Information system security wk6-1

611 views

Published on

If you have question
Message me!

Published in: Education, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
611
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
34
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • A stateful inspection packet firewall tightens up the rules for TCP traffic bycreating a directory of outbound TCP connections, as shown in Table 9.2 . There isan entry for each currently established connection. The packet filter will now allowincoming traffic to high-numbered ports only for those packets that fit the profile ofone of the entries in this directory.
  • Information system security wk6-1

    1. 1. IT346 Information System Security Week 6-1: Firewall (1) Faculty of Information Technology Page 1
    2. 2. OSI v.s. TCP/IP Model Application Layer Presentation Layer Application Layer Session Layer Transport Layer Transport Layer Network Layer Internet Layer Data Link Layer Host-to-Network Layer Physical Layer (Network Access) OSI Model Faculty of Information Technology TCP/IP Model Page 2
    3. 3. TCP/IP  TCP/IP (Transmission Control Protocol/ Internet Protocol) ‣ ‣ Faculty of Information Technology Page 3
    4. 4. TCP/IP Protocol  TCP/IP ‣ ‣ - ‣ Faculty of Information Technology Page 4
    5. 5. TCP/IP Model Layer Faculty of Information Technology Protocol Example Page 5
    6. 6. Encapsulation Faculty of Information Technology Page 6
    7. 7. Encapsulation  Layer ‣ Encapsulate User Application ‣ User User Data user Application Data TCP TCP Header ‣ TCP Segment IP ‣ Faculty of Information Technology IP Header Application Data TCP TCP Segment IP Page 7
    8. 8. Host-to-Network Layer  Host-to-Network Layer:  ‣ layer ‣ Layer Layer IP Packet IP ‣ IP Layer Faculty of Information Technology Page 8
    9. 9. Internet Layer  Internet Layer: ‣ packet-switching network Connectionless ( ) ‣ Packet) ‣ Faculty of Information Technology Page 9
    10. 10. Internet Layer: IP  IP (Internet Protocol) ‣ IP Network Layer (Address) IP ‣ datagram) data link MTU (Maximum Transmission Unit) IP Ethernet Faculty of Information Technology Page 10
    11. 11. Internet Layer: IP  IP (Internet Protocol) ‣ IP connectionless datagram ‣ datagram datagram fragmentation) datagram Faculty of Information Technology Page 11
    12. 12. Internet Layer: ICMP(Internet Control Message  ICMP Protocol) ‣ ICMP ‣ ICMP ‣ Faculty of Information Technology Datagram) datagram Router datagram Host ICMP Message datagram ICMP Message Error Page 12
    13. 13. Transport Layer  Transport Layer : Protocol Transmission Control Protocol (TCP) ‣ connection-oriented) Byte stream ‣ message Internet Layer ‣ TCP Faculty of Information Technology (Flow Control) message Page 13
    14. 14. Transport Layer UDP (User Datagram Protocol) ‣ connectionless) ‣ ‣ system) request/reply) client/server voice) Faculty of Information Technology Page 14
    15. 15. Application Layer  Application Layer: Telnet: Host ‣ Host FTP: ‣ FTP Faculty of Information Technology Page 15
    16. 16. Firewall?  Firewall  Firewall Faculty of Information Technology Page 16
    17. 17. Firewall  Firewall (Component)  Firewall ‣ ‣ Faculty of Information Technology Page 17
    18. 18. Firewall  ‣ ‣ Firewall (packet) Firewall  Firewall ‣ Faculty of Information Technology Page 18
    19. 19. Firewall Firewall  Firewall Network-based firewall ‣ (traffic) • Software-based firewall • Hardware-based firewall Host-based firewall ‣ Faculty of Information Technology Personal firewall Page 19
    20. 20. Firewall  Layer 1.) Packet filtering firewall ‣ route) Firewall (Router) header rules) drop) accept) 2.) Stateful inspection firewall ‣ Packet Filtering Header message content) Faculty of Information Technology Page 20
    21. 21. Firewall 3.) Application layer firewall Application Gateway Firewall ‣ ‣ ‣ Application Gateway Application Layer) Faculty of Information Technology Page 21
    22. 22. Packet Filtering Firewall Router IP address Routing Table   firewall Faculty of Information Technology (Packet Filtering) (Access Page 22
    23. 23. Packet Filtering Firewall  Firewall  ‣  ‣  ‣ Source IP address ( ‣ Destination IP Address ( ‣ Protocol Type ( Faculty of Information Technology ) ) ) Page 23
    24. 24. Packet Filtering Firewall Packet Filtering TCP  ‣ ‣ Address ‣ ‣ Faculty of Information Technology Page 24
    25. 25. Packet Filtering Firewall  ‣ ‣ (transparent)  ‣ function • Packet filter firewalls application application application firewall function ‣ Faculty of Information Technology Page 25
    26. 26. Packet Filtering Firewall  ‣ ‣ TCP/IP • address packet Layer 3 / ‣ Faculty of Information Technology Page 26
    27. 27. Stateful Inspection Firewall  Packet filter ‣ packet packet clients (1024 to 65535) TCP server packet filtering firewall (inbound traffic) TCP traffic  Faculty of Information Technology Page 27
    28. 28. Stateful Inspection Firewall  Stateful Inspection Firewall TCP traffic connection directory (Outbound) TCP  State Table Connection Source Address, Destination addresses, Protocol type, Port number Flag ‣ Faculty of Information Technology Page 28
    29. 29. Stateful Inspection Firewall  Firewall ‣ packet packet filtering firewall TCP connection TCP sequence numbers sequence number session hijacking ‣ protocols SIPS Faculty of Information Technology FTP, IM track Page 29
    30. 30. Stateful Firewall Connection State  Directory (outbound) Source TCP Destination Address Destination Port Connection State 192.168.1.100 1030 210.9.88.29 80 Established 192.168.1.102 1031 216.32.42.123 80 Established 192.168.1.101 1033 173.66.32.122 25 Established 192.168.1.106 1035 177.231.32.12 79 Established 223.43.21.231 1990 192.168.1.6 80 Established 219.22.123.32 2112 192.168.1.6 80 Established 210.99.212.18 3321 192.168.1.6 80 Established 24.102.32.23 1025 192.168.1.6 80 Established 223.21.22.12 1046 192.168.1.6 80 Established Address Faculty of Information Technology Source Port Page 30
    31. 31. Application Layer Firewall  Proxy Firewall Application Gateway   Firewall (Network Guard)  Traffic (  ) Application Layer Firewall Faculty of Information Technology Page 31
    32. 32. Application Layer Firewall  Client Proxy  Proxy connection 2 Faculty of Information Technology Service Proxy Proxy Client Client Client Proxy Page 32
    33. 33. Application Layer Firewall Application Layer Firewall Firewall Firewall  Traffic ‣ server firewall client  Application Layer Firewall firewall Faculty of Information Technology firewall application Page 33

    ×