CONTENTS <ul><li>INTRODUCTION. </li></ul><ul><li>KEYWORDS </li></ul><ul><li>WHAT IS FIREWALL ? </li></ul><ul><li>WHY WE NEED FIREWALL ? </li></ul><ul><li>WHY NOT OTHER SECURITY MECHANISM ? </li></ul><ul><li>HOW FIREWALL WORKS ? </li></ul><ul><li>WHAT IT DOES ? </li></ul><ul><li>TYPES OF FIREWALL </li></ul><ul><li>WHAT IT PROTECTS YOU FROM ? </li></ul><ul><li>LIMITATION </li></ul><ul><li>CONCLUSION </li></ul>
COMPUER NETWORKS ARE TYPICALLY A SHARED RESOURCES USED BY MANY APPLICATIONS FOR MANY DIFFERENT PURPOSES. SOMETIMES THE DATA TRANSMITTED BETWEEN APPLICATION PROCESS IS CONFIDENTIAL, AND THE APPLICATIONS WOULD PREFER THAT OTHERS NOT BE ABLE TO READ IT .BUT THE PROBLEM ARISES WHEN SOMEONE ELSE WANT TO MANIPULATE WITH YOUR DATA .TO BUILD A SYSTEM THAT MINIMIZES THE RISK OF SECURITY,IS A DIFFICULT TASK. HOWEVER THERE ARE SOME ALOGORITHMS AND PROTOCOLS AVAILABLE. ONE OF THEM IS “FIREWALL”. INTRODUCTION
KEY WORDS DSL # Digital Subscriber Line . A family of standards for transmitting data over twisted pair telephone lines at multi mega bit per second speeds. FTP # File Transfer Protocol . The standard protocol of the internet - architecture for transferring files between hosts. HTTP # Hyper Text Transfer Protocol . An application level protocol based on a request /reply paradigm and used in WWW. ISDN # Integrated Service Digital Network . A digital communication service offered by telephone carriers and standardized by ITU-T . PROXY # an agent sitting between a client and server that intercepts messages and provides some service . SMTP # Simple Mail Transfer Protocol . The electronic mail protocol of the internet . URL # Uniform Resource Locator. A text string used to identify the location of internet resources.
What is firewall ? A firewall is a specially programmed router that sits between a site and the rest of the network . It is used to enforce security policy . In simple words, firewall is a barrier to keep destructive forces away from your property .
2.why we need FIREWWALL ? <ul><li>This is useful if you don’t want eternal users to access a particular host or service within your site . </li></ul><ul><li>The firewall might also filter packets based on source’s IP address .This is useful in securing data. </li></ul><ul><li>This is useful if u want to protect hosts within the site from an unwanted flood of packets from an external host . </li></ul><ul><li>It is called as Denial f service attack. </li></ul>
Why not other security mechanism ? O f course,there are many other mechanisms available like , cryptographic algorithm , authentication protocols ,message integrity protocols, PGP,secure shell,IP security(IPSEC)and many more . When you tried to establish a connection to a node using,say,IPSEC ,you would have to authenticate yourself as a valid peer . There are 2 reasons . Firstly , the other security measures described are not widely developed . Getting security algorithms and protocols right is very difficult task , and so FIREWALL have been devised as a stop gap measure while we wait for IPSEC . Secondly , it allows the system administrator to implement a security policy in one centralized place .
WHAT IT DOES ? IF you know a good bit about how data moves in internet , and you can see easily how a firewall helps protect computers inside a large company . Let’s say that you work at a company with 500 employees . The company will therefore have hundreds of computers that all have network cards connecting them together . In addition , the company will have one or more connections to the internet through something like t1 or t3 lines . Without a firewall in place, all of those hundreds of computers are directly accessible to anyone on the internet . A person who knows what he or she is doing can probe those computers ,try to make FTP connections to them , try to make TELNET connections to them and so on. If one employee makes a mistake and leaves a security hole, hackers can get to the machine and exploit the hole. With a firewall in place, the landscape is much different . A company will place a firewall at every connection to the internet . The firewall can implement security rules. A company can set rules like this for FTP servers,web servers, telnet servers and so on . In addition ,the company can can control how employees connect to web sites,whether files are allowed to leave the company over the network and so on . A FIREWALL gives company tremendous control over how people use the network.
Types of firewalls ? Firewalls use one or more of three methods to control traffic flowing in and out of the network . 1 # FILTER BASED FIREWALL 2# PROXY BASED FIREWALL 3# STATEFUL INSPECTION Filter based firewalls are configured with a table of addresses that characterize the packets they will , and will not, forward . By addresses, we mean more than just the destination’s IP address,although this in one possibility. Ex : (*,*,18.104.22.168,80) Generally. Each entry in the table is a 4tuple : it gives the IP address and TCP port number for both source and destination . It sometimes called as LEVEL 4 SWITCHES. To understand proxy based firewalls works and why you would want one - consider a corporate web server,where the company wants to make some the servers page accessible to all external users ,but it wants to restrict certain of the pages to corporate users at one or more remote sites . Continues……...
The solution is to put an HTTP proxy on the firewall . Remote users establish an HTTP/TCP connection to the proxy , which looks at the URL contained in the request message . If the requested page is allowed for source host,the proxy establishes a second HTTP/TCP connection to the server and forwards the request on to the server. The proxy then forwards the response in the reverse direction between the two TCP connection. A newer method that doesn’t examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics . If the comparison yields a reasonable match, the information is allowed through . Otherwise it is discarded .
What it protects you from ? <ul><li>Remote login </li></ul><ul><li>Application backdoor </li></ul><ul><li>Denial of service </li></ul><ul><li>E-mail bombs </li></ul><ul><li>Macros </li></ul><ul><li>Viruses </li></ul><ul><li>OS Bugs </li></ul>
We conclude this discussion by observing that while a traditional firewall protects internal users from external users, it does nothing to protect or isolate internal users from each other. LIMITATIONS
The level of security you establish will determine how many of these threats can be stopped by your firewall . The highest level of security would be simply block everything . Obviously that defeats the purpose of having an internet connection . But a common rule of thumb is to block everything,then begin to select what types of traffic you will allow . One of the best things about a firewall from a security standpoint is that it stops anyone on the outside from logging onto a computer in your private network . While this is a big deal for businesses. In general,it is impossible for existing firewalls to know who is accessing the work and, therefore ,who has the ability to connect to other machines on the network . Ultimately , security mechanisms like IPSEC are probably required to support such a level of security . Still ,putting a firewall in place provides some “ peace of mind “. conclusion