Net Defender


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Frequently, presenters must deliver material of a technical nature to an audience unfamiliar with the topic or vocabulary. The material may be complex or heavy with detail. To present technical material effectively, use the following guidelines from Dale Carnegie Training®.   Consider the amount of time available and prepare to organize your material. Narrow your topic. Divide your presentation into clear segments. Follow a logical progression. Maintain your focus throughout. Close the presentation with a summary, repetition of the key steps, or a logical conclusion.   Keep your audience in mind at all times. For example, be sure data is clear and information is relevant. Keep the level of detail and vocabulary appropriate for the audience. Use visuals to support key points or steps. Keep alert to the needs of your listeners, and you will have a more receptive audience.
  • Net Defender

    1. 1. Net Defender By: Krishna Maddikara Tuesday, May 2, 2001 SC 546
    2. 2. Synopsis of Presentation <ul><li>Security Issues </li></ul><ul><li>Firewalls: </li></ul><ul><ul><li>How do they work? </li></ul></ul><ul><ul><li>What can they do? </li></ul></ul><ul><li>The future of Security called </li></ul><ul><li>“ Net Defender” </li></ul>
    3. 3. Security Issues Today: <ul><li>What are the issues and problems? </li></ul><ul><li>Who are the intruders and why? </li></ul><ul><li>What are their techniques? </li></ul>
    4. 4. What are the Issues & Problems? <ul><li>• Security was not a fundamental design consideration </li></ul><ul><li>The Internet is growing exponentially </li></ul><ul><li>User dependence is increasing; </li></ul><ul><li>With increasing complexity </li></ul><ul><li>There are billions of entry points </li></ul>
    5. 5. Who are the intruders? <ul><li>Criminals </li></ul><ul><li>“ Curious ” Intruders </li></ul><ul><li>Insiders </li></ul><ul><li>Corporate Spies </li></ul>
    6. 6. Motives: <ul><li>Money </li></ul><ul><li>Access to additional resources </li></ul><ul><li>Competitive advantages </li></ul><ul><li>Curiosity and Mischief </li></ul>
    7. 7. Possible Attacks: <ul><li>Compromises and Vulnerabilities </li></ul><ul><li>DDoS (Distributed Denial of Service) </li></ul><ul><li>“ Sniffing” </li></ul><ul><li>Port Scanning </li></ul><ul><li>Malicious code </li></ul>
    8. 8. Example of DoS attack: Intruder Target ICMP request with spoofed IP of target
    9. 9. Example of DoS attack: Intruder Target Flood Target with replies
    10. 10. <ul><li>Finally this report contain information regarding our firewall which we had developed using Packet Filtering Technique. </li></ul><ul><li>And now I'll describes its functioning and working in detail. </li></ul>
    11. 11. Net Defenders
    12. 12. What is Net Defender? <ul><li>A simple Firewall for securing Personal Computer from unauthorized access through Internet or network by novice and advanced users. </li></ul><ul><li>A firewall that monitors all traffic to and from a site This allows for monitoring, filtering, logging, and proper access to the network </li></ul>
    13. 13. Net defender Problem Statement Developing a simple Firewall for securing Personal Computer from unauthorized access through Internet or network by novice and advanced users.
    14. 14. Objective of Net defender Net Defender software is being designed keeping in mind a novice user (those who knows very less about networking or computers). We had laid a great deal of stress in providing a sound user interface so that a general user should learn how to use and control this firewall in simple and easy steps.
    15. 15. REQUIREMENT ANALYSIS <ul><li>o Users perspective </li></ul><ul><li>o Developer Perspective </li></ul><ul><li>o Functional Perspective </li></ul>
    16. 16. General System and Interface Requirements <ul><li>The interface should be intuitive for users to use. </li></ul><ul><li>2. Users should be able to immediately stop all </li></ul><ul><li>outgoing Internet traffic using the firewall . </li></ul><ul><li>3 . The system should have the ability to notify the </li></ul><ul><li>user about all blocked attacks from the Internet. </li></ul><ul><li>1. Users should be able to enable/disable these </li></ul><ul><li>notifications of attacks. </li></ul>
    17. 17. Main Screen Firewall has a simple user interface that gives you instant access to all your security features
    18. 18. Add Rule : This dialog box will help in adding new rules to Firewall. To create a rule, you must first specify the kind of traffic that should be affected by the rule. There are several different characteristics of traffic, each of which you can use to specifythe kind of traffic that you want to control .
