firewalls
play

Firewalls What is a firewall? A machine to protect a network from - PowerPoint PPT Presentation

Jan 23, 2024 •302 likes •602 views

Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits between a LAN/WAN and the Internet Running special software to regulate network traffic Lecture 9 Page 1

  1. Firewalls • What is a firewall? • A machine to protect a network from malicious external attacks • Typically a machine that sits between a LAN/WAN and the Internet • Running special software to regulate network traffic Lecture 9 Page 1 CS 236 Online

  2. Typical Use of a Firewall ??? ??? The Firewall Internet Local Network Lecture 9 Page 2 CS 236 Online

  3. Firewalls and Perimeter Defense • Firewalls implement a form of security called perimeter defense • Protect the inside of something by defending the outside strongly – The firewall machine is often called a bastion host • Control the entry and exit points • If nothing bad can get in, I’m safe, right? Lecture 9 Page 3 CS 236 Online

  4. Weaknesses of Perimeter Defense Models • Breaching the perimeter compromises all security • Windows passwords are a form of perimeter defense – If you get past the password, you can do anything • Perimeter defense is part of the solution, not the entire solution Lecture 9 Page 4 CS 236 Online

  5. Weaknesses of Perimeter Defense Lecture 9 Page 5 CS 236 Online

  6. Defense in Depth • An old principle in warfare • Don’t rely on a single defensive mechanism or defense at a single point • Combine different defenses • Defeating one defense doesn’t defeat your entire plan Lecture 9 Page 6 CS 236 Online

  7. So What Should Happen? Lecture 9 Page 7 CS 236 Online

  8. Or, Better Lecture 9 Page 8 CS 236 Online

  9. Or, Even Better Lecture 9 Page 9 CS 236 Online

  10. So Are Firewalls Any Use? • Definitely! • They aren’t the full solution, but they are absolutely part of it • Anyone who cares about security needs to run a decent firewall • They just have to do other stuff, too Lecture 9 Page 10 CS 236 Online

  11. The Brass Tacks of Firewalls • What do they really do? • Examine each incoming packet • Decide to let the packet through or drop it – Criteria could be simple or complex • Perhaps log the decision • Maybe send rejected packets elsewhere • Pretty much all there is to it Lecture 9 Page 11 CS 236 Online

  12. Types of Firewalls • Filtering gateways – AKA screening routers • Application level gateways – AKA proxy gateways • Reverse firewalls Lecture 9 Page 12 CS 236 Online

  13. Filtering Gateways • Based on packet header information – Primarily, IP addresses, port numbers, and protocol numbers • Based on that information, either let the packet through or reject it • Stateless firewalls Lecture 9 Page 13 CS 236 Online

  14. Example Use of Filtering Gateways • Allow particular external machines to telnet into specific internal machines – Denying telnet to other machines • Or allow full access to some external machines • And none to others Lecture 9 Page 14 CS 236 Online

  15. A Fundamental Problem • IP addresses can be spoofed • If your filtering firewall trusts packet headers, it offers little protection • Situation may be improved by IPsec – But hasn’t been yet • Firewalls can perform the ingress/egress filtering discussed earlier Lecture 9 Page 15 CS 236 Online

  16. Filtering Based on Ports • Most incoming traffic is destined for a particular machine and port – Which can be derived from the IP and TCP headers • Only let through packets to select machines at specific ports • Makes it impossible to externally exploit flaws in little-used ports – If you configure the firewall right . . . Lecture 9 Page 16 CS 236 Online

  17. Pros and Cons of Filtering Gateways + Fast + Cheap + Flexible + Transparent – Limited capabilities – Dependent on header authentication – Generally poor logging – May rely on router security Lecture 9 Page 17 CS 236 Online

  18. Application Level Gateways • Also known as proxy gateways • Firewalls that understand the application- level details of network traffic – To some degree • Traffic is accepted or rejected based on the probable results of accepting it • Stateful firewalls Lecture 9 Page 18 CS 236 Online

