Internet and Intranet Fundamentals Class 8 Session A.

Slides:

Advertisements

Similar presentations

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Advertisements

Computer Network Research Group ITB Security Issues Onno W. Purbo Computer Network Research Group Institute of Technology Bandung

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

IUT– Network Security Course 1 Network Security Firewalls.

FIREWALLS Chapter 11.

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Personal Info 1 Prepared by: Mr. NHEAN Sophan  Presenter: Mr. NHEAN Sophan  Position: Desktop Support  Company: Khalibre Co,. Ltd 

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

Survey of Information Assurance FIREWALLS. The term "firewall" originally meant a wall to confine a fire or potential fire within a building. Later uses.

HIPAA Security Standards What’s happening in your office?

Security Firewall Firewall design principle. Firewall Characteristics.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Firewalls and Intrusion Detection Systems

5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.

Chapter 10 Firewalls. Introduction seen evolution of information systems now everyone want to be on the Internet and to interconnect networks has persistent.

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.

1 Sonia FahmyPurdue University Firewalls and Firewall Testing Techniques Sonia Fahmy Department of Computer Sciences Purdue University

COEN 252: Computer Forensics Router Investigation.

Firewall Slides by John Rouda

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Chapter 20 Firewalls.

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

NW Security and Firewalls Network Security

Intranet, Extranet, Firewall. Intranet and Extranet.

FIREWALL Mạng máy tính nâng cao-V1.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

By : Himanshu Mishra Nimish Agarwal CPSC 624.  A system designed to prevent unauthorized access to or from a private network.  It must have at least.

Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.

2/24/2000 Will Lennon 1 Internet Security Based on Learning Tree Course #468: Internet and Intranet Security: A Comprehensive Introduction.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

Internet and Intranet Fundamentals Class 9 Session A.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Firewalls First notions. Breno de MedeirosFlorida State University Fall 2005 Types of outsider attacks Intrusions –Data compromise confidentiality, integrity.

NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.

Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Security fundamentals Topic 10 Securing the network perimeter.

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:

Firewall – Survey  Purpose of a Firewall  To allow ‘proper’ traffic and discard all other traffic  Characteristic of a firewall  All traffic must go.

1 An Introduction to Internet Firewalls Dr. Rocky K. C. Chang 12 April 2007.

SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.

By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.

Security fundamentals

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Firewalls (March 2, 2016) © Abdou Illia – Spring 2016.

Firewalls Purpose of a Firewall Characteristic of a firewall

Firewalls Jiang Long Spring 2002.

AbbottLink™ - IP Address Overview

Session 20 INST 346 Technologies, Infrastructure and Architecture

Presentation transcript:

Internet and Intranet Fundamentals Class 8 Session A

Intranet Security Assets Needing Protection Threats Firewalls –Overview –Various Architectures –Ref: ref: Building Internet Firewalls, Chapman & Zwicky ISBN:

Assets Needing Protection Data –stored on computers Resources –the computers themselves Reputation

Protecting Data Secrecy / Privacy Integrity Availability

Protecting Data Secrecy / Privacy Trade Secrets –obligations to shareholders Competitive Intelligence –competition sensitive Examples –national defense –patient medical records –student records

Protecting Data Integrity Keeping Data from Being Modified –tampering Loss of Confidence –consumer –customer –investor –employee

Protecting Data Availability Is your data accessible? Related to computing resource availability

Protecting Resources Computer Resources –disk space –CPU cycles –memory Labor Resources –$$$ spent in … tracking down intruders performing re-installing software

Protecting Reputation Confidence Intruders Masquerade as You –identity theft Business/Technical Competence Example –professor and racist hate mail

Threats Types of Attacks Types of Attackers Stupidity and Accidents

Types of Attacks Intrusion Denial of Service Information Theft

Intrusion People Gain Access to Your Network and Computers How? –social engineering –guesswork crack program child/dog’s name

Denial of Service Preventing you (and others) from using your own computers Mail Bombs Flooding a Systems Queues, Processes, etc. –Internet Worm –Distributed denial of service (CNN/Ebay/Yahoo) Limited Number of Login Attempts –they either get in, or they can force denial of service to everyone else!

Information Theft Stealing Password Files –download for offline cracking Packet Sniffers –Ethernet is a party line –A switch is your friend.

Types of Attackers Joyriders –bored, looking for amusement Vandals –like destroying things, or don’t like you Score Keepers –bragging rights Spies –industrial and international

Stupidity and Accidents 55% of all incidents result from naivete or lack of training Apple’s buggy mail server –hundreds of thousands of error messages Any system which doesn’t not assign passwords. Hard to Protect Against!

Firewalls Overview Various Firewall Architectures

Overview How to Protect Your Intranet Assets? –no security –security through obscurity –host security –network security Your home is an intranet?

Overview No Security Security Through Obscurity –nobody knows about it –people figure a small company or home machine isn’t of interest –“obscurity” impossible on Internet InterNIC –examples with Telnet

Overview Host Security –geared to particular host –scalability issue –admin nightmare sheer numbers different OS, OS config, etc. –OK for small sites or sites with extreme requirements

Overview Network Security –control network access –kill lots of birds with one stone –firewalls Security Technology Can’t Do It All –policing internal time wasting, pranks, etc. –no model is perfect –Who watches the watcher?

Overview Internet Firewalls –concept: containment choke point –prevents dangers of Internet from spreading to your Intranet –restricts people to entering at carefully controlled point(s) can only leave that point too

Overview Firewall –prevents attackers from getting close to internal defenses –adequate if interactions conform to security policy (tight vs. loose) Consists of –hardware routers, computers, networks –software proxy servers, monitors

Firewall System Exterior Router & Bastion Host may be combined.

Overview Firewall Limitations –malicious insiders –people going around it (e.g., modems) –completely new threats designed to protect against known threats –viruses Make vs. Buy –lots of offerings (see Internet)

Various Firewall Architectures Screening Router Packet Filtering Proxy Services –application level gateways Dual-Home Host Screened Host Screened Subnet

Various Firewall Architectures IP Packet Filtering IP source address IP destination address Transport Layer Protocol TCP / UDP source port TCP / UDP destination port ICMP message type

Various Firewall Architectures IP Packet Filtering Also Knows … –inbound and outbound interfaces Examples –block all incoming connection from outside except SMTP –block all connections to or from untrusted systems –allow SMTP, FTP, but block TFTP, X Windows, RPC, rlogin, rsh, etc.

Various Firewall Architectures Dual-Homed Host One Computer, Two Networks –must proxy services –can examine data coming in from app level on down

Various Firewall Architectures Screened Host Bastion Host –controls connections to outside world –If broken, your interior network is open. Packet Filtering by Router –incoming

Various Firewall Architectures Screened Subnet Bastion Host –controls connections to outside world –on perimeter network Packet Filtering –two routers –incoming