1 / 10

Topic 2: Lesson 3 Intro to Firewalls

Topic 2: Lesson 3 Intro to Firewalls. Summary. Basic questions. What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer firewalls and application layer firewalls. Enumerate the benefits of a firewall

sanaa
Download Presentation

Topic 2: Lesson 3 Intro to Firewalls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Topic 2: Lesson 3Intro to Firewalls Summary

  2. Basic questions • What is a firewall? • What can a firewall do? • What is packet filtering? • What is proxying? • What is stateful packet filtering? • Compare network layer firewalls and application layer firewalls. • Enumerate the benefits of a firewall • Enumerate the limitations of a firewall

  3. What is a firewall? • Protect internal network from outside threats • creates choke point from outside of network • mechanism that permits access control between two or more networks • come in various forms: hardware and software, usually a combination

  4. What can a firewall do? • keep outsiders from breaking in • keep insiders from exposing valuable data • enable secure communication between networks • Firewall protects both direction • Firewall can proxy an Internet service • block services known to be problematic

  5. What is packet filtering? • One of the three types of firewall technology • determines whether a packet can be accepted or not based on IP address, port number, protocol type • spoofed with IP or port # filtering, doesn’t look at contents • firewall sets up rule set, verifies packets with header information • what is inside a packet header: • source IP, destination IP, protocol, source port, destination port, size of packet, sequence # • Can viruses or Trojans attack a firewall? • Yes, vulnerabilities in firewalls that can be exploited • previous employer, viruses disable firewalls

  6. What is proxying? • use a proxy server as an intermediary between two servers. Communication sent between the proxy and internal • hides real IP address from whoever you are communicating to • does logging and access control • based on policy, takes requests for user in group • don’t permit traffic between networks

  7. What is stateful packet filtering? • across b/w functionality of packet filtering and firewalls • provides more security checks • inspects first packet, adds entry to state table • state table= tabulates state of the system, state is how you define it to be . State is connections being made updated after valid connections are made. Follow-up packets for new connections use that table for verification. • use valid host to transmit malicious code • Does state table have an expiration time? Session time, start and termination time- time window, beyond the connection ends • Does termination expire instantaneously- depends based on configured session time; • How does it determine if first packet is valid - for efficiency, if you spoof original packet, not sure

  8. Compare network layer firewalls and application layer firewalls. • app layer firewalls block traffic based on what application u are using – network layer examine addressing and others • network layer firewalls are faster but do less inspection • can just block port rather than app? • ports used by app can change • most firewalls include aspects of both • firewall can be strengthened by changing firmware • example of network is packet filtering and example of application layer is proxying

  9. Enumerate the benefits of a firewall • cost benefits of firewall make economic sense, inexpensive and high rewards • enforce organizational security policies • enable logging of connections and data • logs produced can give valuable information about the network • help prevent net security issues from spreading across network segments • firewalls are only as useful as the unified security policy which is defined

  10. Enumerate the limitations of a firewall • firewalls cant protect against malicious inside attacks • not too effective against dialup • susceptible to IP spoofing • stop attacks at network level, so many attacks which they cannot block • cant prevent against Trojans, viruses, etc • can be compromised like any other part of the network • exploit problems in e-mail for DOS attacks • only as good as updates- need security updates/firmware • cant protect against vulnerable protocols- TCP/IP, http, etc • If you are greedy, you will eat the honey in the pot

More Related