  19. How Application Level Gateways Work • The firewall serves as a general framework • Various proxies are plugged into the framework • Incoming packets are examined – Handed to the appropriate proxy • Proxy typically accepts or rejects Lecture 9 Page 19 CS 236 Online

  20. Deep Packet Inspection • Another name for typical activity of application level firewalls • Looking into packets beyond their headers – Especially the IP header • “Deep” sometimes also means deeper understanding of what’s going on – Though not always Lecture 9 Page 20 CS 236 Online

  21. Firewall Proxies • Programs capable of understanding particular kinds of traffic – E.g., FTP, HTTP, videoconferencing • Proxies are specialized • A good proxy has deep understanding of the network application • Typically limited by complexity and performance issues Lecture 9 Page 21 CS 236 Online

  22. Pros and Cons of Application Level Gateways + Highly flexible + Good logging + Content-based filtering + Potentially transparent – Slower – More complex and expensive – Highly dependent on proxy quality Lecture 9 Page 22 CS 236 Online

  23. Reverse Firewalls • Normal firewalls keep stuff from the outside from getting inside • Reverse firewalls keep stuff from the insider from getting outside • Often colocated with regular firewalls • Why do we need them? Lecture 9 Page 23 CS 236 Online

  24. Possible Uses of Reverse Firewalls • Concealing details of your network from attackers • Preventing compromised machines from sending things out – E.g., intercepting bot communications or stopping DDoS – Preventing data exfiltration Lecture 9 Page 24 CS 236 Online

  25. Firewall Characteristics • Statefulness • Transparency • Handling authentication • Handling encryption Lecture 9 Page 25 CS 236 Online

  26. Stateful Firewalls • Much network traffic is connection- oriented – E.g., telnet and videoconferencing • Proper handling of that traffic requires the firewall to maintain state • But handling information about connections is more complex Lecture 9 Page 26 CS 236 Online

  27. Firewalls and Transparency • Ideally, the firewall should be invisible – Except when it vetoes access • Users inside should be able to communicate outside without knowing about the firewall • External users should be able to invoke internal services transparently Lecture 9 Page 27 CS 236 Online

  28. Firewalls and Authentication • Many systems want to give special privileges to specific sites or users • Firewalls can only support that to the extent that strong authentication is available – At the granularity required • For general use, may not be possible – In current systems Lecture 9 Page 28 CS 236 Online

  29. Firewalls and Encryption • Firewalls provide no confidentiality • Unless the data is encrypted • But if the data is encrypted, the firewall can’t examine it • So typically the firewall must be able to decrypt – Or only work on unencrypted parts of packets • Can decrypt, analyze, and re-encrypt Lecture 9 Page 29 CS 236 Online

Recommend

Firewalls Summary Brief History of Firewalls What is a Firewall? Why Firewalls?

Firewalls Summary Brief History of Firewalls What is a Firewall? Why Firewalls?

Firewalls Summary Brief History of Firewalls What is a Firewall? Why Firewalls? Network Address Translation Types of Firewalls Linux/Windows Firewalls pfSense Blue Team Activity Brief History Firewall

348 views • 30 slides
Firewalls 1 Outline What are firewalls? Types of Firewalls Building a simple

Firewalls 1 Outline What are firewalls? Types of Firewalls Building a simple

Firewalls 1 Outline What are firewalls? Types of Firewalls Building a simple firewall using Netfilter Iptables firewall in Linux Stateful Firewall Application Firewall Evading Firewalls 2 Firewalls

811 views • 55 slides
FIRE|WALLS Ohad Katz Overview What are Firewalls Why we need them Types of Firewalls

FIRE|WALLS Ohad Katz Overview What are Firewalls Why we need them Types of Firewalls

FIRE|WALLS Ohad Katz Overview What are Firewalls Why we need them Types of Firewalls (Categories) Implementation Best practices What are Firewalls? Internet Firewall Client/Host Network Network Security

585 views • 39 slides
Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential however

Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential however

Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential however it creates a threat Effective means of protecting LANs Inserted between the premises network and the Internet to establish a controlled

