Firewalls Nicklas Nordenmark Fabian Alenius Peter Renström Nicklas Nordenmark Fabian Alenius Peter Renström

Basic Software or dedicated device Using a set of rules Traffic flow between networks Local network -> Internet

History The term “firewall” Late 1980s Clifford Stoll vs Markus Hess

Traditional Packet Filter First generation firewall Network Layer Attack IP Spoofing Smurf Attack Stacheldraht DDoS agent

Stateful Firewall Second generation firewall Keeps track of current connections Transport Layer Attack Definitions Connection resource exhaustion Header abuses Port Scan / Mapping

Application Layer Firewall Third generation firewall Many attacks on the application layer Inspect data SQL Injection Phishing Problems with encryption