STEELE - Firewalls
Upcoming SlideShare
Loading in...5

STEELE - Firewalls






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

STEELE - Firewalls STEELE - Firewalls Presentation Transcript

  • The Security Aspect of Social Engineering Justin Steele
  • Firewalls Justin Steele View slide
  • Definitions
    • Firewall - “a host that mediates access to a network, allowing and disallowing certain types of access on the basis of a configured security policy.”
    • DMZ – “a portion of the network separates a purely internal network from an external network.”
    • Proxy – “an intermediate agent or server that acts on behalf of an endpoint without allowing a direct connection between the two endpoints.”
    • Bastion Host – “a system identified as a critical strong point in the network’s security.”
    View slide
  • Design Goals
    • All traffic between the internal and external network must go through the firewall.
    • Only authorized traffic is allowed to pass through.
    • The firewall itself is immune to penetration.
    • Small and simple enough for rigorous analysis
  • Control Techniques
    • Service Control – determines the types of services allowed.
    • Direction Control – determines the direction in which services may be initiated.
    • User Control – determines which activities are allowed based on the user.
    • Behavior Control – determines how services are used.
  • Types of Firewalls
    • Filtering Firewall – performs access control based packet header attributes, such as destination and source addresses, ports, and other various options. (Routers)
      • Protects against IP address spoofing, source routing attacks, and tiny fragment attacks.
    • Stateful Inspection Firewall – tightens security by keeping track of outbound connections. Only allows incoming traffic to high-numbered ports for packets that conform to the entries in the directory.
  • Types of Firewalls Continued
    • Proxy Firewall – uses proxies to perform access control. This type of firewall can base control on the contents of packets and messages, as well as on attributes of the packet headers. (Application Proxy, Application-Level Gateway, Guard)
    • Circuit-Level Gateway – Like a proxy firewall, but once connections are established it does not examine contents. Just determines what connections are allowed.
    • Personal Firewall – application that runs on workstations to block unwanted traffic.
  • Limitations
    • A firewall can not protect against attacks that bypass the firewall.
    • A firewall does not protect against internal threats.
    • The firewall does not protect against virus-infected files.
  • Network Setups
  • How a Firewall Can Protect Against a SYN Flood
    • Intermediate Hosts
      • The SYN Flood is handled before it reaches the firewall.
      • Examples - Cisco Routers and Synkill
    • TCP State and Memory Allocations
      • Make availability of space more likely.
      • Examples – SYN Cookies and adaptive time-out
  • References
    • Bishop, M. (2003). Computer Security, Art and Science. Boston: Addison Wesley.
    • Campus Firewall, Frequently Asked Questions . Retrieved March 30 th , 2003, from
    • Pfleeger, C., & Pfleeger, S. (2003). Security in Computing. New Jersey: Prentice Hall.
    • Stallings, W. (2003). Network Security Essentials, Applications and Standards. New Jersey: Prentice Hall.