Firewalls
•Download as DOC, PDF•
0 likes•341 views
basic abstract on the topic of firewalls, extremely useful information very good for paper presentations
Report
Share
Related slideshows
More Related Content
What's hot
What's hot (20)
Similar to Firewalls
Similar to Firewalls (20)
More from Shreya Singireddy
Recently uploaded
Recently uploaded (20)
Firewalls
- 1. FIREWALLS Abstract: The topic “firewalls” deals with a software or hardware based equipment with which we can keep the network secure. It has a predetermined rule set which deals with the packets in the network traffic. It is pretty useful in saving the device such as a PC, LAPTOP or even a set of interconnected device from external harmful network mostly the internet. In today’s generation of computers and networks, the harm from virus, worms and Trojans have increased. These Mostly enter into the system through external sources such as The Internet. Firewall is the first basic protection provided to protect from such external harm. Firewalls are divided into various classes based upon their uses and their effectiveness. The variety of firewalls used, their kinds, and the history of firewalls shall be covered in this topic. There various kinds of architectures of firewalls present in both hardware and software are discussed. Their Advantages and Disadvantages are also mentioned. Introduction: A firewall is a software or hardware application that is used to protect the device or a set of devices from any external harmful data packets network which is mostly the internet. It follows a set of predefined rules, set for filtered the data packets in the incoming and outgoing traffic. Many personal computer operating systems such as Windows7, Ubuntu, Linux based OS, etc have software based firewalls. The hardware based firewalls in the routers that pass data between networks. History: The term “firewall” originally referred to a wall intended to
- 2. confine a fire or a potential fire within a building. Firewall technology emerged in the 1980’s when the internet was a fairly new technology in terms of global use and connectivity. The predecessors to firewalls for network security were the routers used in late 1980’s. Generation of firewalls: There are three generations of firewalls:- First Generation: packet filters The first paper published on firewall technology was in 1988 when the engineers from Digital Equipment Cooperation (DEC) developed filter systems known as packet filter firewalls. Packet filter act by inspecting the “packets” which transfer between computers to the internet .If the packet matches the packet filters set of rules, the packet filter will drop the packet by silently discarding them or reject it by giving error responses to the source. This type of packet filtering pays no attention to whether a packet is part of an existing traffic stream. Instead, it filters each packet based only on information contained in the packet itself (such as source & destination address, port no.) etc. Second Generation- Stateful filters: From 1989-1990 three colleagues from AT&T Bell Laboratories, Dave Presetto, Janardhan Sharma and Kshitij Nigam, developed the second generation of firewalls, calling them circuit level firewalls. Second generation firewalls perform the work of the first generation firewalls but in layer 4(Transport layer) of the OSI model. This is achieved by retaining packets until enough information is available to make a judgment of its state. Known as stateful packet inspection, it records all connections passing through it and determines whether a packet is the start of a new connection, a part of an
- 3. existing connection, or not part of any connection. Though static rules are still used, these rules can now contain connection state as one of their test criteria. Certain denial-of-service attacks bombard the firewall with thousands of fake connection packets in an attempt to overwhelm it by filling its connection state memory. Third Generation- Application layer: Marcus Raman, Wei Xin and Peter Churchyard developed an application Firewall known as Toolkit. Wei Xin extended the FTWK with the kernel enhancement of IP filter and socket transparent. This is known as the first transparent Application firewall, released as a commercial product of Gaunlet firewall at TIS. The key benefit of application layer filtering is that it can understand certain applications and protocols (such as FTP, DNS and HTTP) This is useful as it is able to detect if an unwanted protocol is attempting to bypass the firewall on an allowed port or detect if a protocol is being abused in any harmful way. As of 2012, the so called NGFW is nothing more than the “widen” or “deepen” inspection at application- stack. Types:- NETWORK LAYER: Network Layer firewalls, also called packet filters; operate at a relatively low-level of TCP/IP protocol stack, not allowing packets to pass through the firewall unless match established rule set. Network firewalls are of two types:- (1)Stateful (2)Stateless (1)Stateful:- Stateful firewalls maintain context about active sessions and use that “state information” to speed packet processing. Any existing network connection can be
- 4. described by several properties, including source and destination IP address, UDP or TCP ports, and the current stage of the connections lifetime. (2)Stateless:- Stateless firewalls require less memory and can be faster for simple filters that require less time to filter than to look up a session. They may also be necessary for filtering stateless network protocols that have no concept of a session. They can’t make more complex decisions based on what stage communications between hosts have reached. APPLICATION LAYER: Application layer firewalls work on the application layer of the TCP/IP stack and may intercept all packets traveling to or from on application. They block other packets. Application firewalls function by determining whether a process should accept any given connection. Application firewalls accomplish their function by hooking into socket calls to filter the connection between the application layer and lower layers of OSI model. PROXIES: A proxy server, running either on dedicated hardware or software or a general-purpose machine, may act as a firewall by responding to input packets in the manner of an application, while blocking other packets. Proxies make tampering with an internal system from the external network, more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall. Firewall Architectures:- There five kinds of different basic firewalls:
- 5. (1)Screening Routers:-The simplest way to implement a firewall is by placing packet filters on the router itself. This kind of architecture is completely transparent to all parties involved, but screening routers leaves a chance for “leak” out of the network. They violate the “the choke point principle” of firewalls. (2)Screened Host Gateways:- Here hosts and routers can be used together in firewall architecture. It is one of the most common combinations in use today. All packet filtering and access control is performed at the router. The router permits only that traffic that the policy explicitly identifies. (3)Dual Homed Gateways:- Dual Homed Gateways places a single machine with two networks. Here, all users must log in to the machine before proceeding on to the other network, or as a host for proxy servers, in which user accounts are not required. (4)Screened Subnet:- The screened subnet approach takes the idea of a screened host gateway one step further. The screening router is still present as the first point of entry into the corporate network, and screens incoming traffic between the Internet and the public hosts. The functions of that gateway are spread among multiple hosts. For e.g., one of the hosts could be a Web server, another could serve as the anonymous FTP server, and yet a third as the proxy server host, from which all connections to and from the internal corporate are made. (5)Belt and Suspenders approach:- It takes the approach of the screened subnet and extends still another step further. Here an external screening router protects "public" machines from the Internet. The functions of gateway are split: the proxy server host now resides on the DMZ subnet, while an internal screening router serves to protect the internal network from the public machines. This
- 6. architecture is often called the "belt-and-suspenders" architecture. Advantages and Disadvantages: Advantages: • Protect the computer from “bad” network and give a steady interface for network. • Protect the system from external attack of worms and viruses. • Help in recognition of threats and disturbances easily. Disadvantages: • Cannot protect from internal attacks, such as a malicious code being executed. • Unaffected on organizations with greater insider threat such as Banks and Military. • Protection is supposed to be present in every layer and assess the threats too. Firewall does not give protection in every layer. • Cannot protect against transfer of all virus infected programs or files because of huge range of operating system and file types. Conclusion:- Firewalls in today’s generation of networks and computer are necessary. Every computer and Router is provided with the software or hardware form of firewalls for protection. Firewalls are of various types and each type is implemented based upon the security required for network or computer. Firewalls have several advantages and disadvantages, we need to counter the disadvantages of firewalls and better them for higher protection of our systems and servers.
- 7. References:- (1)Firewalls (computing), Wikipedia. (2)Firewalls And Internet Security second edition, William.R.Cheswick, Steven.M.Bellovin, Aviel.D.Rublin; Eastman publications. (3)Firewall Architecture, Indonesian Virtual Company (InVircom).