1 / 17

Security on the Internet

Security on the Internet. Today, commercially available routers are equipped with a firewall. The standard configuration is such that telegrams from LAN to WAN can pass, but not vice versa. In place of “firewall“, terms like “application configuration“ or “NAT / PAT“ are used also. Term: NAT.

zubeda
Download Presentation

Security on the Internet

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Security on the Internet Today, commercially available routers are equipped with a firewall. The standard configuration is such that telegrams from LAN to WAN can pass, but not vice versa. In place of “firewall“, terms like “application configuration“ or “NAT / PAT“ are used also.

  2. Term: NAT NAT stands for “Net Address Translation“

  3. Router – Port Forwarding A port in a network is like a keyPort 80 is the default key equals a door handle The router must be configured manually. Please observe: Services such as IGD, WCN and AOSS are not supported.

  4. Router – Port Forwarding 10 2 10 2 • Port 80 (http) Web Server Operation with Web Browser • Port 443 (https) Encrypted Web Server Operation with Web Browser • Port 21 (ftp) ACS File transfer (Message history and Offline Trend) • Port 50005 () ACS Operation • Port 22 (scp) HQ Zug OZW Web Server Remote Support

  5. DynDNS – Opening an Account • Open user account under https://www.dyndns.com/, for example, and add hostnames.

  6. DynDNS – Adding a new Host • Select domain names for the web server • Select service type ”Host with IP address“ • Auto detect transfers your current IP address to the ”IP Address“ field

  7. DynDNS – Make adjustments in the router • Make the adjustments in the router DynDNS.org smartweb.dyndns.biz ozw772

  8. Browser • Calling up the web server via the browser: • With port forwarding to default port 80

  9. Term: PAT PAT stands for “Port Address Translation“. Other terms used are “Port Forwarding“ and “Port Mapping“

  10. Router – Port Mapping A port in a network is like a keyPrivate Ports is a special key equals a security key Result: Port 55000 on the WAN side is translated to port 80 on the LAN side. List of free ports: http://www.iana.org/assignments/port-numbers Recommendation: Use private ports from 49152 through 65535.

  11. Router – Port Mapping Example: 10 2 10 2 • Port 80 (http): Web server operation via browser • Port 21 (ftp): File transfer (history file)

  12. DynDNS – Adding a new Host • As previous: Select the dyndns properties in the dyndns account and in the router

  13. Browser Calling up the web server via the browser: • With port forwarding to private port e.g. 55000

  14. Exercise 6 • Commissioning WAN • Configure your router at your workplace such that the following • actions will be possible: • Access to the web server via http protocol.For security reasons, the WAN port shall be translated to 55000 • Access to the message history via ftp protocol • Access via dyndns from a remote location : smartweb.dyndns.biz

  15. Exercise

  16. Exercise

  17. Exercise

More Related