Your SlideShare is downloading. ×
0
IT346 Information

System Security

Week 6-1: Firewall (1)

Faculty of Information Technology

Page

1
OSI v.s. TCP/IP
Model
Application Layer
Presentation Layer

Application Layer

Session Layer
Transport Layer

Transport La...
TCP/IP

 TCP/IP (Transmission Control Protocol/

Internet Protocol)
‣
‣

Faculty of Information Technology

Page

3
TCP/IP Protocol
 TCP/IP
‣

‣

-

‣
Faculty of Information Technology

Page

4
TCP/IP Model
Layer

Faculty of Information Technology

Protocol Example

Page

5
Encapsulation

Faculty of Information Technology

Page

6
Encapsulation


Layer
‣

Encapsulate
User
Application

‣

User

User Data

user

Application Data
TCP

TCP
Header

‣

TCP...
Host-to-Network
Layer
 Host-to-Network Layer:



‣

layer
‣

Layer

Layer

IP Packet

IP

‣

IP Layer

Faculty of Inform...
Internet Layer
 Internet Layer:
‣

packet-switching network
Connectionless (

)

‣

Packet)

‣

Faculty of Information Te...
Internet Layer: IP
 IP (Internet Protocol)
‣ IP
Network Layer
(Address)

IP

‣

datagram)
data
link
MTU (Maximum Transmis...
Internet Layer: IP
 IP (Internet Protocol)
‣
IP
connectionless

datagram
‣

datagram
datagram

fragmentation)
datagram

F...
Internet Layer:

ICMP(Internet Control Message
 ICMP
Protocol)
‣ ICMP

‣ ICMP
‣

Faculty of Information Technology

Datag...
Transport Layer
 Transport Layer :
Protocol

Transmission Control Protocol (TCP)
‣

connection-oriented)
Byte

stream
‣

...
Transport Layer
UDP (User Datagram Protocol)
‣

connectionless)
‣

‣

system)
request/reply)

client/server

voice)
Facult...
Application Layer
 Application Layer:

Telnet:
Host

‣

Host

FTP:

‣ FTP

Faculty of Information Technology

Page

15
Firewall?


Firewall



Firewall
Faculty of Information Technology

Page

16
Firewall
 Firewall

(Component)

 Firewall

‣
‣

Faculty of Information Technology

Page

17
Firewall


‣
‣

Firewall
(packet)

Firewall



Firewall
‣

Faculty of Information Technology

Page

18
Firewall
Firewall



Firewall
Network-based firewall
‣

(traffic)
• Software-based firewall
• Hardware-based firewall

Ho...
Firewall


Layer
1.) Packet filtering firewall
‣

route)

Firewall

(Router)

header
rules)
drop)
accept)

2.) Stateful i...
Firewall
3.) Application layer firewall

Application Gateway
Firewall

‣

‣

‣ Application Gateway

Application Layer)
Fac...
Packet Filtering
Firewall

Router
IP address
Routing Table





firewall
Faculty of Information Technology

(Packet Filt...
Packet Filtering
Firewall


Firewall


‣


‣


‣ Source IP address (
‣ Destination IP Address (
‣ Protocol Type (
Facu...
Packet Filtering
Firewall

Packet Filtering
TCP



‣
‣

Address

‣
‣

Faculty of Information Technology

Page

24
Packet Filtering
Firewall


‣
‣

(transparent)

‣

function

• Packet filter firewalls

application

application

applic...
Packet Filtering
Firewall


‣
‣

TCP/IP
•

address

packet
Layer 3

/

‣

Faculty of Information Technology

Page

26
Stateful Inspection
Firewall
 Packet filter

‣

packet
packet

clients
(1024 to 65535)
TCP
server
packet filtering
firewa...
Stateful Inspection
Firewall

 Stateful Inspection Firewall

TCP traffic

connection

directory
(Outbound)

TCP

 State ...
Stateful Inspection
Firewall
 Firewall

‣

packet
packet filtering firewall
TCP connection

TCP sequence
numbers

sequenc...
Stateful Firewall
Connection State
 Directory

(outbound)
Source

TCP

Destination
Address

Destination
Port

Connection
...
Application Layer
Firewall


Proxy Firewall
Application Gateway



 Firewall

(Network Guard)



Traffic (


)

Appli...
Application Layer
Firewall



Client
Proxy



Proxy
connection 2

Faculty of Information Technology

Service
Proxy
Proxy...
Application Layer
Firewall

Application Layer Firewall
Firewall
Firewall



Traffic

‣

server

firewall
client

 Applic...
Upcoming SlideShare
Loading in...5
×

Information system security wk6-1

299

Published on

If you have question
Message me!

Published in: Education, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
299
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
21
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • A stateful inspection packet firewall tightens up the rules for TCP traffic bycreating a directory of outbound TCP connections, as shown in Table 9.2 . There isan entry for each currently established connection. The packet filter will now allowincoming traffic to high-numbered ports only for those packets that fit the profile ofone of the entries in this directory.
  • Transcript of "Information system security wk6-1"

