firewall technology (tm6105) by somboon ingsakulsomboon id:4229811

FireWallTechnology

(TM6105)By

Somboon IngsakulsomboonID:4229811

Contents

What is a Firewall?

TCP/IP Stack

Methods of Securing Networks

What is DOS?

Content Security

VPN

What Is A Firewall?

Connects internal and external networks with varying levels of trust, by implementing security policies regarding network communication

Intranet

Firewall

Internet

Router

Server Segment

TrustedNetworks

Public AccessibleNetworks & Servers

UntrustedNetworks & Servers

UntrustedUsers

TrustedUsers

Defining A Firewall

A firewall is a system designed to prevent unauthorized access to, or from, an internal network. Firewalls also do the following:

Track and control data

Ensures that data meets security policy rules

Acts as a locked door between internal and external networks

TCP/IP Stack

Packets

Methods of Securing Networks

Application

Presentation

Session

Transport

Network

Data Link

Physical

Application Layer Gateway (Proxy)

Application Level

Packet FilteringNetwork Level

Stateful Inspection

FireWall-1: Before Network Level

Packet Filtering

ProsInexpensive

Application Transparency

Quicker than application layer gateways

Cons• Low Security• Limited access to packet header• Limited screening above network layer

Application

Presentation

Session

Transport

Network

Data Link

Physical

Application Layer Gateway

ProsGood Security

Full application-layer awareness

ConsPoor Scalability

Proxies cannot provide for UDP…

Most proxies non-transparent

Vulnerable to OS…

Expensive performance cost

Application

Presentation

Session

Transport

Network

Data Link

Physical

Stateful Inspection

Good Security

Full Application-layer awareness

High Performance

Scalability

Extensible

Transparency

Application

Presentation

Session

Transport

Network

Data Link

Physical

Network Address Translation

RFC 1918 has reserved a set of IP network addresses that can be used for address translation:

1 Class A Network Number: 10.0.0.0

16 Class B Network Numbers: 172.16.0.0 through 172.31.0.0

256 Class C Network Numbers: 192.168.0.0 through 192.168.255.0

Internal networks with RFC 1918 network numbers can reach all hosts on the Internet, since no hosts on the Internet can use them.

Availability of IP Addresses

What is DOS ?

Denial of Service:

An active packet may overload a resource or

service due to constantly consuming network

connections or using a great portion of the

CPU cycles available. The node cannot function

properly under these circumstances and another

active packet cannot be executed or forwarded.

TCP/IP Three-Step Handshake

SYN Flooding Attack

1 Client attacks server by sending a flood of SYN packets with a spoofed IP address.

2 Server tries to send SYN/ACK to unreachable IP.

3 ACK is not received from Client.

SYN Defender

Content Security

Virtual Private Network

Question ?

Thank You