Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Firewalls
1. FIREWALLS
Abstract:
The topic “firewalls” deals
with a software or hardware
based equipment with which
we can keep the network
secure. It has a predetermined
rule set which deals with the
packets in the network traffic.
It is pretty useful in saving the
device such as a PC, LAPTOP
or even a set of interconnected
device from external harmful
network mostly the internet. In
today’s generation of
computers and networks, the
harm from virus, worms and
Trojans have increased. These
Mostly enter into the system
through external sources such
as The Internet.
Firewall is the first
basic protection provided to
protect from such external
harm. Firewalls are divided
into various classes based
upon their uses and their
effectiveness.
The variety of firewalls used,
their kinds, and the history of
firewalls shall be covered in
this topic. There various kinds
of architectures of firewalls
present in both hardware and
software are discussed. Their
Advantages and
Disadvantages are also
mentioned.
Introduction:
A firewall is a software or
hardware application that is
used to protect the device or a
set of devices from any
external harmful data packets
network which is mostly the
internet.
It follows a set of
predefined rules, set for
filtered the data packets in
the incoming and outgoing
traffic.
Many personal
computer operating systems
such as Windows7, Ubuntu,
Linux based OS, etc have
software based firewalls.
The hardware based
firewalls in the routers that
pass data between networks.
History:
The term “firewall” originally
referred to a wall intended to
2. confine a fire or a potential
fire within a building.
Firewall technology
emerged in the 1980’s when
the internet was a fairly new
technology in terms of global
use and connectivity.
The predecessors
to firewalls for network
security were the routers used
in late 1980’s.
Generation of firewalls:
There are three generations of
firewalls:-
First Generation: packet
filters
The first paper
published on firewall
technology was in 1988 when
the engineers from Digital
Equipment Cooperation
(DEC) developed filter
systems known as packet filter
firewalls.
Packet filter act by
inspecting the “packets”
which transfer between
computers to the internet .If
the packet matches the packet
filters set of rules, the packet
filter will drop the packet by
silently discarding them or
reject it by giving error
responses to the source.
This type of packet
filtering pays no attention to
whether a packet is part of an
existing traffic stream.
Instead, it filters each packet
based only on information
contained in the packet itself
(such as source & destination
address, port no.) etc.
Second Generation-
Stateful filters:
From 1989-1990 three
colleagues from AT&T Bell
Laboratories, Dave Presetto,
Janardhan Sharma and Kshitij
Nigam, developed the second
generation of firewalls, calling
them circuit level firewalls.
Second generation
firewalls perform the work of
the first generation firewalls
but in layer 4(Transport layer)
of the OSI model. This is
achieved by retaining packets
until enough information is
available to make a judgment
of its state.
Known as stateful packet
inspection, it records all
connections passing through it
and determines whether a
packet is the start of a new
connection, a part of an
3. existing connection, or not
part of any connection.
Though static rules are
still used, these rules can now
contain connection state as
one of their test criteria.
Certain denial-of-service
attacks bombard the firewall
with thousands of fake
connection packets in an
attempt to overwhelm it by
filling its connection state
memory.
Third Generation-
Application layer:
Marcus Raman, Wei Xin and
Peter Churchyard developed
an application Firewall known
as Toolkit. Wei Xin extended
the FTWK with the kernel
enhancement of IP filter and
socket transparent.
This is known as the first
transparent Application
firewall, released as a
commercial product of
Gaunlet firewall at TIS.
The key benefit of
application layer filtering is
that it can understand certain
applications and protocols
(such as FTP, DNS and
HTTP)
This is useful as it is able
to detect if an unwanted
protocol is attempting to
bypass the firewall on an
allowed port or detect if a
protocol is being abused in
any harmful way.
As of 2012, the so called
NGFW is nothing more than
the “widen” or “deepen”
inspection at application-
stack.
Types:-
NETWORK LAYER:
Network Layer
firewalls, also called packet
filters; operate at a relatively
low-level of TCP/IP protocol
stack, not allowing packets to
pass through the firewall
unless match established rule
set.
