Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
You can change this under Settings & Account at any time.
Transcript of Firewalls!
Kate Slaughter Firewalls First Here is the Basic Terminology you will see Throughout this Presentation IP Address: MAC Address Ports - a string of 32 bits (0's and 1's that make up an IPv4 address)
- this address denotes the physical location on the network
- you need to know this address to find the device
- kind of like your street address of your house! - is the built in address for your device
- every device has a MAC address
- this is another way to label your device on a network - these are entryways into your computer, like DOORS!
- you open these doors to let the traffic through
- you want to let some traffic in, like webpages and email
- you DO NOT want to let malicious traffic through
- this is where firewalls come in! What is a Firewall? - a program or hardware device that filters the information coming into your network from outside
- Firewalls use FILTERS to regulate traffic
- Firewalls use methods to control traffic flow in and out of the network The History of Firewalls... - the term originally referred to wall intended to confine fire
- started Late 1980’s
- routers with filtering rules
- the first firewall security policy : allow anyone “in here” to get out but keep people “out there “ from getting in The 3 generations of firewalls.... First Generation - Packet Filters Second Generation - Stateful Filters - Developed in the early 90's
- Collects enough packets to determine the state and can block based on connections
- Determines if a packet is the start of a new connection, part of an existing one, or not part of any connection. Third Generation - Application Layer - Developed in the mid 90's
- Ability to “understand” different protocols
- Can detect if an unwanted protocol is attempting access on an open port Software VS Hardware - Ideal firewall configuration uses both
- Stand-alone device (sometimes built into routers)
- Little to no configuration needed
- Uses packet filtering
- Meant for individual home users.
- Installed on computer and customized.
- Can protect computer from outside attempts to gain access to your computer as well as viruses and worms. Firewall Techniques Firewalls will use one or a combination of the following... Packet Filter - makes decisions based on the source, destination addresses and ports
- looks at each packet entering or leaving the network and accepts or rejects it based on the defined rules.
- difficult to implement
- susceptible to IP spoofing Application Gateway - applies security mechanisms to specific applications (ex: FTP and Telnet)
- effective, but can cause performance degradation Curcuit-level Gateway - applies security mechanisms when a TCP or UDP connection is established.
- once connection is established packets can flow freely Proxy Server - Proxies are different from firewalls but can be used in conjunction with them.
- Intercepts all messages entering and leaving the network and forwards it onto the server.
- Effectively hides the true network addresses. - Inspects traffic on a packet-by-packet basis
- Commonly uses packet source and destination address, protocol and TCP and UDP ports How to Bypass a Firewall Protocol Tunneling - Encapsulates one protocol inside another this makes it hard for the firewall to distinguish the type of traffic passing through it
- Any protocol can be exploited for tunneling, the only requirement is that the protocol is permitted by the firewall Attacks through External Systems - Takes advantage of a trust relationship between an internal user and an external source
- Can be accomplished through a client software vulnerability, obtaining user credentials/sensitive data or a combination of the two DMZ - DMZ (demilitarized zone) - An area on a private network that is outside of the firewall.
- Can allow hosting of website/online business/FTP server without giving access to the whole network. The End Why have a Firewall? - Remote login
- Application backdoors
- SMTP session hijacking
- Operating system bugs
- Denial of Service
- Email bombs - Macros
- Redirect bombs
- Source routing A firewall isn't enough...