    1. 1. IT346 Information System Security Week 6-1: Firewall (1) Faculty of Information Technology Page 1
    2. 2. OSI v.s. TCP/IP Model Application Layer Presentation Layer Application Layer Session Layer Transport Layer Transport Layer Network Layer Internet Layer Data Link Layer Host-to-Network Layer Physical Layer (Network Access) OSI Model Faculty of Information Technology TCP/IP Model Page 2
    3. 3. TCP/IP  TCP/IP (Transmission Control Protocol/ Internet Protocol) ‣ ‣ Faculty of Information Technology Page 3
    4. 4. TCP/IP Protocol  TCP/IP ‣ ‣ - ‣ Faculty of Information Technology Page 4
    5. 5. TCP/IP Model Layer Faculty of Information Technology Protocol Example Page 5
    6. 6. Encapsulation Faculty of Information Technology Page 6
    7. 7. Encapsulation  Layer ‣ Encapsulate User Application ‣ User User Data user Application Data TCP TCP Header ‣ TCP Segment IP ‣ Faculty of Information Technology IP Header Application Data TCP TCP Segment IP Page 7
    8. 8. Host-to-Network Layer  Host-to-Network Layer:  ‣ layer ‣ Layer Layer IP Packet IP ‣ IP Layer Faculty of Information Technology Page 8
    9. 9. Internet Layer  Internet Layer: ‣ packet-switching network Connectionless ( ) ‣ Packet) ‣ Faculty of Information Technology Page 9
    10. 10. Internet Layer: IP  IP (Internet Protocol) ‣ IP Network Layer (Address) IP ‣ datagram) data link MTU (Maximum Transmission Unit) IP Ethernet Faculty of Information Technology Page 10
    11. 11. Internet Layer: IP  IP (Internet Protocol) ‣ IP connectionless datagram ‣ datagram datagram fragmentation) datagram Faculty of Information Technology Page 11
    12. 12. Internet Layer: ICMP(Internet Control Message  ICMP Protocol) ‣ ICMP ‣ ICMP ‣ Faculty of Information Technology Datagram) datagram Router datagram Host ICMP Message datagram ICMP Message Error Page 12
    13. 13. Transport Layer  Transport Layer : Protocol Transmission Control Protocol (TCP) ‣ connection-oriented) Byte stream ‣ message Internet Layer ‣ TCP Faculty of Information Technology (Flow Control) message Page 13
    14. 14. Transport Layer UDP (User Datagram Protocol) ‣ connectionless) ‣ ‣ system) request/reply) client/server voice) Faculty of Information Technology Page 14
    15. 15. Application Layer  Application Layer: Telnet: Host ‣ Host FTP: ‣ FTP Faculty of Information Technology Page 15
    16. 16. Firewall?  Firewall  Firewall Faculty of Information Technology Page 16
    17. 17. Firewall  Firewall (Component)  Firewall ‣ ‣ Faculty of Information Technology Page 17
    18. 18. Firewall  ‣ ‣ Firewall (packet) Firewall  Firewall ‣ Faculty of Information Technology Page 18
    19. 19. Firewall Firewall  Firewall Network-based firewall ‣ (traffic) • Software-based firewall • Hardware-based firewall Host-based firewall ‣ Faculty of Information Technology Personal firewall Page 19
    20. 20. Firewall  Layer 1.) Packet filtering firewall ‣ route) Firewall (Router) header rules) drop) accept) 2.) Stateful inspection firewall ‣ Packet Filtering Header message content) Faculty of Information Technology Page 20
    21. 21. Firewall 3.) Application layer firewall Application Gateway Firewall ‣ ‣ ‣ Application Gateway Application Layer) Faculty of Information Technology Page 21
    22. 22. Packet Filtering Firewall Router IP address Routing Table   firewall Faculty of Information Technology (Packet Filtering) (Access Page 22
    23. 23. Packet Filtering Firewall  Firewall  ‣  ‣  ‣ Source IP address ( ‣ Destination IP Address ( ‣ Protocol Type ( Faculty of Information Technology ) ) ) Page 23
    24. 24. Packet Filtering Firewall Packet Filtering TCP  ‣ ‣ Address ‣ ‣ Faculty of Information Technology Page 24
    25. 25. Packet Filtering Firewall  ‣ ‣ (transparent)  ‣ function • Packet filter firewalls application application application firewall function ‣ Faculty of Information Technology Page 25
    26. 26. Packet Filtering Firewall  ‣ ‣ TCP/IP • address packet Layer 3 / ‣ Faculty of Information Technology Page 26
    27. 27. Stateful Inspection Firewall  Packet filter ‣ packet packet clients (1024 to 65535) TCP server packet filtering firewall (inbound traffic) TCP traffic  Faculty of Information Technology Page 27
    28. 28. Stateful Inspection Firewall  Stateful Inspection Firewall TCP traffic connection directory (Outbound) TCP  State Table Connection Source Address, Destination addresses, Protocol type, Port number Flag ‣ Faculty of Information Technology Page 28
    29. 29. Stateful Inspection Firewall  Firewall ‣ packet packet filtering firewall TCP connection TCP sequence numbers sequence number session hijacking ‣ protocols SIPS Faculty of Information Technology FTP, IM track Page 29
    30. 30. Stateful Firewall Connection State  Directory (outbound) Source TCP Destination Address Destination Port Connection State 192.168.1.100 1030 210.9.88.29 80 Established 192.168.1.102 1031 216.32.42.123 80 Established 192.168.1.101 1033 173.66.32.122 25 Established 192.168.1.106 1035 177.231.32.12 79 Established 223.43.21.231 1990 192.168.1.6 80 Established 219.22.123.32 2112 192.168.1.6 80 Established 210.99.212.18 3321 192.168.1.6 80 Established 24.102.32.23 1025 192.168.1.6 80 Established 223.21.22.12 1046 192.168.1.6 80 Established Address Faculty of Information Technology Source Port Page 30
    31. 31. Application Layer Firewall  Proxy Firewall Application Gateway   Firewall (Network Guard)  Traffic (  ) Application Layer Firewall Faculty of Information Technology Page 31
    32. 32. Application Layer Firewall  Client Proxy  Proxy connection 2 Faculty of Information Technology Service Proxy Proxy Client Client Client Proxy Page 32
    33. 33. Application Layer Firewall Application Layer Firewall Firewall Firewall  Traffic ‣ server firewall client  Application Layer Firewall firewall Faculty of Information Technology firewall application Page 33
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×