Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN.

Published byMarylou Sharp Modified over 9 years ago

Similar presentations

Presentation on theme: "1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN."— Presentation transcript:

1 1 實驗九:建置網路安全閘道器 教師: 助教:

2 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN network

3 3 Background (1/2)  Proxy  Acts as a gateway between a local area network and the Internet  Transparent Proxy  Clients forced to pass through proxy for monitoring purpose  Security control  ACL (Access-Control-List)  A list of permissions attached to a URL or a website  ICP (Internet Control Protocol )  Tracks the internet address of nodes, routes outgoing messages, and recognizes incoming messages  Firewall  Use static policies to filter specific traffic types  Filter parameters consist of  Source and target address  Ports  Direction  Protocols

4 4 Background (2/2)  VPN  A VPN can send data across secured and encrypted private channels between two points over a public network.  Used to provide secure communication  Tunneling  Encryption & Decryption  Key management  IPSec

5 5 Proxy – Squid  The most popular open-source proxy server  Support  ICP (Internet Control Protocol)  Transparent Proxy

6 6 Firewall – IPTables  Rule-based packet filter  Three types chain of rules  Input chain – Input packet rule control chain  Output chain – Output packet rule control chain  Forwarding chain – IP masquerade packet rule control chain  Three types chain of rules on NAT table  Prerouting chain – Rule control chain before routing packets  Postrouting chain – Rule control chain after routing packets  Output chain – Rule control chain for output packets

7 7 VPN – OpenVPN  A famous VPN software of Linux  Support IPSec technique  Support to separate multiple tunnels  Client-Server based Through VPN software

8 8 Experiment – Internet gateway  Configure security gateway to manage traffic  Add three rules  Adult websites  Denial of a part of a computer’s connections  Denial of downloading  Environment setup Our Linux gateway

9 9 Experiment – Firewall  Prevent hackers’ attacks  Use IPTable’s rules to filter the attack packets  Deny the ping packets from outside  Environment setup

10 10 Experiment – VPN Network  Connect two networks using VPN  Install the VPN software on two linux servers  Configure the tunnel parameters  Build security connections between LANs  Environment setup

Download ppt "1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.

Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Firewall Configuration Strategies

Firewall Configuration Strategies
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Circuit & Application Level Gateways CS-431 Dick Steflik.

Circuit & Application Level Gateways CS-431 Dick Steflik.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
M2M Gateway Features Jari Lahti, CTO www.violasystems.com.

M2M Gateway Features Jari Lahti, CTO
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Similar presentations

Ads by Google