firewalls marin stamov. introduction technological barrier designed to prevent unauthorized or...
TRANSCRIPT
![Page 1: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/1.jpg)
Firewalls Firewalls
Marin Stamov
![Page 2: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/2.jpg)
IntroductionIntroductionTechnological barrier designed to
prevent unauthorized or unwanted communications between computer networks or hosts
Invented in the early 1990sFirst line of defenseProtect against hackers and worms
![Page 3: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/3.jpg)
Firewall typesFirewall typesPacket filter (stateless)Packet filter (stateful)Hardware firewallNAT firewallProxy firewallTransparent firewallPersonal firewall
![Page 4: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/4.jpg)
Packet filtersPacket filters
![Page 5: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/5.jpg)
Packet filter (stateful)Packet filter (stateful)When a packet reaches the
firewall, it is run against a set of rules.
The rules determine an action to take for the packet
Accept – Let the traffic pass throughReject – Block the packet and return an ICMP
“Communication administratively prohibited”Drop – Block the packet Packets with the SYN bit set are considered by
the firewall as new connections
![Page 6: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/6.jpg)
Firewall rulesFirewall rules
![Page 7: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/7.jpg)
Hardware firewallHardware firewallCiscoPIX
![Page 8: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/8.jpg)
NAT firewall, NAT firewall, AKA "Masquerading"AKA "Masquerading"NAT stands for Network Address
TranslationOriginally developed to address the
limited number of IPv4 routable addresses
Hides the true address of protected hosts
Requires no special configuration on the client side. Clients just have to know their default gateway.
![Page 9: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/9.jpg)
NATNAT
![Page 10: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/10.jpg)
Proxy firewallProxy firewallRuns software that allows
specific programs to functionCan provide anonymityAllowing only specific protocols
that you wish to supportAware of the data format it
handles, and can look for many things inside the data.
![Page 11: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/11.jpg)
Proxy firewallProxy firewallSquid - a proxy server and web
cache daemon.
![Page 12: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/12.jpg)
Transparent firewallTransparent firewall
![Page 13: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/13.jpg)
Personal firewallPersonal firewallProtect only the computer on
which it is installed.May prompt the user each time a
connection is attempted and adapt security policy accordingly.
May provide some level of intrusion detection
![Page 14: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/14.jpg)
FirewallsFirewalls
![Page 15: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/15.jpg)
ConclusionConclusionEach type of firewall does
different things, and can be more or less useful depending on the current scenario
Open only ports that you need
Always test your firewall from the outside
![Page 16: Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts](https://reader030.vdocument.in/reader030/viewer/2022032600/56649db65503460f94aa81a8/html5/thumbnails/16.jpg)
Questions?Questions?