Scribd Logo
Upload

Welcome to Scribd!

  • Lap Trinh Vuot Firewall Fix 9187

    Uploaded by

    Nguyen Huy
    93 views20 pages

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    93 views20 pages

    Lap Trinh Vuot Firewall Fix 9187

    Uploaded by

    Nguyen Huy

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    BOCONHM19

    LPTRNHVTFIREWALL
    GioVinHngDn:PhmVnHng
    NhmSinhVin:TrngVnTrng
    NguynXunPhao
    PhmVnTrng

    LPAT4CHCVINKTHUTMTM

    NiDungBoCo

    ChngI:TngQuan
    ChngII:CcPhngPhpLpTrnhVtfirewall
    ChngIII:ThcNghimCcPhngPhpVtFirewall
    ChngIV:DEMO

    GiiThiu

    Xydngnntngvcngnghthngtin,cngnhphttrinccngdngmy

    tnhtrongsnxut,kinhdoanh,khoahc,giodc,xhi.
    Sdngccbctngla(Firewall)bovmngnib(Intranet),trnhstn
    cng.
    Lp Trnh Vt Firewall

    Phn I: Tng Quan

    Firewall
    Firewalllhthngngnchnvictruynhptriphptbnngoivomngcng
    nhnhngktnikhnghpltbntrongra.Firewallthchinviclcbnhng
    achkhnghpldatheoccquytchaychtiunh
    trc.

    Chcnngchnh

    ChcnngchnhcaFirewalllkimsotlungthngtintgiaIntranetvInternet.
    Thitlpcchiukhindngthngtingiamngbntrong(Intranet)vmng
    Internet.Cthl:
    Chophphoccmnhngdchvtruynhprangoi(tIntranetraInternet)
    Chophphoccmnhngdchvphptruynhpvotrong(tInternetvo
    Intranet).
    Kimsotachtruynhp,cmachtruynhp.
    Kimsotngisdngvvictruynhpcangisdng.Kimsotni
    dungthngtinluchuyntrnmng.

    LpTrnhVtFirewallPhnI:TngQuan

    Nguynl

    Firewallkimtratonbondliuquytnhxemondliuctho
    mnmttrongscclutlcalcpackethaykhng.Cclutllcpacketnyl
    datrnccthngtinumipacket(packetheader),dngchophptruyn
    ccpackettrnmng:
    achIPnixutpht(IPSourceaddress)
    achIPninhn(IPDestinationaddress)
    Nhngthtctruyntin(TCP,UDP,ICMP,IPtunnel)
    CngTCP/UDPnixutpht(TCP/UDPsourceport)
    CngTCP/UDPninhn(TCP/UDPdestinationport)
    DngthngboICMP(ICMPmessagetype)
    Giaodinpacketn(incomminginterfaceofpacket)
    Giaodinpacketi(outcomminginterfaceofpacket)
    VickimsotcccnglmchoFirewallchchophpmtsloiktnivocc
    loi mych hoc nhng dch v no (Telnet, SMTP, FTP...) c php chy
    ctrnhthng.

    LpTrnhVtFirewallPhnI:TngQuan

    Ccdngfirewall
    Firewallcng

    Lnhngfirewallctchhptrncacthitbi

    hotngtngthp(Tng
    NetworkvtngTransport).Firewallcngkhngthkimtracntdungcagi
    tin.
    VdFirewallcng:NAT(NetworkAddressTranslate).

    LpTrnhVtFirewallPhnI:TngQuan

    Ccdngfirewall
    Firewallmm

    Phnmmcchcnngfirewallcitrnmytnh,cngcthconfigc.
    Firewallmm
    cthlyusertrongdomaincontrollercmhaychophpuser(v
    dISA).

    CacFirewallapplicationcunglamdangFirewallmm.

    LpTrnhVtFirewallPhnI:TngQuan

    MtsmhnhFirewall
    PacketFilteringRouter

    Internetfirewallphbinnhtchbaogmmtpacketfilteringroutertgiamng
    nibvInternet.Mtpacketfilteringrouterchaichcnng:chuyntiptruyn
    thng gia hai mng v s dng cc quy lut v lc gi cho php hay t chi
    truynthng.

    Nhcim:

    Dbtncngvoccblcmcuhnhkhnghonho,hoclbtncng
    ngmdinhngdchvcphp
    Numtpacketfilteringrouterdomtscnongnghotng,ttch
    thngtrnmngnibcthbtncng.

    LpTrnhVtFirewallPhnI:TngQuan

    MhnhSingleHomedBastionHost

    Hthngnybaogmmtpacketfilteringroutervmtbastionhost.Nhnguser
    nibcthchinbngcchtcuhnhblccaroutersaochochchp
    nhnnhngtruynthngnibxutphttbastionhost.

