Scribd Logo
Upload

Welcome to Scribd!

  • Internet: Firewall

    Uploaded by

    IgnatiusDanneil
    12 views15 pages
    Nota

    Original Title

    Firewall

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Nota

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views15 pages

    Internet: Firewall

    Uploaded by

    IgnatiusDanneil
    Nota

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 15

    INTERNET

    FIREWALL

    Protector of personal info

    INTRODUCTION
    Internet is the bucket of
    information.
    It contain information about all
    level of information e.g.
    home,business,education ,etc.
    So it is necessary to access
    internet for valuable information.
    By connecting a private network
    the intruders interfere in your own
    systems
    firewalls provide this security. The
    Internet
    firewalls keep the flames of
    Internet hell out of your network or,
    to keep the members of your LAN
    pure by denying them access the
    all the evil Internet temptations.

    DEFINATION

    Firewall is the application that running between private


    network and internet
    2 types of fire wall
    1.Hardware firewall
    2.Software firewall
    The first computer firewall was a nonrouting Unix host with
    connections to two different networks
    To keepspeople(worm.cracker)out.
    To people (employees/children)in.

    NEED OF FIREWALL
    What happens if we do
    not use use firewall?
    subnet's systems expose
    themselves to inherently insecure
    services such as NFS or NIS and
    to probes and attacks from hosts
    elsewhere on the network.
    network security relies totally on
    host security and all hosts must,
    in a sense, cooperate to achieve
    a uniformly high level of security.
    The larger the subnet, the less
    manageable it is to maintain all
    hosts at the same level of
    security.

    FIREWALL APPROACH
    it provides numerous
    advantages to sites by helping
    to increas overall host security
    1. Protection from Vulnerable
    Services
    2. Controlled Access to Site
    Systems
    3. Concentrated Security
    4. Enhanced Privacy
    5. Logging and Statistics on
    Network Use, Misuse
    6. Policy Enforcement

    PROTECTION FROM VULNERABLE SERVICES

    improve network security and


    reduce risks to hosts on the
    subnet
    prohibit certain vulnerable
    services such as NFS from
    entering or leaving aprotected
    subnet
    permits the use of these services
    with greatly reduced risk to
    exploitation
    protection from routing-based
    attacks
    reject all source-routed
    packets and ICMP redirects and
    then inform administrators of the
    incidents

    CONTROLLED ACCESS TO SITE SYSTEMS

    Ability to control
    access to site systems.
    Do not provide access
    to hosts or services
    that do not require
    access
    A user requires little or
    no network access to
    her desktop
    workstation, then a
    firewall can enforce
    this policy

    CONCENTRATED SECURITY
    most modified additional
    security software could be
    located on the firewall
    systems as opposed to
    being distributed on many
    hosts.
    opposed to each system
    that needed to be accessed
    from the Internet.
    Kerberos [NIST94c] involve
    modifications at each host
    system.
    simpler to implement to
    run specialized software.

    ENHANCED PRIVACY
    Normally be considered
    innocuous information that
    would be useful to an
    attacker.
    Some sites wish to block
    services such as finger and
    Domain Name Service.
    Firewall used to block DNS
    information about site
    systems.
    The names and IP
    addresses systems would
    not be available to Internet
    hosts.

    LOGGING AND STATISTICS ON NETWORK USE, MISUSE

    firewall can log accesses and


    provide valuable statistics
    about network usage
    with appropriate alarms that
    sound when firewall and
    network are being probed or
    attacked
    primary importance:
    1. whether the firewall is
    withstanding probes
    attacks.
    2. controls on the firewall are
    adequate.
    3. Network usage statistics

    POLICY ENFORCEMENT
    A firewall provides the
    means for implementing
    and enforcing a network
    access policy.
    A network access policy
    can be enforced by a
    firewall,
    Depends entirely on the
    cooperation of users.
    It cannot nor should not
    depend on Internet
    users in general.

    TYPES OF FIREWALLS
    1.packet filtering
    firewalls
    2.circuitlevel gateways
    3.application gateways
    4.stateful multilayer
    inspection firewall

    PACKET FILTERING
    FIREWALLS
    Work at the network
    layer of OSI model, or
    IP layer of TCP/IP
    Usually part of a router
    Each packet is
    compared to a set of
    criteria before it is
    forwarded.
    These firewalls often
    contain an ACL (Access
    Control List)

    ADVANTAGE
    Cost effective to simply
    configure routers
    Network layer firewalls
    tend to be fast and tend to
    be transparent to users.
    Virtually all high-speed
    Internet connections
    require a router.
    Capability to perform basic
    Packet Filtering at the
    Router level without
    purchasing additional
    hardware or software.

    DISADVANTAGE
    They dont provide for
    password controls.
    Users cant identify
    themselves.
    The person who configures
    the firewall protocol for the
    router needs a thorough
    knowledge of IP packet
    structure.
    There is no user
    authentication.
    Remains vulnerable to
    attacks such as spoofing
    source address.

    You might also like