E firewalls

Firewalls
 The function of a strong position is to make
the forces holding it practically unassailable
-On War,(Carl Von Clausewitz)

ABHIROOP GHATAK
en no: 0771184406

29 December 2008 abhiroop@cdac 1

What is a Firewall?
 A firewall is hardware, software, or a
combination of both that is used to prevent
unauthorized programs or Internet users from
accessing a private network and/or a single
computer.
 A firewall is simply a program or h/w device that
filters the info.coming through the internet
connection into your private network or
comp-system.IF an incoming packet of info.is
flagged by the filters,it is not allowed through.


Hardware vs. Software Firewalls

 Hardware Firewalls
 Protect an entire network
 Implemented on the router level
 Usually more expensive, harder to configure
 Software Firewalls
 Protect a single computer
 Usually less expensive, easier to configure


How does a software firewall work?

 Inspects each individual “packet” of data as
it arrives at either side of the firewall

 Inbound to or outbound from your computer

 Determines whether it should be allowed to
pass through or if it should be blocked


Firewalls denies or permits access based on
rules and policies

Protected Private Network

Internet


Firewall Rules
 Allow – traffic that flows automatically
because it has been deemed as “safe” (Ex.
Meeting Maker, Eudora, etc.)

 Block – traffic that is blocked because it has
been deemed dangerous to your computer

 Ask – asks the user whether or not the traffic
is allowed to pass through


What a personal firewall can do

 Stop hackers from accessing your computer
 Protects your personal information
 Allow virtual private networks
 locks “pop up” ads and certain cookies
 Determines which programs can access the
Internet


Firewalls DON’T

 Protect against attacks that bypass the
firewall
 Dial-out from internal host to an ISP
 Protect against internal threats
 disgruntled employee
 Insider cooperates with and external attacker
 Protect against the transfer of virus-infected
programs or files


Type is Firewalls ..

Firewalls fall into four broad categories .

 Packet filters
 Application level
 Circuit level
 Stateful inspection firewalls


Packet filtering firewall


Packet Filtering Routers
• Forward or discard IP packet according a
set of rules
• Filtering rules are based on fields in the IP
and transport header


Packet-filter firewall


Application level gateway
 Proxy server
Firewall

Application Proxies

Application Application

Transport Transport
Internal
Network Network Network

Data Link Data Link
Internet
Physical Physical
Router


Continue …
 Act as relay of application-level traffic.The
user contacts the gateway using TCP/IP
application,such as FTP ,and the gateway
asks the user for the name of a remote host
to be accessed.When the user responds and
provides a valid user ID and authentication
info. the gateway contacts the application on
the remote host and relays TCP segments
containing the application data between the
two points.


Proxy firewall


Circuit level gateway(Firewall)

 Circuit level gateways work at the session layer of
the OSI model.They monitor TCP handshaking
between packets to determine whether a requested
session is legitimate. Information passed to a
remote computer through a circuit level gateway
appears to have originated from the gateway. This is
useful for hiding information about protected
networks. Circuit level gateways are relatively
inexpensive and have the advantage of hiding
information about the private network they protect.
On the other hand, they do not filter individual
packets.


Circuit level gateway


Continue ..
Whether a connection is valid may for examples be based upon:
 destination IP address and/or port
 source IP address and/or port
 time of day
 protocol
 user
 password

Every session of data exchange is validated and monitored and all
traffic is disallowed unless a session is open.


Stateful inspection firewalls

Firewall/Router
Application - State Table

Transport - Access Rules

Network - Access Rules

Inspection Module
Internal
Network
Network Network
Data Link Router Data Link
Internet
Physical Physical


How to trust firewalls?

Firewalls can be trusted if they provide the
following services
1)Authentication
2)access control
3)data confidentiality
4)data integrity
5)non repudiation


uses of firewalls

 Virtual private network

 Demiltarised zone
 A DMZ can be viewed as a layer of privacy between the corporate
infrastructure and the Internet, exposing only those systems that
must be known to the public.

 Ip security


VPN


De-militarised zone

Protected private network

Open access
between
private LAN
and DMZ

Allow Internet
SMTP,
From here
to there
WEB only
Server
DMZ
Static filters
Mail between private LAN
Server and DMZ used to
control access
Demilitarised Zone


Ip security

 Firewalls are needed when any organization
relies heavily on the internet.


conclusion
 Firewall must continue to advance

 Firewalls must be developed to scan virus

 $377 million (approx.) lost till date
due to network attacks
.


 For additional information visit
 http://www.pc-
help.org/www.nwinternet.com/pchelp/security
/firewalls.htm


E firewalls

More Related Content

E firewalls