Firewalls and Network Security - PowerPoint PPT Presentation

1 / 30
About This Presentation
Title:

Firewalls and Network Security

Description:

What are the Issues & Problems? Security was not a fundamental design ... be circumvented by an attacker who fakes the incoming address, making it look as ... – PowerPoint PPT presentation

Number of Views:204
Avg rating:3.0/5.0
Slides: 31
Provided by: nisl
Category:

less

Transcript and Presenter's Notes

Title: Firewalls and Network Security


1
Firewalls andNetwork Security
  • William Crespo
  • Vincent Lauria
  • Michael Theriault

2
Synopsis of Presentation
  • Security Issues Today
  • Firewalls
  • How do they work?
  • What can they do?
  • The future of Security

3
Security Issues Today
  • What are the issues and problems?
  • Who are the intruders and why?
  • What are their techniques?

4
What are the Issues Problems?
  • Security was not a fundamental design
    consideration
  • The Internet is growing exponentially
  • User dependence is increasing
  • With increasing complexity
  • There are billions of entry points

5
Attack Sophistication vs.Required Intruder
Knowledge
Required Intruder Knowledge
Back-Orifice
Attack Sophistication
Auto. Toolkits
Widespread DDoS
Packet spoofing
Auto. probe scanning
1990
2000
Results from a Carnegie Mellon University Study
6
Who are the intruders?
  • Criminals
  • Curious Intruders
  • Insiders
  • Corporate Spies

7
Motives
  • Money
  • Access to additional resources
  • Competitive advantages
  • Curiosity and Mischief

8
Possible Attacks
  • Compromises and Vulnerabilities
  • DDoS (Distributed Denial of Service)
  • Sniffing
  • Port Scanning
  • Malicious code

9
Compromises and Vulnerabilivties
  • Unauthorized access to a machine
  • Usually due to
  • No current patches
  • Misconfiguration

10
Example of Smurf DoS attack
ICMP request with spoofed IP of target
Intruder
Target
11
Example of Smurf DoS attack
Intruder
Flood Target with replies
Target
12
Sniffing
  • Examines traffic on same physical network
  • Intruder must have physical access to network
  • Used to gather usernames and passwords

13
Port Scanning
  • Wide array of tools to scan open many open ports
    quickly
  • Can find out a lot about a network (including OS)
    by looking at open ports
  • Also allows intruders to find unprotected Windows
    shares

14
Malicious Code
  • Includes Viruses and Trojan Horses
  • Ex. Melissa, I Love you Virus
  • Difficult to control, because inexperienced user
    can take actions without understanding
    consequences

15
Consequences
  • Financial loss
  • Web sites unable to fulfill providing a service
  • Loss of data
  • Loss of public confidence

16
Consequences
US Senate 99
New York Times 98
Dept. of Interior 99
17
FIREWALLS
  • What do they do?
  • How do they work?

18
What is a firewall?
  • A firewall is a machine that monitors all traffic
    to and from a site
  • This allows for monitoring, filtering, logging,
    and proper access to the network

19
Firewall Zones

Zones
Servers
DMZ (web servers)
Workstations
20
Our Hardware Implementation
  • We created a basic deny-all firewall using
    Windows 2000 Server
  • Opened DNS, Web, and ACS2 telnet
  • Dynamically assigned IP with NAT
  • The next screen shows a snapshot of the Win2K
    Routing Service
  • We will demonstrate the firewall using this
    laptop as a workstation

21
Example
DNS Telnet Web
22
How do Firewalls work?
  • Most firewalls function through packet filtering
  • Filter based upon port or address

Courtesy http//www.vicomsoft.com/knowledge
/reference/firewalls1.html
23
Filtering based on Port
  • Filtering based on port occurs by examining the
    Transport layer
  • Deny-all
  • Reject all packets except to required services

Courtesy http//www.vicomsoft.com/knowledge
/reference/firewalls1.html
24
Filtering Based on Address
  • The incoming and outgoing address can be examined
    to see if the computer is allowed access to the
    network
  • However, this can be circumvented by an attacker
    who fakes the incoming address, making it look as
    if they are allowed

25
How firewalls prevent
  • Lets look over some of the common attacks we
    spoke about

26
Preventing Compromises and Vulnerabilities
  • By hiding internal network information, a
    firewall can protect internal servers
  • Web serves still need to be patched, but we can
    hide information about them
  • i.e. Services and OS running

27
Other Prevention
  • Preventing DDoS
  • Turn off ping except to trusted IPs
  • Preventing Port Scanning
  • Turn off all ports except ports needed
  • Use NAT to hide IPs
  • Preventing Malicious Code
  • Difficult to block with firewall
  • Internal zones can prevent spreading and
    contamination

28
Direction of Internet Vulnerabilities
  • Sophistication of attacks is increasing
  • Knowledge is being passed to less knowledgeable
  • Vendor testing cycle is decreasing
  • Relying on patches

29
Direction of Internet Security
  • Better encryption methods
  • Adding more security to the transport and IP
    layer of protocols
  • IPSEC
  • Packet level security based on socket or
    destination address

30
We would like to thank
  • Professor D. Starobinski
  • The class for your time and patience.

Thank you
Write a Comment
User Comments (0)
About PowerShow.com