Professional Documents
Culture Documents
Security
by
SHEHZAD LATIF
Assistant Professor,
Hajvery University – Lahore
Email: Shehzadch49@yahoo.Com
Outline
• Introduction
• Firewall Environments
• Type of Firewalls
• Future of Firewalls
• Conclusion
What is a firewall?
A firewall is a device (or software feature) designed to control the flow of
3
What is an attack?
Attack covers many things:
information.
4
Network Firewall
• Router/Bridge based Firewall
network. Cisco has firewall feature sets in their IOS operating system.
are some of the most flexible. Many free products are available including IPFilter (the
first package we tried), PF (the current package we are using found on OpenBSD 3.0
and later) and IPTables (found on Linux). Commercial products include: Checkpoint
5
Firewall-1. Apple OSX includes IPFW (included in an operating system you gotta
purchase).
Why use a firewall?
many attacks.
6
Great first line of defense.
• Having a firewall is a necessary evil. It’s like living in a gated community.
The gate may stop 99% of unwanted visitors. The locks on your doors stop
• Don’t let the firewall give you a false sense of security. Harden your
7
How does a firewall work?
Blocks packets based on:
Source IP Address or range of addresses.
Source IP Port
Destination IP Address or range of addresses.
Destination IP Port
Some allow higher layers up the OSI model.
Other protocols (How would you filter DecNET anyway?).
Common ports
80 HTTP
443 HTTPS
20 & 21 FTP (didn’t know 20 was for FTP, did you?)
23 Telnet
22 SSH
25 SMTP
8
Where does a firewall fit in the
security model?
The firewall is the first layer of defense in any security model. It
should not be the only layer. A firewall can stop many attacks
from reaching target machines. If an attack can’t reach its target,
the attack is defeated.
9
Ruleset design
Two main approaches to designing a rule set are:
10
Rule set design – Block Everything
The block everything method covers all bases but creates more work in
figuring out how to make some applications work then opening holes.
11
Ruleset design – Block
Nothing
Blocking nothing provides minimal security by only closing holes you
our users.
Blocking nothing means you must spend time figuring out what you
12
What is IDS?
border device.
13
An IDS sounds good. Is it?
An IDS can identify port scans, different web attacks, known buffer
overflow attacks, etc. An IDS can also produce many false positive hits.
several AOL Ad servers within a few seconds. An IDS can create more
with. 14
Firewall Usage
• Firewalls control the flow of network traffic
internet connectivity
can be implemented.
• First firewall provide access control and protection from server if they are
hacked
DMZ ENV
VPN
• VPN is used to provide secure network links across networks
protocols
• Packet filters
• Circuit level
• Application level
• Stateful multilayer
Packet Filter
• Work at the network level of the OSI model
performance
Packet Filtering
Circuit level
• Circuit level gateways work at the session layer of the OSI model, or
• Gateway that is configured to be a web proxy will not allow any ftp,
application layer
Stateful Multilayer
General Performance
Future of Firewalls
• Firewalls will continue to advance as the attacks on IT infrastructure
• More and more client and server applications are coming with
• Firewalls that scan for viruses as they enter the network and several
firms are currently exploring this idea, but it is not yet in wide use
Conclusion