The function of a strong position is to make the forces attacking that position practically impenetrable. art of War by

vikram rajappa

Firewalls denies or permits access based on rules and policies
Protected Private Network



o A dedicated computer that interfaces with internet and has special security precautions build into it in order to protect sensitive files on the computer within the network.

firewall characterstics
• All traffic must pass through the firewall. • Authenticated traffic is allowed • Firewall itself is immune to penentration.

Capabilities of firewalls
• Single choke point is defined • Intrusion detections and alarms are used • Nat

Type is Firewalls
Firewalls fall into four broad categories • Packet filters • Circuit level • Application level • Stateful inspection firewall.

Packet filtering firewall

Application level gateway
Application Proxies Application Transport Internal Network Network Data Link Physical Application Transport Network Data Link Physical


Circuit level gateway

Stateful inspection firewalls
Application - State Table Transport - Access Rules

Network - Access Rules Internal Network Inspection Module Network Data Link Physical

Network Data Link Physical


Firewall debate:hardware vs software
• Hardware firewall is a typical broadband router using a technique called packet filtering. • software firewalls are applications based.,

Types of attacks
• • • • Ip address spoofing Source routing attacks Tiny fragment attacks Trojan horse attacks

Ip address spoofing

Sou r ce:1 0. 1.0. 2



Trusted host

Routing attacks
There are two ways of exploiting routing: • Using IP address spoofing and the “loose source routing: IP option, the cracker sets up a connection to the target system, giving a route for the answer packets that leads via the cracker’s own system. • Using RIP, the low-level protocol by which routers exchange information, and IP spoofing, it is possible for a cracker to divert a communication path between two internal node to lead via his own system.

Tiny fragment attacks
• TCP/IP manages packets which are too large to transmit across a network by fragmenting them. These fragments are not reassembled until they are received by the destination computer. Many forms of fragmentation attack have been developed to exploit specific system weaknesses, often causing the system to crash. These attacks may be ICMP or UDP, they may use extremely small fragments or fragments designed to form an impossibly large packet when reassembled. One common fragmentation attack was branded the “Ping of Death”.

Trojan horse attacks
• In the context of computer software, a Tr oja n h orse is a malicious program that is disguised as legitimate software. The term is derived from the classical myth of the Trojan Horse. They may look useful or interesting (or at the very least harmless) to an unsuspecting user, but are actually harmful when executed.

How to trust firewalls?
Firewalls can be trusted if they provide the following services 1)Authentication 2)access control 3)data confidentiality 4)data integrity 5)non repudiation

uses of firewalls
 Virtual private network  Demiltarised zone  Ip security  Wireless security


De-militarised zone
Protected private network

Open access between private LAN and DMZ
Allow SMTP, From here to there only


WEB Server


Mail Server Demilitarised Zone

Static filters between private LAN and DMZ used to control access

Ip security
• Firewalls are needed when any organization relies heavily on the internet.

 Firewall must continue to advance  Firewalls must be developed to scan virus  $377 million dollors lost till date due to network attacks  can firewall keep in pace with “Black hat hackers” .


????? ??…. .


Sign up to vote on this title
UsefulNot useful