Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Transcript of Firewalls!
Kate Slaughter Firewalls First Here is the Basic Terminology you will see Throughout this Presentation IP Address: MAC Address Ports - a string of 32 bits (0's and 1's that make up an IPv4 address)
- this address denotes the physical location on the network
- you need to know this address to find the device
- kind of like your street address of your house! - is the built in address for your device
- every device has a MAC address
- this is another way to label your device on a network - these are entryways into your computer, like DOORS!
- you open these doors to let the traffic through
- you want to let some traffic in, like webpages and email
- you DO NOT want to let malicious traffic through
- this is where firewalls come in! What is a Firewall? - a program or hardware device that filters the information coming into your network from outside
- Firewalls use FILTERS to regulate traffic
- Firewalls use methods to control traffic flow in and out of the network The History of Firewalls... - the term originally referred to wall intended to confine fire
- started Late 1980’s
- routers with filtering rules
- the first firewall security policy : allow anyone “in here” to get out but keep people “out there “ from getting in The 3 generations of firewalls.... First Generation - Packet Filters Second Generation - Stateful Filters - Developed in the early 90's
- Collects enough packets to determine the state and can block based on connections
- Determines if a packet is the start of a new connection, part of an existing one, or not part of any connection. Third Generation - Application Layer - Developed in the mid 90's
- Ability to “understand” different protocols
- Can detect if an unwanted protocol is attempting access on an open port Software VS Hardware - Ideal firewall configuration uses both
- Stand-alone device (sometimes built into routers)
- Little to no configuration needed
- Uses packet filtering
- Meant for individual home users.
- Installed on computer and customized.
- Can protect computer from outside attempts to gain access to your computer as well as viruses and worms. Firewall Techniques Firewalls will use one or a combination of the following... Packet Filter - makes decisions based on the source, destination addresses and ports
- looks at each packet entering or leaving the network and accepts or rejects it based on the defined rules.
- difficult to implement
- susceptible to IP spoofing Application Gateway - applies security mechanisms to specific applications (ex: FTP and Telnet)
- effective, but can cause performance degradation Curcuit-level Gateway - applies security mechanisms when a TCP or UDP connection is established.
- once connection is established packets can flow freely Proxy Server - Proxies are different from firewalls but can be used in conjunction with them.
- Intercepts all messages entering and leaving the network and forwards it onto the server.
- Effectively hides the true network addresses. - Inspects traffic on a packet-by-packet basis
- Commonly uses packet source and destination address, protocol and TCP and UDP ports How to Bypass a Firewall Protocol Tunneling - Encapsulates one protocol inside another this makes it hard for the firewall to distinguish the type of traffic passing through it
- Any protocol can be exploited for tunneling, the only requirement is that the protocol is permitted by the firewall Attacks through External Systems - Takes advantage of a trust relationship between an internal user and an external source
- Can be accomplished through a client software vulnerability, obtaining user credentials/sensitive data or a combination of the two DMZ - DMZ (demilitarized zone) - An area on a private network that is outside of the firewall.
- Can allow hosting of website/online business/FTP server without giving access to the whole network. The End Why have a Firewall? - Remote login
- Application backdoors
- SMTP session hijacking
- Operating system bugs
- Denial of Service
- Email bombs - Macros
- Redirect bombs
- Source routing A firewall isn't enough...