firewall technology (tm6105) by somboon ingsakulsomboon id:4229811
DESCRIPTION
FireWall Technology (TM6105) By Somboon Ingsakulsomboon ID:4229811. Contents. What is a Firewall? TCP/IP Stack Methods of Securing Networks What is DOS? Content Security VPN. What Is A Firewall?. - PowerPoint PPT PresentationTRANSCRIPT
FireWallTechnology
(TM6105)By
Somboon IngsakulsomboonID:4229811
Contents
What is a Firewall?
TCP/IP Stack
Methods of Securing Networks
What is DOS?
Content Security
VPN
What Is A Firewall?
Connects internal and external networks with varying levels of trust, by implementing security policies regarding network communication
Intranet
Firewall
Internet
Router
Server Segment
TrustedNetworks
Public AccessibleNetworks & Servers
UntrustedNetworks & Servers
UntrustedUsers
TrustedUsers
Defining A Firewall
A firewall is a system designed to prevent unauthorized access to, or from, an internal network. Firewalls also do the following:
Track and control data
Ensures that data meets security policy rules
Acts as a locked door between internal and external networks
TCP/IP Stack
Packets
Methods of Securing Networks
Application
Presentation
Session
Transport
Network
Data Link
Physical
Application Layer Gateway (Proxy)
Application Level
Packet FilteringNetwork Level
Stateful Inspection
FireWall-1: Before Network Level
Packet Filtering
ProsInexpensive
Application Transparency
Quicker than application layer gateways
Cons• Low Security• Limited access to packet header• Limited screening above network layer
Application
Presentation
Session
Transport
Network
Data Link
Physical
Application Layer Gateway
ProsGood Security
Full application-layer awareness
ConsPoor Scalability
Proxies cannot provide for UDP…
Most proxies non-transparent
Vulnerable to OS…
Expensive performance cost
Application
Presentation
Session
Transport
Network
Data Link
Physical
Stateful Inspection
Good Security
Full Application-layer awareness
High Performance
Scalability
Extensible
Transparency
Application
Presentation
Session
Transport
Network
Data Link
Physical
Network Address Translation
RFC 1918 has reserved a set of IP network addresses that can be used for address translation:
1 Class A Network Number: 10.0.0.0
16 Class B Network Numbers: 172.16.0.0 through 172.31.0.0
256 Class C Network Numbers: 192.168.0.0 through 192.168.255.0
Internal networks with RFC 1918 network numbers can reach all hosts on the Internet, since no hosts on the Internet can use them.
Availability of IP Addresses
What is DOS ?
Denial of Service:
An active packet may overload a resource or
service due to constantly consuming network
connections or using a great portion of the
CPU cycles available. The node cannot function
properly under these circumstances and another
active packet cannot be executed or forwarded.
TCP/IP Three-Step Handshake
SYN Flooding Attack
1 Client attacks server by sending a flood of SYN packets with a spoofed IP address.
2 Server tries to send SYN/ACK to unreachable IP.
3 ACK is not received from Client.
SYN Defender
Content Security
Virtual Private Network
Question ?
Thank You