    LpTrnhVtFirewallPhnI:TngQuan

    MhnhDualHomedBastionHost

    Hthngbaogmhaipacketfilteringroutervmtbastionhost.Hcanton
    caonhtvncungcpcmcbomtnetworkvapplication.Hthngchcho
    phpbnngoitruynhpvobastionhost.Routertrongcungcpsbovbng
    cchiukhinDMZtruynhpmngnibbtutbastionhost.Nhngthng
    tini,routertrongiukhinmngnibtruynhptiDMZchophpbntrong
    truynhpbastionhost.

    LpTrnhVtFirewallPhnI:TngQuan

    ProxyServer

    Lmtinternetserverlmnhimvchuyntipthngtinvkimsottosanton
    chovictruycpInternet.
    Bchngtrnhproxycthitkchomtscuhnhfirewall,theoccdngc
    bn:dualhomegateway,screenedhostgateway,vscreenedsubnetgateway.
    ThnhphnBastionhosttrongFirewall,ngvaitrnhmtngichuyntipthng
    tin,ghinhtktruynthng,vcungcpccdchv,ihiantoncao.

    LpTrnhVtFirewallPhnI:TngQuan

    CCPHNGPHPLPTRNHVT
    FIREWALL

    Vtfirewalllvtquastruycncaccchngtrnhbomt(Firewall)
    cthtruycpncchmong.

    LpTrnhVtFirewallPhnII:PhngPhpLpTrnhVtFirewall

    PhngphpHTTPProxy

    Lphngphpmserversdngmtcngnotrungchuynccyu
    cu,ccservernythngcgilwebproxyserverhayhttpproxyserver.
    Khiccyucucaclientbtchibingiquntrngisdngsdng
    ccproxyserverchuyntipccyucumtrong,
    proxyserverlmtachcchophpktnin.

    LpTrnhVtFirewallPhnII:PhngPhpLpTrnhVtFirewall

    PhngphpHTTPTunneling

    Lmtkthutnggidliucaccgiaothckhc

    (TCP/IP)trongmtgitinHTTPcthvtquatnglactrinkhaidi
    hnhthcclientserver.

    LpTrnhVtFirewallPhnII:PhngPhpLpTrnhVtFirewall

    Webbaseproxy

    WebbasedAnonymousProxyl1dngkhccaWebProxyServer,nhngc
    xydngdidng1trangweb(tmgilWebbasedProxyWBP).

    Khicccclientyucu,WBPslyccthngtin(Resource)twebserver
    ch,sauxydnglithnh1trangwebhonchnhriytonbnidung
    trangwebhonchnhnyvchotrnhduytcaClient.

    TrnhduytphaClientsnhnctrangwebmnhyucucnhkmtheo
    phntiucaWBP.

    LpTrnhVtFirewallPhnII:PhngPhpLpTrnhVtFirewall

    Sdngphnmmvttngla

    Dungcacphnmmtrnmaykhachtruycpvaomayichkhngbisngncancua

    Firewall.

    Vidu:

    UltraSurf
    ProxySwitcherPro
    ProxifierStandardEdition

    LpTrnhVtFirewallPhnIII:ThcNghimPhngPhpVtFirewall

    Nhngktqutc

    Tmhiuvtrinkhaithnhcng2phngphp:HTTPProxyServervWeb
    basedProxy.

    Tmhiusuthmvccphngphplptrnhngdngmngdatrnbth
    vinWinsockcaWindows.

    TmhiucphngphpxydngvtrinkhaiServicengdngtrn
    Windows

    TmhiucchxydngvtrinkhaingdngPluginchotrnhduytInternet
    Explorer.

    chiuccchxydngvphttrinngdngdatrnmitrngCOM
    (ComponentObjectModel).

    LpTrnhVtFirewallPhnIV:TngKt

    Hngphttrin

    Nghincutipphngphphttptunneling.

    Trinkhaingdngminhhachophngphphttptunneling.

    HonthinhnnaPluginvServicethiuqutiu.

    TrinkhaithnhcngmodulechngvtFirewallbngphngphpHTTP
    Tunneling.

    Trinkhaitithnhsnphmhonchnhpdngvothctin.

    LpTrnhVtFirewallPhnIV:TngKt

    Demo

    DemoPhngphapHTTPProxy

    LpTrnhVtFirewallPhnV:DEMO

    LiCmn

    ChngemxincmnnhtrngnichungvKhoaCNTTniringemli
    chochngemngunkinthcvcngqugichngemckinthc
    honthnhticngnhlmhnhtrangbcvoi.

    ChngemxincmnccthycthucbmnMMT,cbitlthyPhm
    VnHnggiovinhngdncachngemtntnhhngdnvgip
    chngemmikhichngemckhkhntrongqutrnhhctpcngnh
    trongqutrnhlmboco.

    Xincmnttcccbnbthnyungvin,gipchngemtrong
    sutqutrnhhctpcngnhlmti.

    You might also like