Presentation is loading. Please wait.

Presentation is loading. Please wait.

Part of slides provided by J.F Kurose and K.W. Ross, All Rights Reserved Network Security7-1 Chapter 7 Network Security Extra Slides Communication Networks.

Published byDonna Wilson Modified over 9 years ago

Similar presentations

Presentation on theme: "Part of slides provided by J.F Kurose and K.W. Ross, All Rights Reserved Network Security7-1 Chapter 7 Network Security Extra Slides Communication Networks."— Presentation transcript:

1 Part of slides provided by J.F Kurose and K.W. Ross, All Rights Reserved Network Security7-1 Chapter 7 Network Security Extra Slides Communication Networks P. Demeester

2 Network Security7-2 Packet Filtering : example Standard policy : deny all traffic Allow : - access to public web - access to UGent web server and FTP server - access to UGent back-up DNS server - sending and receiving e-mail (from/to UGent) - full access between 157.192.133.0/24 and 157.193.122.0/24 (except sending e-mail from 157.193.0.0/16 to 157.192.133.0/24) Internet firewall/ router switch router 157.193.122.0/24 157.193.184.0/24 157.192.133.0/24 UGent 157.193.0.0/16 13.13.13.13 back-up DNS server UGent 157.193.122.5 e-mail server 157.193.184.4 Web en FTP server

3 Network Security7-3 Packet Filtering : example protocolsourcedestinationports ACCEPTTCP157.193.0.0/160.0.0.0/01024:65535 -> 80 ACCEPTTCP0.0.0.0/0157.193.0.0/1680 -> 1024:65535 ACCEPTTCP157.193.184.4/320.0.0.0/080 ->1024:65535 ACCEPTTCP0.0.0.0/0157.193.184.4/321024:65535 -> 80 ACCEPTTCP157.193.184.4/320.0.0.0/020 -> 1024:65535 ACCEPTTCP0.0.0.0/0157.193.184.4/321024:65535 -> 20 ACCEPTTCP157.193.184.4/320.0.0.0/021 -> 1024:65535 ACCEPTTCP0.0.0.0/0157.193.184.4/321024:65535 -> 21 ACCEPTTCP157.193.122.5/320.0.0.0/025 -> 1024:65535 ACCEPTTCP0.0.0.0/0157.193.122.5/321024:65535 -> 25 ACCEPTTCP157.193.122.5/320.0.0.0/01024:65535 -> 25 ACCEPTTCP0.0.0.0/0157.193.122.5/3225 -> 1024:65535 ACCEPTALL157.193.122.0/24157.192.133.0/24N/A ACCEPTALL157.192.133.0/24157.193.122.0/24N/A ACCEPTUDP157.193.0.0/1613.13.13.13/321024:65535 -> 53 ACCEPTUDP13.13.13.13/32157.193.0.0/1653 -> 1024:65535 DENYTCP157.193.0.0/16157.192.133.0/241024:65535 -> 25 DENYTCP157.192.133.0/24157.193.0.0/1625 -> 1024:65535 DENYALL0.0.0.0/0 N/A public web UGent web UGent FTP Receive e-mail Send e-mail No e-mail to 157.192.133.0/24 Between 2 subnets UGent DNS back-up Standard DENY Overruled by

4 Network Security7-4 Packet Filtering : example : correct protocolsourcedestinationports ACCEPTTCP157.193.0.0/160.0.0.0/01024:65535 -> 80 ACCEPTTCP0.0.0.0/0157.193.0.0/1680 -> 1024:65535 ACCEPTTCP157.193.184.4/320.0.0.0/080 ->1024:65535 ACCEPTTCP0.0.0.0/0157.193.184.4/321024:65535 -> 80 ACCEPTTCP157.193.184.4/320.0.0.0/020 -> 1024:65535 ACCEPTTCP0.0.0.0/0157.193.184.4/321024:65535 -> 20 ACCEPTTCP157.193.184.4/320.0.0.0/021 -> 1024:65535 ACCEPTTCP0.0.0.0/0157.193.184.4/321024:65535 -> 21 DENYTCP157.193.0.0/16157.192.133.0/241024:65535 -> 25 DENYTCP157.192.133.0/24157.193.0.0/1625 -> 1024:65535 ACCEPTTCP157.193.122.5/320.0.0.0/025 -> 1024:65535 ACCEPTTCP0.0.0.0/0157.193.122.5/321024:65535 -> 25 ACCEPTTCP157.193.122.5/320.0.0.0/01024:65535 -> 25 ACCEPTTCP0.0.0.0/0157.193.122.5/3225 -> 1024:65535 ACCEPTALL157.193.122.0/24157.192.133.0/24N/A ACCEPTALL157.192.133.0/24157.193.122.0/24N/A ACCEPTUDP157.193.0.0/1613.13.13.13/321024:65535 -> 53 ACCEPTUDP13.13.13.13/32157.193.0.0/1653 -> 1024:65535 DENYALL0.0.0.0/0 N/A public web UGent web UGent FTP Receive e-mail Send e-mail No e-mail to 157.192.133.0/24 Between 2 subnets UGent DNS back-up Standard DENY back

Download ppt "Part of slides provided by J.F Kurose and K.W. Ross, All Rights Reserved Network Security7-1 Chapter 7 Network Security Extra Slides Communication Networks."

Similar presentations

Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.

Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
CS 325 Computer Networks Sami Rollins Fall 2003.

CS 325 Computer Networks Sami Rollins Fall 2003.
Slide 5.1 Curtis/Cobham © Pearson Education Limited 2008 Chapter 5 The Internet and the World Wide Web.

Slide 5.1 Curtis/Cobham © Pearson Education Limited 2008 Chapter 5 The Internet and the World Wide Web.
1 Day 01 - The Internet. 2 Chapter 1 Introduction Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross.

1 Day 01 - The Internet. 2 Chapter 1 Introduction Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.

Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.
Introduction1-1 CS 325 Computer Networks Sami Rollins Fall 2005.

Introduction1-1 CS 325 Computer Networks Sami Rollins Fall 2005.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.

TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Chapter 1 Introduction Computer Networking: A Top Down Approach 6th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

Chapter 1 Introduction Computer Networking: A Top Down Approach 6th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
Networking Components By: Michael J. Hardrick. HUB  A low cost device that sends data from one computer to all others usually operating on Layer 1 of.

Networking Components By: Michael J. Hardrick. HUB  A low cost device that sends data from one computer to all others usually operating on Layer 1 of.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
RSC Part I: Introduction Redes y Servicios de Comunicaciones Universidad Carlos III de Madrid These slides are, mainly, part of the companion slides to.

RSC Part I: Introduction Redes y Servicios de Comunicaciones Universidad Carlos III de Madrid These slides are, mainly, part of the companion slides to.

Similar presentations

Ads by Google