699 views • 34 slides
Firewalls Why do people want a firewall? [...] a firewalls purpose is to keep the jerks

Firewalls Why do people want a firewall? [...] a firewalls purpose is to keep the jerks

Firewalls Why do people want a firewall? [...] a firewalls purpose is to keep the jerks out of your network while still letting you get your job done. [Limiting] what kinds of connectivity is allowed between different

538 views • 30 slides
Firewalls Computer Center, CS, NCTU Firewalls Firewall A piece of hardware and/or

Firewalls Computer Center, CS, NCTU Firewalls Firewall A piece of hardware and/or

Firewalls Computer Center, CS, NCTU Firewalls Firewall A piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy. Choke point between secured

613 views • 34 slides
Firewalls jnlin Computer Center, CS, NCTU Firewalls q Firewall hardware/software

Firewalls jnlin Computer Center, CS, NCTU Firewalls q Firewall hardware/software

Firewalls jnlin Computer Center, CS, NCTU Firewalls q Firewall hardware/software choke point between secured and unsecured network filter incoming and outgoing traffic prevent communications which are forbidden by the

1.06k views • 57 slides
Firewalls Firewalls October 16, 2020 Administrative Administrative submittal

Firewalls Firewalls October 16, 2020 Administrative Administrative submittal

Firewalls Firewalls October 16, 2020 Administrative Administrative submittal instructions submittal instructions answer the lab assignments questions in written report form, as a text, pdf, or Word document file (no obscure

585 views • 21 slides
Firewalls Network Security: Firewalls, A system or combination of systems VPNs, and

Firewalls Network Security: Firewalls, A system or combination of systems VPNs, and

Firewalls Network Security: Firewalls, A system or combination of systems VPNs, and Honeypots that enforces a boundary between two CS 239 or more networks - NCSA Firewall Functional Summary Computer Security Usually, a

271 views • 10 slides
Firewalls, IPsec and Linux by Harald Welte <laforge@netfilter.org> Firewalls, IPsec and

Firewalls, IPsec and Linux by Harald Welte <laforge@netfilter.org> Firewalls, IPsec and

Firewalls, IPsec and Linux by Harald Welte <laforge@netfilter.org> Firewalls, IPsec and Linux Contents Introduction Highly Scalable Linux Network Stack Netfilter Hooks Packet selection based on IP Tables The Connection Tracking

444 views • 9 slides
Cryptography and network security Firewalls slide 1 Firewalls Idea: separate local network

Cryptography and network security Firewalls slide 1 Firewalls Idea: separate local network

Cryptography and network security Firewalls slide 1 Firewalls Idea: separate local network from the Internet Trusted hosts and networks Firewall Router Intranet Demilitarized Zone: DMZ publicly accessible servers and networks

746 views • 31 slides
Stateful Firewalls Hank and Foo Types of firewalls Packet filter (stateless) Proxy

Stateful Firewalls Hank and Foo Types of firewalls Packet filter (stateless) Proxy

1 Stateful Firewalls Hank and Foo Types of firewalls Packet filter (stateless) Proxy firewalls Stateful inspection Deep packet inspection 2 Packet filter (Access Control Lists) Treats each packet in isolation

510 views • 30 slides
Firewalls and intrusion detection systems Markus Peuhkuri 2005-03-22 Lecture topics Firewalls

Firewalls and intrusion detection systems Markus Peuhkuri 2005-03-22 Lecture topics Firewalls

Firewalls and intrusion detection systems Markus Peuhkuri 2005-03-22 Lecture topics Firewalls Security model with firewalls Intrusion detection systems Intrusion prevention systems

644 views • 7 slides
Firewalls CS461/ECE422 Spring 2012 Reading Material Text

Firewalls CS461/ECE422 Spring 2012 Reading Material Text

Firewalls CS461/ECE422 Spring 2012 Reading Material Text chapter 9 Firewalls and Internet Security: Repelling the Wily Hacker, Cheswick, Bellovin,

501 views • 34 slides
Firewalls Summary ITS335: IT Security Sirindhorn International Institute of Technology