    19. 19. Port Scanner: <ul><li>Port Scanner can be opened by going to tool menu and selecting port scanner from there It is a Small Utility for checking a system for open ports. It systematically scans the ports of the computer and report the open port to the user. User then can define the rule in the Firewall to close that particular port </li></ul>
    20. 20. Well-known ports used by TCP Port Protocol Description     7 Echo Echoes a received datagram back to the sender      9 Discard Discards any datagram that is received    11 Users Active users    13 Daytime Returns the date and the time    17 Quote Returns a quote of the day    19 Chargen Returns a string of characters    20 FTP, Data File Transfer Protocol (data connection)    21 FTP, Control File Transfer Protocol (control connection)    23 TELNET Terminal Network    25 SMTP Simple Mail Transfer Protocol    53 DNS Domain Name Server    67 BOOTP Bootstrap Protocol    79 Finger Finger    80 HTTP Hypertext Transfer Protocol 111 RPC Remote Procedure Call
    21. 21. How do Firewalls work? <ul><li>Most firewalls function through packet filtering </li></ul><ul><ul><li>Filter based upon port or address </li></ul></ul> Courtesy
    22. 22. Filtering based on Port <ul><li>Filtering based on port occurs by examining the Transport layer </li></ul><ul><li>Deny-all </li></ul><ul><ul><li>Reject all packets except to required services </li></ul></ul> Courtesy
    23. 23. Filtering Based on Address <ul><li>The incoming and outgoing address can be examined to see if the computer is allowed access to the network </li></ul><ul><li>However, this can be circumvented by an attacker who fakes the incoming address, making it look as if they are allowed </li></ul>
    24. 24. How Net Defender prevent <ul><li>Lets look over some of the common attacks we spoke about </li></ul>
    25. 25. Preventing Compromises and Vulnerabilities <ul><li>The type of criteria used to determine whether traffic should be allowed through varies from one type of firewall to another. </li></ul><ul><li>Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports </li></ul>
    26. 26. <ul><li>Action : </li></ul><ul><li>Select whether to Allow that type of traffic to pass threw or Block it. </li></ul><ul><li>Block All </li></ul><ul><li>Block All prevents the transmission of ANY AND ALL network traffic that is attempting to either enter or leave your computer. </li></ul><ul><li>Allow All </li></ul><ul><li>Allow All effectively disables Firewall protection for both incoming and outgoing traffic </li></ul>
    27. 27. Port Scanner: <ul><li>Port Scanner can be opened by going to tool menu and selecting port scanner from there </li></ul><ul><li>It is a Small Utility for checking a system for open ports. </li></ul><ul><li>It systematically scans the ports of the computer and report the open port to the user. </li></ul><ul><li>User then can define the rule in the firewall to close that particular port </li></ul>
    28. 28. Working of the filter: <ul><li>working of firewall is based on the following steps </li></ul><ul><li>Ø Extract the packet header </li></ul><ul><li>Ø Check the protocol associated </li></ul><ul><li>Ø Compare with the rules </li></ul><ul><li>Ø Check the source and destination add. If protocol is same </li></ul><ul><li>Ø Check out the port if protocol is TCP </li></ul>
    29. 29. Other Prevention: <ul><li>Preventing DDoS: </li></ul><ul><ul><li>Turn off ping except to trusted IP’s </li></ul></ul><ul><li>Preventing Port Scanning: </li></ul><ul><ul><li>Turn off all ports except ports needed </li></ul></ul><ul><ul><li>Use NAT to hide IP’s </li></ul></ul><ul><li>Preventing Malicious Code </li></ul><ul><ul><li>Difficult to block with firewall </li></ul></ul><ul><ul><li>Internal zones can prevent spreading and contamination </li></ul></ul>
    30. 30. Direction of Internet Vulnerabilities <ul><li>Sophistication of attacks is increasing </li></ul><ul><li>Knowledge is being passed to less knowledgeable </li></ul><ul><li>Vendor testing cycle is decreasing </li></ul><ul><ul><li>Relying on patches </li></ul></ul>
    31. 31. Direction of Internet Security <ul><li>Better encryption methods </li></ul><ul><li>Adding more security to the transport and IP layer of protocols </li></ul><ul><ul><li>IPSEC </li></ul></ul><ul><ul><ul><li>Packet level security based on socket or destination address </li></ul></ul></ul>
    32. 32. Future Improvements: <ul><li>This analysis can be extended to the level of granularity necessary to move directly into creating a program that will effectively model a firewall in a simple network. </li></ul><ul><li>It could also be extended to model a more complex firewall and/or proxy server. </li></ul>
    33. 33. We would like to thank: <ul><li>Mr.P.Ramesh(HOD) </li></ul><ul><li>& </li></ul><ul><li>Mr.E.Venkataramana(Supervisor) </li></ul><ul><li>The class for your time and patience. </li></ul>Thank you