ethical hacking and countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf ·...
TRANSCRIPT
![Page 1: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/1.jpg)
Ethical Hacking and CountermeasuresCountermeasuresVersion 6
Mod le LXModule LX
Firewall Technologies
![Page 2: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/2.jpg)
News
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://www.internetnews.com/
![Page 3: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/3.jpg)
Module Objective
Thi d l ill f ili i i h
• Firewalls
This module will familiarize you with:
• Hardware Firewalls• Software Firewalls• Mac OS X Firewall• LINUX Firewall• Windows Firewall
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 4: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/4.jpg)
Module Flow
Mac OS X FirewallFirewalls
Hardware Firewalls LINUX FirewallHardware Firewalls
Software Firewalls Windows Firewall
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 5: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/5.jpg)
Firewalls: Introduction
A firewall is a program or hardware device that protects the resources of a pri ate net ork from protects the resources of a private network from users of other networks
It is responsible for the traffic to be allowed to pass, block, or refuse
Firewall also works with the proxy server
It helps in the protection of the private network from the users of the different network
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
from the users of the different network
![Page 6: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/6.jpg)
Hardware FirewallsHardware Firewalls
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 7: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/7.jpg)
Hardware Firewall
H d Fi ll l d i th i t f th t k Hardware Firewalls are placed in the perimeter of the network
It employs a technique of packet filtering
It reads the header of a packet to find out the source and destination address
The information is then compared with the set of predefined and/or user created rules that determine hether the packet is
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
and/or user created rules that determine whether the packet is forwarded or dropped
![Page 8: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/8.jpg)
Netgear Firewall
I t t h i b db d t d
Features:
• Internet sharing broadband router and 4-port switch
• 2x the speed and 4x times the coverage of a Wireless-G routerof a Wireless-G router
• Configurable for private networks and public hotspots
• Double Firewall protection from Double Firewall protection from external hackers attacks
• Touchless WiFi Security makes it easy to secure your network
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
y
![Page 9: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/9.jpg)
Netgear Firewall: Screenshot
WNR 3300 Firewall
Wireless Firewall Router
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
WNR 3500 FirewallWNR 824 Firewall
![Page 10: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/10.jpg)
Personal Firewall Hardware: LinksysLinksys
Linksys scans the data travelling in the peer to peer network
It is also known as Ethernet cable/DSL firewall It is also known as Ethernet cable/DSL firewall router
The integrated SPI firewall blocks the incoming or The integrated SPI firewall blocks the incoming or outgoing traffic
It works on:
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Filtering traffic from external /internal sources
![Page 11: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/11.jpg)
Personal Firewall Hardware: Cisco’s PIX Cisco s PIX
Cisco supports Simple Network Management Cisco supports Simple Network Management Protocol (SNMP) traps
Cisco firewall series filters the java applets which is a threat to the corporate resources
Strong firewall security and proxy authentication functions with NAT and PAT features
CISCO PIX Firewall
M st l bl f t f Cis fi ll is D l NAT
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Most valuable feature of Cisco firewall is a Dual NAT
![Page 12: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/12.jpg)
Cisco PIX 501 Firewall
The Cisco PIX 501 is a compact, ready-to-use security appliance that delivers enterprise-class security for small offices and enterprise teleworker environments
It includes an integrated 4-port Fast Ethernet (10/100) It includes an integrated 4 port Fast Ethernet (10/100) switch and a Fast Ethernet (10/100) interface
Cisco PIX 501 Series
It delivers upto 60 Mbps of firewall throughput, 3 Mbps of Triple Data Encryption Standard (3DES) VPN throughput, and 4.5 Mbps of Advanced Encryption Standard-128 (AES) VPN throughput
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
(AES) VPN throughput
![Page 13: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/13.jpg)
Cisco PIX 506E Firewall
The Cisco PIX 506E is a ob st p pose b ilt sec it The Cisco PIX 506E is a robust, purpose-built security appliance that delivers enterprise-class security for remote and branch office environments
It provides two autosensing Fast Ethernet (10/100) It provides two autosensing Fast Ethernet (10/100) interfaces
Cisco PIX 506E Series
It delivers upto 100 Mbps of firewall throughput, 16 Mbps of Triple Data Encryption Standard (3DES) VPN throughput, and 30 Mbps of Advanced Encryption S d d 8 (AES) VPN h h i ff i
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Standard-128 (AES) VPN throughput in a cost-effective, high-performance solution
![Page 14: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/14.jpg)
Cisco PIX 515E Firewall
The Cisco PIX 515E is a modular, purpose-built 5 5 , p p bsecurity appliance that delivers enterprise-class security for small to medium-sized business networks
It supports upto six 10/100 Fast Ethernet i t f s ki it ll t h i f interfaces, making it an excellent choice for businesses requiring a cost-effective firewall
