Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Firewalls

Published byNicholas Ball Modified over 7 years ago

Similar presentations

Presentation on theme: "Introduction to Firewalls"— Presentation transcript:

1 Introduction to Firewalls
© N. Ganesan, Ph.D.

2 Overview

3 Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as a standalone hardware device or in the form of a software on a client computer or a proxy server The two types of firewall are generally known as the hardware firewall and the software firewall

4 Firewalls in Practice A computer may be protected by both a hardware and a software firewall

5 Mode of Operation A firewall that stands in between two networks will inspect a packet that is ready to pass between the networks and allow or block the packet based on the rules set for the firewall to operate

6 General Firewall Features
Port Control Network Address Translation Application Monitoring (Program Control) Packet Filtering

7 Additional Firewall Features
Data encryption Hiding presence Reporting/logging virus protection Pop-up ad blocking Cookie digestion Spy ware protection etc.

8 Viruses and Firewalls In general, firewalls cannot protect against viruses An anti-virus software is needed for that purpose However, many security suites such as those offered by MacAfee and Norton offer the complete protection Some software firewalls such as Zone Alarm Pro may contain limited virus protection features

9 A Rule of Thumb Use the best firewall and virus protection although each may originate from a different company

10 ISO-OSI Layers of Operation

11 Firewall Layer of Operation
Network Layer Application Layer

12 Network Layer Makes decision based on the source, destination addresses, and ports in individual IP packets. Based on routers Has the ability to perform static and dynamic packet filtering and stateful inspection.

13 Static & Dynamic Filtering
Static Packet Filtering looks at minimal information in the packets to allow or block traffic between specific service ports Offers little protection. Dynamic Packet Filtering maintains a connection table in order to monitor requests and replies.

14 Stateful Inspection Compares certain key parts of the packet to a database of trusted information. Incoming information is compared to outgoing information characteristics. Information is allowed through only If comparison yields a reasonable match.

15 Application Layer They are generally, hosts running proxy servers which perform logging and auditing of traffic through the network. Logging and access control are done through software components.

16 Proxy Services Application that mediates traffic between a protected network and the internet. Able to understand the application protocol being utilized and implement protocol specific security. Application protocols include: FTP, HTTP, Telnet etc.

17 Port Scans When hackers remotely spy on your computers to see what software and services they have. Port scans are common but with a properly configured and maintained firewall you can restrict access.

18 DMZ Demilitarized zone
Neither part of the internal network nor part of the Internet Never offer attackers more to work with than is absolutely necessary

19 Firewall Scenario Microsoft Internet Security and Acceleration (ISA) Server as a Dedicated Server

20 Network Configuration
Local Area Network Single Computer Small Office Network Less than 250 Clients IP Network Protocol Demand Dial Connectivity Larger Organization Array of ISA Server ISA Server Internet

21 Opening Ports Demonstration to be given later

22 Software Firewalls Firewall for Windows Firewall for Linux
Zone Alarm Winroute Trojan Trap - Trojan Horse Firewall for Linux Iptables Firewall for Mac Netbarrier

23 Software Firewall Implementation

24 Implementing a Firewall – An Example
Using Winroute as a software router for a small LAN. Using Trojan Trap as protection against active code attack. Software installation. Firewall configuration. Test and scan.

25 Firewall software comparison

26 Winroute Routing using NAT(Network Address Translation)
Packet filtering Port mapping Anti-spoofing VPN support DNS, DHCP Remote administration

27 Configuration and Rule Sets

28 Setup Winroute for LAN Winroute-PC should at least have 2 NICs
Check that all IP addresses are pingable Validate NAT on the Winroute-PC Deactivate NAT on the NIC connected to internal LAN

29 Setup Winroute for LAN No gateway configured on your local interface of the Winroute-PC Configure forwarding options On each internal PC configure the default gateway On each internal PC configure the DNS server

30 Scan and Test http://scan.sygatetech.com/

31 Trojan Trap Resources protection – restrict access to system resources by unknown application Application control Content filtering IP ports monitoring

32 Hardware Firewall What is it? What it does. An example. Firewall use.
What it protects you from.

33 Hardware Firewall (Cont.)
What is it? It is just a software firewall running on a dedicated piece of hardware or specialized device. Basically, it is a barrier to keep destructive forces away from your property. You can use a firewall to protect your home network and family from offensive Web sites and potential hackers.

34 Hardware Firewall (Cont.)
What it does ! It is a hardware device that filters the information coming through the Internet connection into your private network or computer system. An incoming packet of information is flagged by the filters, it is not allowed through.

