Intro to Firewalls - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

Intro to Firewalls

Description:

Protects networked computers from intentional hostile intrusion. ... A private and a public network. Earliest were simple routers. ... – PowerPoint PPT presentation

Number of Views:97
Avg rating:3.0/5.0
Slides: 27
Provided by: mattheww52
Category:

less

Transcript and Presenter's Notes

Title: Intro to Firewalls


1
Intro to Firewalls
  • Jon Krueger

2
Outline
  • What is a firewall?
  • Who needs a firewall?
  • What are the OSI and TCP/IP Network models?
  • What different types of firewalls are there?
  • What are pros and cons of a firewall?
  • What is iptables?

3
What is a firewall?
  • Protects networked computers from intentional
    hostile intrusion.
  • Junction point between two networks. A private
    and a public network.
  • Earliest were simple routers.
  • The term come from the concept of firewalls and
    firedoors in buildings. They limit damage that
    could spread from one subnet to another.

4
Hardware Firewall
5
Software Firewall
6
A Firewall
  • Can filter traffic based on their source and
    destination addresses, port numbers, protocol
    used, and packet state.
  • Cannot prevent individual users with modems from
    dialing in and out of the network.
  • Cannot protect against social engineering and
    dumpster diving.

7
Who needs a firewall?
  • Anyone who is responsible for a private network
    that is connected to a public network.
  • Anyone who connects so much as a single computer
    to the internet via modem.

8
Basic Firewall Operation
9
The OSI and TCP/IP Models
10
Professional Firewall Model
11
Types of Firewalls
  • Packet Filter
  • Circuit Level Gateways
  • Application Level Gateways
  • Stateful Multilayer Inspection

12
Packet Filtering Firewall
13
Circuit Level Gateway
14
Application Level Gatway
15
Stateful Multilayer Inspection
16
Implementing your firewall
  • Choose the access denial methodology.
  • Determine inbound access policy.
  • Determine outbound access policy.
  • Determine if dial-in or dial-out access is
    required. (VPN)
  • Decide whether to buy a complete firewall product
    or implement one yourself.

17
Access denial methodology
  • Deny access by default

18
Inbound Access Policy
  • May be simple NO ACCESS
  • NAT
  • NAT protocol filtering
  • Complex stateful multilayer inspection

19
Outbound Access Policy
  • Open Access
  • Per User outbound policy (Proxy)

20
Other Considerations
  • Dial-in/out
  • Buy a solution
  • Hardware -- PIX, Sonicwall, WatchGuard
  • Software -- CheckPoint, ISA, Boarder Manager
  • Build a solution
  • Linux -- IPTables
  • BSD -- IPFW, IPFilter, pf

21
IPTables
  • In Linux 2.2 can limit spoofed packets.
  • In Linux 2.4 can check for suspicious packets
    with unclean extension. Also can check for
    malformed or non-standard packets.
  • Can check all TCP Flags. (NEW)

22
IPTables
  • Can filter on MAC address.
  • Can match TCP or UDP packets based on a series of
    source and destination ports. (NEW)
  • Can return packets with original destination
    info. (NEW)

23
IPTable Targets
  • Has IPChains REJECT, DENY, ACCEPT
  • MIRROR
  • TOS, MARK
  • MASQUERADE, DNAT, SNAT, REDIRECT

24
IPTables Stateful Inspection
  • Associate all the packets of a particular
    connection with each other.
  • Tries to make sense out of the higher level
    protocols NFS, HTTP, FTP
  • Can be used to block port scans or malicious hack
    attempt.
  • Dynamic allocation of arbitrary ports used by
    many protocols for data exchange.

25
IPTables Stateful Inspection
  • States
  • NEW
  • RELATED
  • INVALID
  • ESTABLISHED
  • RELATEDREPLY

26
IPTable Address Translation
  • New additions
  • DNAT Destination address NAT
  • SNAT Source address NAT
  • REDIRECT DNAT that alters the destination to
    localhost
Write a Comment
User Comments (0)
About PowerShow.com