Network firewalls are of two
types:-
(1)Stateful
(2)Stateless
(1)Stateful:- Stateful firewalls
maintain context about active
sessions and use that “state
information” to speed packet
processing. Any existing
network connection can be
4. described by several
properties, including source
and destination IP address,
UDP or TCP ports, and the
current stage of the
connections lifetime.
(2)Stateless:- Stateless
firewalls require less memory
and can be faster for simple
filters that require less time to
filter than to look up a session.
They may also be necessary
for filtering stateless network
protocols that have no concept
of a session. They can’t make
more complex decisions based
on what stage communications
between hosts have reached.
APPLICATION LAYER:
Application layer firewalls
work on the application layer
of the TCP/IP stack and may
intercept all packets traveling
to or from on application.
They block other packets.
Application firewalls
function by determining
whether a process should
accept any given connection.
Application firewalls
accomplish their function by
hooking into socket calls to
filter the connection between
the application layer and
lower layers of OSI model.
PROXIES:
A proxy server, running either
on dedicated hardware or
software or a general-purpose
machine, may act as a firewall
by responding to input packets
in the manner of an
application, while blocking
other packets.
Proxies make tampering
with an internal system from
the external network, more
difficult and misuse of one
internal system would not
necessarily cause a security
breach exploitable from
outside the firewall.
Firewall
Architectures:-
There five kinds of different
basic firewalls:
5. (1)Screening Routers:-The
simplest way to implement a
firewall is by placing packet
filters on the router itself. This
kind of architecture is
completely transparent to all
parties involved, but screening
routers leaves a chance for
“leak” out of the network.
They violate the “the choke
point principle” of firewalls.
(2)Screened Host
Gateways:- Here hosts and
routers can be used together in
firewall architecture. It is one
of the most common
combinations in use today.
All packet filtering and access
control is performed at the
router. The router permits only
that traffic that the policy
explicitly identifies.
(3)Dual Homed Gateways:-
Dual Homed Gateways places
a single machine with two
networks. Here, all users must
log in to the machine before
proceeding on to the other
network, or as a host for proxy
servers, in which user
accounts are not required.
(4)Screened Subnet:-
The screened subnet approach
takes the idea of a screened
host gateway one step further.
The screening router is still
present as the first point of
entry into the corporate
network, and screens
incoming traffic between the
Internet and the public hosts.
The functions of that gateway
are spread among multiple
hosts. For e.g., one of the
hosts could be a Web server,
another could serve as the
anonymous FTP server, and
yet a third as the proxy server
host, from which all
connections to and from the
internal corporate are made.
(5)Belt and Suspenders
approach:-
It takes the approach of the
screened subnet and extends
still another step further. Here
an external screening router
protects "public" machines
from the Internet. The
functions of gateway are split:
the proxy server host now
resides on the DMZ subnet,
while an internal screening
router serves to protect the
internal network from the
public machines. This
6. architecture is often called the
"belt-and-suspenders"
architecture.
Advantages and
Disadvantages:
Advantages:
• Protect the computer
from “bad” network and
give a steady interface
for network.
• Protect the system from
external attack of worms
and viruses.
• Help in recognition of
threats and disturbances
easily.
Disadvantages:
• Cannot protect from
internal attacks, such as
a malicious code being
executed.
• Unaffected on
organizations with
greater insider threat
such as Banks and
Military.
• Protection is supposed to
be present in every layer
and assess the threats
too. Firewall does not
give protection in every
layer.
• Cannot protect against
transfer of all virus
infected programs or
files because of huge
range of operating
system and file types.
Conclusion:-
Firewalls in today’s
generation of networks and
computer are necessary.
Every computer and Router is
provided with the software or
hardware form of firewalls for
protection.
Firewalls are of various types
and each type is implemented
based upon the security
required for network or
computer. Firewalls have
several advantages and
disadvantages, we need to
counter the disadvantages of
firewalls and better them for
higher protection of our
systems and servers.