35 Hardware Firewall (Cont.)
An example !

36 Hardware Firewall (Cont.)
Firewalls use: Firewalls use one or more of three methods to control traffic flowing in and out of the network: Packet filtering Proxy service State-full inspection

37 Hardware Firewall (Cont.)
Packet filtering - Packets are analyzed against a set of filters. Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa. State-full inspection – It compares certain key parts of the packet to a database of trusted information. Information traveling from inside to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics.

38 Hardware Firewall (Cont.)
What it protects you from: Remote logins Application backdoors SMTP session hijacking Addresses Spam Denial of service bombs sent 1000’s of times till mailbox is full Macros Viruses

39 Software Firewall What it is? Also called Application Level Firewalls
It is firewall that operate at the Application Layer of the OSI They filter packets at the network layer It Operating between the Datalink Layer and the Network Layer It monitor the communication type (TCP, UDP, ICMP, etc.) as well as the origination of the packet, destination port of the packet, and application (program) the packet is coming from or headed to.

40 Software Firewall (Cont.)
How does software firewall works ?

41 Software Firewall (Cont.)
Benefit of using application firewalls: allow direct connection between client and host ability to report to intrusion detection software equipped with a certain level of logic Make intelligent decisions configured to check for a known Vulnerability large amount of logging

42 Software Firewall (Cont.)
Benefit of application firewalls (Cont.) easier to track when a potential vulnerability happens protect against new vulnerabilities before they are found and exploited ability to "understand" applications specific information structure Incoming or outgoing packets cannot access services for which there is no proxy

43 Software Firewall (Cont.)
Disadvantage of Firewall: slow down network access dramatically more susceptible to distributed denial of service (DDOS) attacks. not transparent to end users require manual configuration of each client computer

44 Top Picks Personal Firewalls
Norton Personal Firewall ZoneAlarm Free/Plus/Pro

45 Conclusion

46 Web References www.firewall.com www.firewall-net.com

47 Benefits of Firewall-Summary
Prevent intrusion Choke point for security audit Reduce attacks by hackers Hide network behind a single IP address Part of total network security policy

48 References http:// www.howstuffworks.com http://www.microsoft.com

49 Port Numbers The Well Known Ports are those from 0 through 1023.
The Registered Ports are those from 1024 through The Dynamic and/or Private Ports are those from through ftp://ftp.isi.edu/in-notes/rfc1700.txt

50 Well-know TCP / UDP ports
TCP Port Number Description 20 FTP (Data Channel) 21 FTP (Control Channel) 23 Telnet 80 HyperText Transfer Protocol (HTTP) used for the World Wide Web 139 NetBIOS session service UDP Port Number Description 53 Domain Name System (DNS) Name Queries 69 Trivial File Transfer Protocol (TFTP) 137 NetBIOS name service 138 NetBIOS datagram service 161 Simple Network Management Protocol (SNMP)

51 References Tim Rains • Technical Lead • Networking Team Q310099, "Description of the Portqry.exe Command-Line Utility"

52 Hardware Firewalls

53 Some Hardware Firewall Features*
Offers IP security and internet key exchange network encryption. Integrated firewall functions. Network address translation. Encrypted SNMP management traffic

54 Some Hardware Firewall Manufacturers
DLink Linksys CISCO

55 Some Software Firewall Features
Network access control Trusted zones, Internet zones and Blocked zones Program access control Program access to the Internet Privacy control

56 Some Software Firewalls
Zone Alarm Microsoft Widows Firewall MacAfee Security Suite Norton Security Suite

Download ppt "Introduction to Firewalls"

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
_IT Security and Intellectual Property Summer 2006 Bashar Al Takrouri Personal Firewalls “Case study ::ZoneAlarm Security Suite” Instructor: Prof. Dr.

_IT Security and Intellectual Property Summer 2006 Bashar Al Takrouri Personal Firewalls “Case study ::ZoneAlarm Security Suite” Instructor: Prof. Dr.
Firewall Lalitha Jammalamadaka. Agenda 1. Introduction 2.Types of firewalls 3.How a software firewall works 4.Methods to control traffic 5.Making the.

Firewall Lalitha Jammalamadaka. Agenda 1. Introduction 2.Types of firewalls 3.How a software firewall works 4.Methods to control traffic 5.Making the.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Wi-Fi Structures.

Wi-Fi Structures.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Introduction to Firewalls © N. Ganesan, Ph.D.. Overview.

Introduction to Firewalls © N. Ganesan, Ph.D.. Overview.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

Similar presentations

Ads by Google