Cisco PIX 515E Series
It delivers upto 188 Mbps of firewall throughput with the capability to handle more than 130,000 simultaneous sessions
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
simultaneous sessions
![Page 15: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/15.jpg)
CISCO PIX 525 Firewall
The Cisco PIX 525 is a reliable, purpose-built security appliance for medium to large enterprise networksenterprise networks
It supports upto eight 10/100 Fast Ethernet pp p g /interfaces or three Gigabit Ethernet interfaces
Cisco PIX 525 Series
It delivers more than 330 Mbps of firewall throughput with the capability to handle more than 280,000 simultaneous sessions
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 16: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/16.jpg)
CISCO PIX 535 Firewall
The Cisco PIX 535 is a high-performance, purpose-535 g p , p pbuilt security appliance that delivers enterprise-class security for enterprise and service provider networks
It supports upto ten 10/100 Fast Ethernet pp p 0/ 00interfaces or nine Gigabit Ethernet interfaces
Cisco PIX 535 Series
It delivers upto 1.7 Gbps of firewall throughput with the capability to handle more than 500,000 i lt i
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
simultaneous sessions
![Page 17: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/17.jpg)
Check Point Firewall
Check point firewall enables organizations to protect the entire Check point firewall enables organizations to protect the entire network infrastructure
• Firewall-1• Firewall-1 GX
Different types of Firewall:
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 18: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/18.jpg)
Check Point Firewall (cont’d)
Features of Firewall-1:
• Comprehensive network and application firewall
Features of Firewall 1:
• Using INSPECT, the most adaptive and intelligent inspection technology, FireWall-1 integrates both network and application-layer firewall protection
Features of Firewall-1 GX:
• Protection for GPRS networks • Secure connectivity between carriers
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Auditing and tracking of GPRS traffic
![Page 19: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/19.jpg)
Nortel Switched Firewall
The key component of Nortel's Layered Defense strategy is Nortel Switched FirewallFirewall
Supports secure access to organizational resources including SIP, VoIP, and other delay sensitive applicationsy pp
Protects IT data centers, service provider networks, and hosting infrastructures
Uses accelerator technology and Check Point Firewall-1 software, in a compact rack-mount package
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 20: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/20.jpg)
S ft Fi llSoftware Firewalls
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 21: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/21.jpg)
Software Firewall
S ft fi ll i i il t filtSoftware firewall is similar to a filter
It sits between the normal application and the networking components of the operating system
Software firewall implants itself in the key area of the application/network path
It analyzes what is going against the rule set
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
It analyzes what is going against the rule set
![Page 22: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/22.jpg)
Windows Firewalls
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 23: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/23.jpg)
Norton Personal Firewall
Norton Personal Firewall automatically blocks intruders d thi d it hid t f h k
Features:
and thieves, and it hides your computer from hackers
• Automatically detects and blocks viruses, spyware, and worms
• Advanced phishing protection identifies and blocks • Advanced phishing protection identifies and blocks fraudulent websites
• Rootkit Protection finds and removes hidden threats in the operating systemoperating system
• Smart firewall blocks the hackers and stops spyware from transmitting unauthorized information
• Intrusion Prevention automatically shields newly
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Intrusion Prevention automatically shields newly discovered security vulnerabilities
![Page 24: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/24.jpg)
Norton Personal Firewall: ScreenshotScreenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Figure: Norton Personal Firewall
![Page 25: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/25.jpg)
McAfee Personal Firewall
Automatically blocks, cleans, and removes viruses so that you can surf the Web and download files safely
Features:
y
Blocks Spyware: Blocks spyware before it is installed in computer and removes existing spyware
Stops Hackers: Protects and conceals computer Stops Hackers: Protects and conceals computer from hackers
Improves PC Performance: Cleans clutter off
Backs Up & Restores Files: Automated backup and one click restore
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Secures your Identity: Protects your online identity
![Page 26: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/26.jpg)
McAfee Personal Firewall: ScreenshotScreenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly ProhibitedFigure: Personal McAfee Firewall
![Page 27: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/27.jpg)
Symantec Enterprise Firewall
Symantec Enterprise Firewall gives protection to the assets and data transmission by providing secure connection with the data transmission by providing secure connection with the Internet
Features:
It supports the Advanced Encryption Standard (AES)It supports the Advanced Encryption Standard (AES)
It supports integrated load balancing that allows scalability to more than 1.5 Gbps
It supports URL filtering technology
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
