1 / 34

CTP 204 2006-2007 FALL Firewalls Filtering Properties Anti-virus Programs

CTP 204 2006-2007 FALL Firewalls Filtering Properties Anti-virus Programs. WHAT IS A FIREWALL?. System or system group Traffic conroller. FIREWALLS PROPERTIES. Contol the traffic Let the traffic go Stop the traffic Block the packets Provide a first line of defense

linore
Download Presentation

CTP 204 2006-2007 FALL Firewalls Filtering Properties Anti-virus Programs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CTP 2042006-2007 FALLFirewallsFiltering PropertiesAnti-virus Programs

  2. WHAT IS A FIREWALL? • System or system group • Traffic conroller

  3. FIREWALLS PROPERTIES • Contol the traffic • Let the traffic go • Stop the traffic • Block the packets • Provide a first line of defense • Make public network secure • Can not block viruses(disadvantage) • Block unauthorized access

  4. How does a firewall work? • Create a guide table • Checks the packets PACKET(Source IP,Sink IP,Source Port,Sink Port) • Compare them with firewall rules • Delete or checks guide table

  5. PERSONAL FIREWALLS Without a firewall: • Ftp(optional) • Http(optional) • Smtp • Pop3

  6. PERSONAL SECURITY • Update the applications run on Internet (Outlook,Internet Explorer, ICQ,MSN…) • Usa a firewall and close unused ports (IPTABLES for Linux, NETFILTER for Windows) • Use a anti-virus program & always update • Disable Java, Java Script, ActiveX choice • Do not open the e-mails before searching for virus • Always take back-up of important files • Create a boot disc for hard-disc failure

  7. FIREWALL TYPES Software based Hardware based

  8. FILTERING PROPERTIES • Packet Filtering • Check only source IP&port, sink IP&port • Do not follow session • Stateful Inspection • Check the packet flow characteristic for each session • Complex from other filtering but secure • NAT(Network Address Translation) • Session level • Block the IP address of the computers • Show nat address & use only one IP • Proxy • Application level • Filter ftp,telnet applications • Filter certain commands of an application • Watch or block the local network users connection • High level security

  9. NAT MECANISM • STEPS OF HOW DOES THE MECANISM WORKS • Take the packet from local network • Hold IP and port info of this packet • Make the source address self-address • Send packet to out world • Take the answer packet from out world • Check the tables and find the owner of the packet

  10. COMPARING NAT & PROXY • Both hides IP addresses of the computers • Both can be used when IP address not enough • Both install session(Only Proxy interfere content) • Both slow down the network(CPU-RAM) • NAT easier to set up • Proxy require settings for each client (Internet Explorer,ICQ,MSN…) • Both are secure

  11. FIREWALLS PERFORMANCE • Related with network performance • RAM and CPU should be higher when NAT & PROXY installed • Operation system should be harmony with firewall

  12. INSTALLING FIREWALLS • CENTERAL building • MIXED building

  13. CENTRAL Building

  14. CENTRAL Building • Advantages • Easy to config • Securer • Disadvantages • Effect all segments • Difficult to back up • Difficult to upgrade according to each user

  15. MIXED Building

  16. MIXED Building • Advantages • Effect only one segment • Easy back-up • Used many different functions • Disadvantages • Expensive than central building • Can not generalize security politics

  17. VLAN(VIRTUAL LAN) • Seperate each group • Makes the network securer • Supply more security with firewall

  18. FIREWALL SETTINGS • Direct connection to firewall: • Enter the rules to command line(console) • If has web surface: • Enter the rules on web server • Installing the firewall setting console to another (secure)pc: • Enter the rules on that (secure)pc

  19. WINDOWS FIREWALL

  20. WINDOWS FIREWALL Dangerous to open a new port for an unknown application

  21. WINDOWS FIREWALL

  22. ANTI-VIRUS PROGRAMS COMMON PROPERTIES • Executable • Clonable • Hideable • Change a program codes • Change itself

  23. VIRUS TYPES • File Virus • Command Runnable Virus • Boot Sector Virus • Script Virus • Macro • Worm • Trojan • Dailer

  24. File Virus • Finishes with .com .bat .exe • Change file • Delete file

  25. Command Runnable Virus • Roll the O\S files • Target command.com

  26. Boot Sector Virus • Place to MBR(Master Boot Record) • Run before O\S

  27. Script Virus • Roll from Internet Explorer,Outlook… • Active when a web site or e-mail opened

  28. Macro • Use macro functions of MS-Office • Roll while opening

  29. Worm • Roll using IP address & opened share files • Use RPC(Remote Procedure Call) of WINDOWS • Roll to sharing files • Copy it-self • Block the Internet traffic

  30. Trojan • Take the passwords of victim PC • Spy virus • No damage

  31. Dailer • Effect dial-up users • Disconnect the user from Internet • Mute the modem • Connect to an operator abroad • Make user pay too much money

  32. ANTI-VIRUS PROGRAM PROPERTIES • Check existing folders • Clean\Quarantine contagious virus • Block the virus from CD,disc,internet

  33. How does a anti-virus program work? • Create a database • Update the database • Take the control of the computer • Check all imports to pc

  34. COMPARING ANTI-VIRUS PROGRAMS http://anti-virus-software-review.toptenreviews.com/?ttreng=1&ttrkey=anti-virus+programs

More Related