellovin Jonathan.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
Defense Techniques Sepehr Sadra Tehran Co. Ltd. Ali Shayan November 2008.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
TCP/IP Transport and Application (Topic 6)
Access Control List (ACL)
1 Firewalls G53ACC Chris Greenhalgh. 2 Contents l Attacks l Principles l Simple filters l Full firewall l Books: Comer ch
TCP/IP Protocols Contains Five Layers
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
1 Firewalls Types of Firewalls Inspection Methods  Static Packet Inspection  Stateful Packet Inspection  NAT  Application Firewalls Firewall Architecture.
Verify that timestamps for debugging and logging messages has been enabled. Verify the severity level of events that are being captured. Verify that the.
Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.
Karlstad University Firewall Ge Zhang. Karlstad University A typical network topology Threats example –Back door –Port scanning –…–…
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
Security fundamentals Topic 10 Securing the network perimeter.
CITA 310 Section 9 Securing the Web Environment (Textbook Chapter 10)
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—3-1 Lesson 3 Cisco PIX Firewall Technology and Features.
Lesson 2a © 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—2-1 Firewall Technologies and the Cisco Security Appliance.
Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.
Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.
“ is not to be used to pass on information or data. It should used only for company business!” – Memo from IBM Executive The Languages, Methods &
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
Firewalls Definition: Device that interconnects two or more networks and manages the network traffic between those interfaces. Maybe used to: Protect a.
Security fundamentals
FIREWALL configuration in linux
Prepared By : Pina Chhatrala
Firewalls.
Firewalls By conventional definition, a firewall is a partition made
Firewalls Jiang Long Spring 2002.
Firewalls Chapter 8.
Presentation transcript:

Firewall Vulnerabilities Presented by Vincent J. Ohm

Topics Firewall design (Stateful) Packet Filter, Application proxy, Personal Firewall OSI Stack Layer IP, TCP spoofing Applications sendmail Firewall implementation broad permissions, overflows, etc.

Firewalls Network gateway handles incoming & outgoing traffic Access manager blocks/grants access to services, networks

Firewall Design (The benefits) Packet Filter – scans IP address, port number – block specific adresses, ports – Stateful: adds connection filtering Application Proxy – scans packet payload – filter harmful data, program commands Personal – combination of filter & proxy

Firewall Design (The drawbacks) Packet Filter – harmful data passes through Application Proxy – unknown application vulnerabilities

OSI Stack Network – I.P. – no address authentication – address is spoofable Transport – T.C.P. – sequence number enforces exclusivity – spoof I.P. address and guess seq. number... – T.C.P. spoofing

Applications Applications with vulnerabilities –sendmail ‘WIZ’  debugging command creates root shell access on remote server Methods of exploitation –crafted data (overflows) –commands (sendmail) Packet Filters can block some Application Proxies can block more

Firewall Implementation Symantec Firewall/VPN Appliance –Password leak Pyramid BenHur –Active FTP Kerio Personal Firewall –Rules bypassable Cisco PIX –SNMPv3, VPNC IPsec Check Point Firewall-1 & DeleGate application proxy –overflows

Symantec Firewall/VPN Appliance Accessing firewall to change password from unsecured terminal using web browser Firewall’s HTTP response, stored in browser cache HTTP response contains the new password… …in cleartext! Symantec’s fix: strips password data

Pyramid BenHur Firewall Firewall access rules can be bypassed… …by sending connect request with source port = 20  FTP data port Can connect to any port Workaround: block all outside access from port 20 OR apply patch

Kerio Personal Firewall Problem with default configuration Firewall would allow any UDP packet through if source port = 53  DNS port Intention: allow DNS responses Fix: allow packet only if DNS request precedes the response

Check Point Firewall-1 Invalid HTTP request Generates error message using portion of input… …included in format string used for call to sprintf() Exploit for: –command execution on firewall –arbitrary code execution

DeleGate Application Proxy Uses fixed array size for username & password Arrays used in calls to strcpy() Input sufficiently long strings… …buffer overflow!

Conclusion Firewalls are not invulnerable Vulnerable by … –Design –Other O.S.I. Layers vulnerabilities –Implementation flawes flaws

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.