Professional Documents
Culture Documents
basics
25 ottobre 2018 1
Summary
Firewalls
Intrusion detection system
Intrusion prevention system
Firewalls
► Packet filters
• Stateless (i.e. routers' ACLs)
• Stateful
► Proxy gateways
• 2 different connections, one for each side of the
firewall (packets are not forwarded directly)
• i.e. web proxies
► NAT
• Changes IPs/ports/etc. of packets traversing it
Firewalls
Personal firewall
Windows Firewall
►a software component of Microsoft
Windows that provides firewalling and
packet filtering functions
► first included in Windows XP and Windows
Server 2003
Firewalls
Windows firewall
► Windows XP
• Enabled by default
• Built-in exceptions to allow connections from
machines on the local network
• Cannot block outbound connections; it is only
capable of blocking inbound ones
Firewalls
Windows firewall
► Windows Vista
• Outbound packet filtering, reflecting increasing
concerns about spyware and viruses that
attempt to "phone home"
• With the advanced packet filter, rules can also
be specified for source and destination IP
addresses and port range
► Windows Seven
• Multiple firewall policies
Intrusion detection system
Kinds of IDS:
► Hostbased
► Network based
► Network node based