Firewalls Summary ITS335: IT Security Sirindhorn International Institute of Technology

ITS335 Firewalls Characteristics Types Locations Firewalls Summary ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October 2013 its335y13s2l08,

245 views • 23 slides
Network Firewalls Don Porter CSE/ISE 311: Systems Administra5on

Network Firewalls Don Porter CSE/ISE 311: Systems Administra5on

CSE/ISE 311: Systems Administra5on Network Firewalls Don Porter CSE/ISE 311: Systems Administra5on Firewalls: An Essen2al Tool Previous Lectures: Every service

469 views • 20 slides
Network Firewalls the outside world is a poten7al aCack

Network Firewalls the outside world is a poten7al aCack

4/29/14 CSE/ISE 311: Systems Administra5on CSE/ISE 311: Systems Administra5on Firewalls: An Essen7al Tool Previous Lectures: Every service on a system visible

400 views • 4 slides
Class Session 4 Firewalls Exercise 1 You are asked to design the firewall policy for the

Class Session 4 Firewalls Exercise 1 You are asked to design the firewall policy for the

Class Session 4 Firewalls Exercise 1 You are asked to design the firewall policy for the following network. Note that these are stateful , bidirectional firewalls . The only flags you need to worry about are SYN and SYN-ACK. The following

415 views • 3 slides
Firewalls with iptables Linux Sirindhorn International Institute of Technology Thammasat

Firewalls with iptables Linux Sirindhorn International Institute of Technology Thammasat

Linux Firewalls with iptables Concepts Examples Firewalls with iptables Linux Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 14 October 2013 Common/Reports/iptables-introduction.tex, r715

469 views • 14 slides
Outline Firewalls and NAT boxes CSci 5271 Introduction to Computer Security Announcements

Outline Firewalls and NAT boxes CSci 5271 Introduction to Computer Security Announcements

Outline Firewalls and NAT boxes CSci 5271 Introduction to Computer Security Announcements intermission Day 21: Firewalls, NATs, and IDSes Stephen McCamant Intrusion detection systems University of Minnesota, Computer Science &

260 views • 5 slides
Outline Firewalls and NAT boxes CSci 5271 Introduction to Computer Security Announcements

Outline Firewalls and NAT boxes CSci 5271 Introduction to Computer Security Announcements

Outline Firewalls and NAT boxes CSci 5271 Introduction to Computer Security Announcements intermission Day 22: Firewalls, NATs, and IDSes Stephen McCamant Intrusion detection systems University of Minnesota, Computer Science &

308 views • 4 slides
Firewalls David Parter University of Wisconsin Computer Sciences Department Computer Systems

Firewalls David Parter University of Wisconsin Computer Sciences Department Computer Systems

Firewalls David Parter University of Wisconsin Computer Sciences Department Computer Systems Lab dparter@cs.wisc.edu November 11, 2010 1 Topics Firewall basics Types of Firewalls Deployment scenarios Related Technologies

965 views • 83 slides
Firewalls, IDS and Social Network Presenter: Yinzhi Cao Lehigh University Acknowledgement

Firewalls, IDS and Social Network Presenter: Yinzhi Cao Lehigh University Acknowledgement

CSE343/443 Lehigh University Fall 2015 Firewalls, IDS and Social Network Presenter: Yinzhi Cao Lehigh University Acknowledgement http://www.cs.northwestern.edu/~ychen/ classes/mitp-458/firewalls.ppt http://web.cse.ohio-state.edu/~xuan/

1.29k views • 81 slides
Effects of Processing Delay on Function-Parallel Firewalls Ryan J. Farley and Errin W. Fulp

Effects of Processing Delay on Function-Parallel Firewalls Ryan J. Farley and Errin W. Fulp

Effects of Processing Delay on Function-Parallel Firewalls Ryan J. Farley and Errin W. Fulp IASTED PDCN February 15, 2006 Abstract Firewalls filter packets between networks. Unfortunately, they introduce significant delay to a system.

211 views • 18 slides

More recommend