It supports inbound and outbound Network Address Translation (NAT) for both VPN and non-VPN traffic
![Page 28: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/28.jpg)
Kerio WinRoute Firewall
Kerio WinRoute Firewall is a corporate gateway firewall for small and di i d b imedium-sized businesses
This firewall sets new standards in versatility, security, and user access control
It defends against external attacks and viruses and can restrict access to websites based on their content
Features:
• Anti-virus Gateway Protection• Content Filtering• User Specific Access Management• Fast Internet Sharing
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Fast Internet Sharing• Internet Monitoring
![Page 29: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/29.jpg)
Kerio WinRoute Firewall: Screenshot 1Screenshot 1
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 30: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/30.jpg)
Kerio WinRoute Firewall: Screenshot 2Screenshot 2
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 31: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/31.jpg)
Sunbelt Personal Firewall
The Personal Firewall controls how computers share information th h th I t t l l t kthrough the Internet or a local network
It protects computers from external or internal attacks by other computerscomputers
Mostly used in laptops since they are easier to compromise because of the increasing popularity of built-in wireless accessthe increasing popularity of built in wireless access
Features:
• Controls all the traffic on the network• Creates a separate log for firewall modules• Automatically update the newer version of the
f
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
software
![Page 32: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/32.jpg)
Sunbelt Personal Firewall: ScreenshotScreenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 33: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/33.jpg)
Xeon Firewall
Xeon Personal Firewall scans all your ports to detect possible hacker tt t t d ill id tif th h k d hi /h attempts on your system, and will identify the hacker and his/her
location
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 34: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/34.jpg)
Xeon Firewall: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 35: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/35.jpg)
InJoy Firewall
The InJoy Firewall is a firewall security solution for organizations of ll iall sizes
Features:
• Deep Packet Inspection• Unique MULTI-PLATFORM support
IPS VPN t• IPSec VPN support• Stateful Inspection• Dynamic Firewall Rules • Access Control Packet Filtering• Access Control Packet Filtering• Traffic Accounting • Traffic Shaping Bandwidth Management • SafeMail (secure e-mail)
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Web Filtering
![Page 36: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/36.jpg)
InJoy Firewall: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 37: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/37.jpg)
PC Tools Firewall Plus
PC Tools Firewall Plus is a free personal firewall for Windows that PC Tools Firewall Plus is a free personal firewall for Windows that protects your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network
Features:
• Protects PC when users are working, surfing, and playing
• Intelligent automatic protection without all the questionsthe questions
• Advanced rules to protect your PC against common attacks
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 38: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/38.jpg)
PC Tools Firewall Plus: ScreenshotScreenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 39: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/39.jpg)
Comodo Personal Firewall
Comodo Personal Firewall protects the system from Hackers, p y ,Spyware, Trojans, and Identity theft
• Clean PC Mode
Features:
Clean PC Mode • Advanced Network Firewall Engine • Host Intrusion Prevention System • Powerful and intuitive Security Rules Interfacey• Automatic 'Firewall Training' mode• Windows Security Center Integration • Self Protection against Critical Process
T i ti
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Termination
![Page 40: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/40.jpg)
Comodo Personal Firewall: ScreenshotScreenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 41: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/41.jpg)
ZoneAlarm
ZoneAlarm is designed to protect your DSL- or cable-d PC f h kconnected PC from hackers
The firewall controls the door to your computer and y pallows traffic that you understand and initiate
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 42: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/42.jpg)
ZoneAlarm: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 43: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/43.jpg)
Linux Firewalls
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 44: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/44.jpg)
KMyFirewall
KMyFirewall attempts to make it easier to setup IPTables based firewalls on Linux systems
The firewall has the ability to save entire rulesets Fi llThe firewall has the ability to save entire rulesets Firewall
You only have to configure your ruleset one time, and then you can use it on several computers giving each of them a similar configuration
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 45: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/45.jpg)
KMyFirewall: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 46: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/46.jpg)
Firestarter
Firestarter is an Open Source visual firewall programFirestarter is an Open Source visual firewall program
The software serves both Linux desktop users and system The software serves both Linux desktop users and system administrators
