2. Contents :
Introduction.
What is an attack
Hardware Firewalls
Software Firewalls
Firewall rules
Types of Firewall techniques
What a personal firewall can do
What a personal firewall cannot do
Conclusion
3. Introduction
A firewall is a device (or software feature) designed to
control the flow of traffic into and out-of a network.
It is used to prevent unauthorized programs or Internet
users from accessing a private network
4. It monitors and controls the incoming and outgoing
network traffic based on predetermined security
rules.
In general, firewalls are installed to prevent
attacks.
5. What is an Attack?
Attack covers many things:
1. Someone probing a network for computers.
2. Someone attempting to crash services on a
computer.
3. Someone attempting to crash a computer.
4. Someone attempting to gain access to a computer
to use resources or information.
6. Hardware Vs Software Firewalls
Hardware firewalls
o Implemented on router level.
o Protect an entire network.
o Usually more expensive, harder to implement.
Software firewalls
o Protects a single computer.
o Usually less expensive, easier to implement.
7. Hardware Firewalls
Hardware firewalls are used more in companies and large
corporations.
These devices are usually placed between the router and
the Internet connection.
A hardware firewall uses packet filtering to examine the
header of a packet to determine its source and destination.
This information is compared to a set of predefined or
user-created rules that determine whether the packet is to
be forwarded or dropped.
8. Software Firewalls
For individual home users, the most popular firewall choice
is a software firewall. Software firewalls are installed on
your computer (like any software).
We can customize it; allowing us some control over its
function and protection features.
It protect our computer from outside attempts to control or
gain access our computer.
It also provide protection against the most common Trojan
programs or e-mail worms.
9. Inspects each individual “packet” of data as it arrives
either side of firewall.
Determines if it should me pass through or blocked.
11. Packet filtering firewall
A packet filtering firewall applies a set of rules to each
incoming and outgoing IP packet and then forwards or
discards the packet.
Filtering rules are based on information contained in
network packet.
Sources IP address
Destination IP address
Sources and destination transport level address
IP protocol field
Interface
12. Packet filtering firewall
Two default policies are there to take default action to
determine whether to forward or discard the packet.
Some possible attacks on firewall :
Default = discard
Default = forward
IP address spoofing
Source routing attacks
Tiny fragment attacks
13. Packet filtering firewall
Advantage :
Disadvantage :
Cost
Low resource usage
Best suited for smaller network
Can work only on the network layer
Do not support complex rule based support
Vulnerable to spoofing
14. Application Proxy Firewall
An application – level gateway, also called an application
proxy , acts as a rely of application – level traffic.
It don’t allow any packets to directly pass between an
application and the user.
User requests service from proxy.
Proxy validates requests as legal.
Then actions requests and returns result to user.
Can log / audit traffic at application level.
15. Application Proxy Firewall
Advantages :
Disadvantages :
More secure than packet filter firewalls.
Easy to log and audit incoming traffic.
Additional processing overhead on each connections.
16. Stateful Inspection firewall
A stateful inspection packet firewall tightens up the rules
for TCP traffic by creating a directory of outbound TCP
connections.
There is an entry for each currently established
connections.
The packet filter now allow incoming traffic to high –
numbered ports only for those packets that fit the profile
of one of the entries in this directory.
A stateful packet inspection firewall reviews the same
packet information as a packet filtering firewall , but also
records information about TCP connections.
17. Stateful Inspection firewall
It records session information such as IP addresses and
port numbers, which implement a much tighter security
posture than a static packet filter firewall.
It examines both incoming and outgoing packets
18. Circuit – level gateway Firewall
This can be a stand – alone system or it can be a specialized
functions performed by an application – level gateway for certain
applications.
It does not permit an end – to – end TCP connection; rather , the
gateways sets two TCP connections.
A typical use of the circuit – level gateways is a situation in which
the system administrator trusts the internal users.
The gateways can be configured to support application – level or
proxy service on inbound connections and circuit- level functions
for outbound connections.
19. Circuit – level gateway Firewall
Advantage :
Disadvantage:
Comparatively inexpensive and provide Anonymity to the
private network.
Do not filter individual Packets.
20. What a personal Firewall can do
Stop hackers from accessing your computer.
Protect your personal information.
Blocks “pop up” ads and certain cookies.
Determine which program can access the internet.
Blocks invalid packets.
21. What a personal Firewall can not do
Cannot prevent e-mail viruses.
only an antivirus product with update
definitions can prevent e-mail viruses.
After seeing it initially, you cannot forget about it.
The firewall will require periodic updates
to the set rules and the software itself.
22. Conclusion
It is clear that some form of security for private networks
connected to the internet is essential.
A firewall is an important and necessary part of that
security , but cannot be expected to perform all the
required security functions