• Real time firewall event monitor shows
Features:
• Real-time firewall event monitor shows intrusion attempts as they happen
• Allows you to define both inbound and outbound access policy
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Option to whitelist or blacklist traffic
![Page 47: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/47.jpg)
Firestarter: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 48: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/48.jpg)
Guarddog
Guarddog is a firewall configuration utility for Linux systemsg g y y
Features:
• Supports router configurations
Features:
• Firewall scripts can be imported/exported to be used on machines other than the current one
• Hosts/networks can be divided into zones• Hosts/networks can be divided into zones• It reduces the chances of configuration
mistakes being made which are a prime source of security holes
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 49: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/49.jpg)
Guarddog: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 50: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/50.jpg)
Firewall Builder
Firewall Builder is multi platform firewall configuration and Firewall Builder is multi-platform firewall configuration and management tool
Firewall Builder currently supports iptables, ipfilter, and OpenBSDPF as well as Cisco PIX and Cisco IOS extended access lists
Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUItarget firewall platform from the same policy created in its GUI
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 51: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/51.jpg)
Firewall Builder: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 52: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/52.jpg)
M OS X Fi llMac OS X Firewalls
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 53: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/53.jpg)
Flying Buttress
Advanced firewall configuration, logging, and IP sharing options are f d i Fl i B ttfound in Flying Buttress
F
• Includes qualifiers on host or network dd
Features:
addresses• Operates on protocols other than TCP or
UDP protocols• NAT port forwarding or other custom NAT NAT port forwarding or other custom NAT
configuration• Ability to switch between different firewall
configuration sets quickly and easily
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 54: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/54.jpg)
Flying Buttress: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 55: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/55.jpg)
DoorStop X Firewall
Protects your Mac from outside attack, including specific Leopard protectionprotection
Features:
• All TCP services are protected by defaultAbilit t t t ti i b i
Features:
• Ability to tune protection on a service-by-service and address-by-address basis
• Protects services by name or port number• Four protection modes: deny all, allow all, allow Four protection modes: deny all, allow all, allow
by address, and deny by address• Setup assistant to help you best secure your Mac's
services
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 56: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/56.jpg)
DoorStop X Firewall: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 57: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/57.jpg)
Intego NetBarrier X5
Intego NetBarrier X5 is the Internet security l ti f M i t h t i M solution for Macintosh computers running Mac
OS X
It offers thorough protection against intrusions coming across the Internet or a local network
NetBarrier X5 has four lines of defense to protect your Mac and data from intrusions and attacks
• Personal firewall• Antivandal
P i t ti
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
• Privacy protection• Monitoring
![Page 58: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/58.jpg)
Intego NetBarrier X5: ScreenshotScreenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 59: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/59.jpg)
Little Snitch
Little Snitch provides flexible configuration options, allowing you to grant specific permissions to your trusted applications or to prevent others from establishing particular Internet connections
Little Snitch introduces a new network monitor, showing detailed information of all incoming and outgoing network trafficinformation of all incoming and outgoing network traffic
Little Snitch allows you to intercept unwanted connection attempts, and lets you decide how to proceed
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 60: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/60.jpg)
Little Snitch: Screenshot
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 61: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/61.jpg)
Summary
Firewall is a program which is placed at the network’s gateway serverp g p g y
Linksys scans the data travelling in the peer to peer network
Cisco firewall series allows filtering the java applets which is a threat to the corporate resources
Intego NetBarrier X5 is the Internet security solution for Macintosh computers running Mac OS X
Guarddog is a firewall configuration utility for Linux systems
Fi ll B ild i l i l f fi ll fi i d
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Firewall Builder is a multi-platform firewall configuration and management tool
![Page 62: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/62.jpg)
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
![Page 63: Ethical Hacking and Countermeasurescs.stfx.ca/~ltyang/csci-467/lecture-slides/firewall.pdf · Firewalls: Introduction A firewall is a program or hardware device that protects the](https://reader031.vdocuments.us/reader031/viewer/2022011901/5f05f7547e708231d4159e30/html5/thumbnails/63.jpg)
EC-CouncilCopyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited