SlideShare a Scribd company logo

Cyber Security - Firewall and Packet Filters

Download as PPTX, PDF
Radhika Talaviya
Radhika Talaviya

A firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. Packet filter is a hardware or software designed to block or allow transmission of packets based on criteria such as port, IP address, protocol.

Engineering
1 of 29
SHREE SWAMI ATMANAND SARASWATI INSTITUTE OF TECHNOLOGY Cyber Security (2150002) PREPARED BY: ( Group:2) BHUMI AGHERA(130760107001) MONIKA DUDHAT(130760107007) RADHIKA TALAVIYA(130760107029) RAJVI VAGHASIYA(130760107031) Firewall and Packet Filters GUIDED BY: Prof. Disha Goradiya
Firewall • “A firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.” • A firewall typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet, that is assumed to not be secure or trusted. • Firewalls are often categorized as either network firewalls or host-based firewalls. • Network firewalls are a software appliance running on general purpose hardware or hardware-based firewall computer appliances that filter traffic between two or more networks. • Host-based firewalls provide a layer of software on one host that controls network traffic in and out of that single machine.
Firewall • A network firewall is similar to firewalls in building construction, because in both cases they are intended to isolate one "network" or "compartment“ from another. Firewall
Relevant OSI Layers for Firewall Operation
Firewall OSI Layer • Firewalls operate at different layers in network • Firewalls that can examine information at more than one layer is more thorough and effective • A firewall that works with layers 2 and 3 does deal with specific users • A firewall at application layer like an application-proxy gateway firewall • can enforce user authentication as well as logging events to specific users.
Firewall Characteristics • Design goals: 1. All traffic form the inside to outside must pass through the firewall (physically blocking all access to the local network except via firewall). 2. Only Authorized traffic ( defined by the local security policy) will be allowed to pass. 3. The firewall itself is immune to penetration(use of trusted systems with secure operating system)
Firewall Characteristics • Four General Technologies: 1. Service Control: determines the types of the internet services that can be accessed, in bounded or out bounded. 2. Direction Control: determines the direction in which particular services requests are allowed to flow. 3. User Control: controls access to a service according to which user is attempting to access it. 4. Behavior Control: controls how particular service are used(e.g. filter e-mail).
Firewall Policies • To protect private networks and individual machines from the dangers of the greater Internet, a firewall can be employed to filter incoming or outgoing traffic based on a predefined set of rules called firewall policies.
Policy Actions • Packets flowing through a firewall can have one of three outcomes: – Accepted: permitted through the firewall – Dropped: not allowed through with no indication of failure – Rejected: not allowed through, accompanied by an attempt to inform the source that the packet was rejected • Policies used by the firewall to handle packets are based on several properties of the packets being inspected, including the protocol used, such as: – TCP or UDP – the source and destination IP addresses – the source and destination ports – the application-level payload of the packet (e.g., whether it contains a virus).
Blacklists and White Lists • There are two fundamental approaches to creating firewall policies (or rulesets) to effectively minimize vulnerability to the outside world while maintaining the desired functionality for the machines in the trusted internal network (or individual computer). • Blacklist approach – All packets are allowed through except those that fit the rules defined specifically in a blacklist. – This type of configuration is more flexible in ensuring that service to the internal network is not disrupted by the firewall, but is naïve from a security perspective in that it assumes the network administrator can enumerate all of the properties of malicious traffic. • Whitelist approach – A safer approach to defining a firewall ruleset is the default-deny policy, in which packets are dropped or rejected unless they are specifically allowed by the firewall.
State • A state is a dynamic rule created by the firewall containing the source-destination port combination, allowing the desired return traffic to pass the firewall. • A single computer could have hundreds of states depending on the number of established connection. • Consider a server supporting POP3, FTP, WWW, and Telnet/SSH access.It could have thousands of states. • Without state, your request for traffic would leave the firewall but the reply would be blocked.
Firewall Types • packet filters (stateless) – If a packet matches the packet filter's set of rules, the packet filter will drop or accept it. • "stateful" filters – it maintains records of all connections passing through it and can determine if a packet is either the start of a new connection, a part of an existing connection, or is an invalid packet. • application layer – It works like a proxy it can “understand” certain applications and protocols. – It may inspect the contents of the traffic, blocking what it views as inappropriate content (i.e. websites, viruses, vulnerabilities, ...)
Stateless Firewalls • A stateless firewall doesn’t maintain any remembered context (or “state”) with respect to the packets it is processing. Instead, it treats each packet attempting to travel through it in isolation without considering packets that it has processed previously.
Stateless Restrictions • Stateless firewalls may have to be fairly restrictive in order to prevent most attacks.
Statefull Firewalls • Stateful firewalls can tell when packets are part of legitimate sessions originating within a trusted network. • Stateful firewalls maintain tables containing information on each active connection, including the IP addresses, ports, and sequence numbers of packets. • Using these tables, stateful firewalls can allow only inbound TCP packets that are in response to a connection initiated from within the internal network.
Statefull Firewall Example • Allow only requested TCP connections.
Why use a firewall? • Protect a wide range of machines from general probes and many attacks. • Provides some protection for machines lacking in security. • Prevent viruses and worms on your network. • Prevent malicious attackers from getting into your network. • Prevent adware, malware, and spyware. • Prevent loss of sensitive or valuable company information. • Prevent Denial of Service (DoS) attack. • Acting as a forensics tool. • Authenticate users, log users (accounting), and authorize users only for certain content or application.
Windows Firewall • In 2003, Sasser worm and blaster worm attacked a large number of Windows machines, taking advantage of flaws in the RPC Windows service. Adding to that, Microsoft was criticized for not being active in protecting customers from threats. Therefore, Microsoft decided to improve both functionality and the interface of Windows XP’s built-in firewall, and rebrand it as: “Windows Firewall”. • Windows Firewall helps protecting your computer by preventing unauthorized users from gaining access to your computer through a network or internet.
Windows Firewall
Linux Firewall • Use GUI (Applications ->System Settings-> Security Level) to activate the firewall • Allow standard services and any specific port based application • All other services and ports are blocked
Linux Firewall- SELinux • Malicious or broken software can have root-level access to the entire system by running as a root process. • SELinux (Security Enhanced Linux) provides enhanced security. • Through SELinux policies, a process can be granted just the permissions it needs to be functional, thus reducing the risk • SELinux can take one of these three values 1. Enforcing: SELinux security policy is enforced. 2. permissive: SELinux prints warnings instead of enforching. 3. Disabled: SELinux is fully disabled.
SELinux Configuration • Use GUI (Applications ->System Settings-> Security Level) to activate SELinux • Enable/Disable SELinux • Allow standard features in various services (http,nis,nfs,dns etc.) • All other services and features are blocked
Packet Filter • “Packet filter is a hardware or software designed to block or allow transmission of packets based on criteria such as port, IP address, protocol.” • To control movement of traffic through the network perimeter, know how packets are structured and what goes into packet headers • Packet filter inspects packet headers before sending packets on to specific locations within the network. • Packet filter operate on 2/3 OSI layer. • A variety of hardware devices and software programs perform packet filtering.  Router: Probably most common packet filters  Operating system: Some have built-in utilities to filter packets on TCP/IP stack of the server software.  Software firewall: Most enterprise-level programs and personal firewalls filter packets.
Anatomy of a Packet Header • Header – Contains IP source and destination addresses – Not visible to end users • Data – Contains the information that it is intending to send (e.g., body of an e-mail message) – Visible to the recipient stnusers Data Contains the information that it is intending to send (e.g., body of an e-mail message) Visible to the recipient
Anatomy of a Packet
Packet-Filtering Rules • Packet filtering: procedure by which packet headers are inspected by a router or firewall to make a decision on whether to let the packet pass • Header information is evaluated and compared to rules that have been set up (Allow or Deny) • Packet filters examine only the header of the packet (application proxies examine data in the packet) • Drop all inbound connection; allow only outbound connection on ports 80, 25,and 21. • Eliminate packets bound for ports that should not be available to the internet(e.g., NetBIOS)
Packet-Filtering Rules • Filter out ICMP redirect or echo(ping) message (may indicate hackers are attempting to locate open ports or host IP addresses) • Drop packets that use IP header source routing feature. • Set up an access list that includes all computers in the local network by name or IP address so communications can flow between them • Allow all traffic between “trusted” hosts • Set up rules yourself
Common Ports 80 HTTP 443 HTTPS 21 FTP 23 Telnet 22 SSH 25 SMTP
Cyber Security - Firewall and Packet Filters

Recommended

Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
ajeet singh
 
Firewall
FirewallFirewall
Firewall
Nilkanth Shingala
 
Lecture 4 firewalls
Lecture 4 firewallsLecture 4 firewalls
Lecture 4 firewalls
rajakhurram
 
Firewalls
FirewallsFirewalls
Firewalls
University of Central Punjab
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
sweta dargad
 
Hardware firewall
Hardware firewallHardware firewall
Hardware firewall
Subrata Kumer Paul
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewall
Mhmud Khraibene
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purpose
Rohit Phulsunge
 

Recommended

Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
ajeet singh
 
Firewall
FirewallFirewall
Firewall
Nilkanth Shingala
 
Lecture 4 firewalls
Lecture 4 firewallsLecture 4 firewalls
Lecture 4 firewalls
rajakhurram
 
Firewalls
FirewallsFirewalls
Firewalls
University of Central Punjab
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
sweta dargad
 
Hardware firewall
Hardware firewallHardware firewall
Hardware firewall
Subrata Kumer Paul
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewall
Mhmud Khraibene
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purpose
Rohit Phulsunge
 
Firewall management introduction
Firewall management introductionFirewall management introduction
Firewall management introduction
Raghava Sharma
 
Seminar
SeminarSeminar
Seminar
Abhinav Kushwah
 
What is firewall
What is firewallWhat is firewall
What is firewall
Harshana Jayarathna
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8limsh
 
Firewall configuration
Firewall configurationFirewall configuration
Firewall configuration
Nutan Kumar Panda
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
Coder Tech
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
Anthony Daniel
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Types
crisma baby mathew
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
MOHIT AGARWAL
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
Hem Pokhrel
 
Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 
Network defenses
Network defensesNetwork defenses
Network defenses
G Prachi
 
Windows 7 firewall & its configuration
Windows 7 firewall & its configurationWindows 7 firewall & its configuration
Windows 7 firewall & its configuration
Soban Ahmad
 
Firewalls
FirewallsFirewalls
FirewallsIsrael Marcus
 
Firewall
FirewallFirewall
Firewall
nayakslideshare
 
Firewall and its configuration
Firewall and its configurationFirewall and its configuration
Firewall and its configuration
Muhammad Baqar Kazmi
 
Firewalls
FirewallsFirewalls
Firewalls
Sonali Parab
 
Firewall
FirewallFirewall
FirewallShivank Shah
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
skpatel91
 
Intoduction to Network Security NS1
Intoduction to Network Security NS1Intoduction to Network Security NS1
Intoduction to Network Security NS1koolkampus
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
Divya Jyoti
 
Firewalls
FirewallsFirewalls
Firewalls
vaishnavi
 

More Related Content

What's hot

Firewall management introduction
Firewall management introductionFirewall management introduction
Firewall management introduction
Raghava Sharma
 
Seminar
SeminarSeminar
Seminar
Abhinav Kushwah
 
What is firewall
What is firewallWhat is firewall
What is firewall
Harshana Jayarathna
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8limsh
 
Firewall configuration
Firewall configurationFirewall configuration
Firewall configuration
Nutan Kumar Panda
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
Coder Tech
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
Anthony Daniel
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Types
crisma baby mathew
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
MOHIT AGARWAL
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
Hem Pokhrel
 
Network defenses
Network defensesNetwork defenses
Network defenses
G Prachi
 
Windows 7 firewall & its configuration
Windows 7 firewall & its configurationWindows 7 firewall & its configuration
Windows 7 firewall & its configuration
Soban Ahmad
 
Firewall
FirewallFirewall
Firewall
nayakslideshare
 
Firewall and its configuration
Firewall and its configurationFirewall and its configuration
Firewall and its configuration
Muhammad Baqar Kazmi
 
Firewalls
FirewallsFirewalls
Firewalls
Sonali Parab
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
skpatel91
 
Intoduction to Network Security NS1
Intoduction to Network Security NS1Intoduction to Network Security NS1
Intoduction to Network Security NS1koolkampus
 

What's hot (20)

Firewall management introduction
Firewall management introductionFirewall management introduction
Firewall management introduction
 
Seminar
SeminarSeminar
Seminar
 
What is firewall
What is firewallWhat is firewall
What is firewall
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8
 
Firewall configuration
Firewall configurationFirewall configuration
Firewall configuration
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Types
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
 
Firewalls
FirewallsFirewalls
Firewalls
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
Windows 7 firewall & its configuration
Windows 7 firewall & its configurationWindows 7 firewall & its configuration
Windows 7 firewall & its configuration
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall
FirewallFirewall
Firewall
 
Firewall and its configuration
Firewall and its configurationFirewall and its configuration
Firewall and its configuration
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall
FirewallFirewall
Firewall
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
 
Intoduction to Network Security NS1
Intoduction to Network Security NS1Intoduction to Network Security NS1
Intoduction to Network Security NS1
 

Similar to Cyber Security - Firewall and Packet Filters

Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
Divya Jyoti
 
Firewalls
FirewallsFirewalls
Firewalls
vaishnavi
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
ajeet singh
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
Jainam Shah
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
ssuser530a07
 
Information Security (Firewall)
Information Security (Firewall)Information Security (Firewall)
Information Security (Firewall)
Zara Nawaz
 
Firewall (2)
Firewall (2)Firewall (2)
Firewall (2)
marghali
 
Firewall
FirewallFirewall
Firewall
Saurabh Chauhan
 
Firewall
FirewallFirewall
Firewall
Tapan Khilar
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ finalpg13tarun_g
 
CSC437-Fall2013-Module-7-Firewalls-IDS.pdf
CSC437-Fall2013-Module-7-Firewalls-IDS.pdfCSC437-Fall2013-Module-7-Firewalls-IDS.pdf
CSC437-Fall2013-Module-7-Firewalls-IDS.pdf
ssuser1f1964
 
firrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptxfirrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptx
fatimagull32
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
ShreyaBanerjee52
 
Module 7 Firewalls Part - 2 Presentation
Module 7 Firewalls Part - 2 PresentationModule 7 Firewalls Part - 2 Presentation
Module 7 Firewalls Part - 2 Presentation
9921103075
 
Firewallpresentation 100826052003-phpapp02(1)
Firewallpresentation 100826052003-phpapp02(1)Firewallpresentation 100826052003-phpapp02(1)
Firewallpresentation 100826052003-phpapp02(1)
Prabhdeep Kaur
 
Cryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdfCryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdf
ahmeddeath6
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.
abidhassan225
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
Dr. Shivashankar
 

Similar to Cyber Security - Firewall and Packet Filters (20)

Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 
Information Security (Firewall)
Information Security (Firewall)Information Security (Firewall)
Information Security (Firewall)
 
Firewall (2)
Firewall (2)Firewall (2)
Firewall (2)
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ final
 
CSC437-Fall2013-Module-7-Firewalls-IDS.pdf
CSC437-Fall2013-Module-7-Firewalls-IDS.pdfCSC437-Fall2013-Module-7-Firewalls-IDS.pdf
CSC437-Fall2013-Module-7-Firewalls-IDS.pdf
 
firrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptxfirrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptx
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 
Module 7 Firewalls Part - 2 Presentation
Module 7 Firewalls Part - 2 PresentationModule 7 Firewalls Part - 2 Presentation
Module 7 Firewalls Part - 2 Presentation
 
Divyanshu.pptx
Divyanshu.pptxDivyanshu.pptx
Divyanshu.pptx
 
Firewall
FirewallFirewall
Firewall
 
Firewallpresentation 100826052003-phpapp02(1)
Firewallpresentation 100826052003-phpapp02(1)Firewallpresentation 100826052003-phpapp02(1)
Firewallpresentation 100826052003-phpapp02(1)
 
Cryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdfCryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdf
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
 

More from Radhika Talaviya

General Packet Radio Service(GPRS)
General Packet Radio Service(GPRS)General Packet Radio Service(GPRS)
General Packet Radio Service(GPRS)
Radhika Talaviya
 
The Phases of a Compiler
The Phases of a CompilerThe Phases of a Compiler
The Phases of a Compiler
Radhika Talaviya
 
screen speculo - Miracast android Project
screen speculo - Miracast android Projectscreen speculo - Miracast android Project
screen speculo - Miracast android Project
Radhika Talaviya
 
MICROPROCESSOR AND INTERFACING
MICROPROCESSOR AND INTERFACING MICROPROCESSOR AND INTERFACING
MICROPROCESSOR AND INTERFACING
Radhika Talaviya
 
Assembler - System Programming
Assembler - System ProgrammingAssembler - System Programming
Assembler - System Programming
Radhika Talaviya
 
Classes, Objects and Method - Object Oriented Programming with Java
Classes, Objects and Method - Object Oriented Programming with JavaClasses, Objects and Method - Object Oriented Programming with Java
Classes, Objects and Method - Object Oriented Programming with Java
Radhika Talaviya
 
Shopping At Mall without standing in Queue for Bill Payment by Scanning Bar c...
Shopping At Mall without standing in Queue for Bill Payment by Scanning Bar c...Shopping At Mall without standing in Queue for Bill Payment by Scanning Bar c...
Shopping At Mall without standing in Queue for Bill Payment by Scanning Bar c...
Radhika Talaviya
 
Analysis and Design of Algorithms -Sorting Algorithms and analysis
Analysis and Design of Algorithms -Sorting Algorithms and analysisAnalysis and Design of Algorithms -Sorting Algorithms and analysis
Analysis and Design of Algorithms -Sorting Algorithms and analysis
Radhika Talaviya
 
Computer Organization
Computer Organization Computer Organization
Computer Organization
Radhika Talaviya
 
Stack
StackStack
Stack
Radhika Talaviya
 
Level, Role, and Skill manager
Level, Role, and Skill managerLevel, Role, and Skill manager
Level, Role, and Skill manager
Radhika Talaviya
 
Dbms relational model
Dbms relational modelDbms relational model
Dbms relational model
Radhika Talaviya
 
Global environmental essue
Global environmental essueGlobal environmental essue
Global environmental essue
Radhika Talaviya
 
Reflection of girls life
Reflection of girls lifeReflection of girls life
Reflection of girls life
Radhika Talaviya
 
Nanophysics
NanophysicsNanophysics
Nanophysics
Radhika Talaviya
 
I'm ok you're ok
I'm ok you're okI'm ok you're ok
I'm ok you're ok
Radhika Talaviya
 

More from Radhika Talaviya (16)

General Packet Radio Service(GPRS)
General Packet Radio Service(GPRS)General Packet Radio Service(GPRS)
General Packet Radio Service(GPRS)
 
The Phases of a Compiler
The Phases of a CompilerThe Phases of a Compiler
The Phases of a Compiler
 
screen speculo - Miracast android Project
screen speculo - Miracast android Projectscreen speculo - Miracast android Project
screen speculo - Miracast android Project
 
MICROPROCESSOR AND INTERFACING
MICROPROCESSOR AND INTERFACING MICROPROCESSOR AND INTERFACING
MICROPROCESSOR AND INTERFACING
 
Assembler - System Programming
Assembler - System ProgrammingAssembler - System Programming
Assembler - System Programming
 
Classes, Objects and Method - Object Oriented Programming with Java
Classes, Objects and Method - Object Oriented Programming with JavaClasses, Objects and Method - Object Oriented Programming with Java
Classes, Objects and Method - Object Oriented Programming with Java
 
Shopping At Mall without standing in Queue for Bill Payment by Scanning Bar c...
Shopping At Mall without standing in Queue for Bill Payment by Scanning Bar c...Shopping At Mall without standing in Queue for Bill Payment by Scanning Bar c...
Shopping At Mall without standing in Queue for Bill Payment by Scanning Bar c...
 
Analysis and Design of Algorithms -Sorting Algorithms and analysis
Analysis and Design of Algorithms -Sorting Algorithms and analysisAnalysis and Design of Algorithms -Sorting Algorithms and analysis
Analysis and Design of Algorithms -Sorting Algorithms and analysis
 
Computer Organization
Computer Organization Computer Organization
Computer Organization
 
Stack
StackStack
Stack
 
Level, Role, and Skill manager
Level, Role, and Skill managerLevel, Role, and Skill manager
Level, Role, and Skill manager
 
Dbms relational model
Dbms relational modelDbms relational model
Dbms relational model
 
Global environmental essue
Global environmental essueGlobal environmental essue
Global environmental essue
 
Reflection of girls life
Reflection of girls lifeReflection of girls life
Reflection of girls life
 
Nanophysics
NanophysicsNanophysics
Nanophysics
 
I'm ok you're ok
I'm ok you're okI'm ok you're ok
I'm ok you're ok
 

Recently uploaded

AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdfAKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
SamSarthak3
 
ASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdf
AhmedHussein950959
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
Pipe Restoration Solutions
 
MCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdfMCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdf
Osamah Alsalih
 
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdfTop 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Teleport Manpower Consultant
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
JoytuBarua2
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
AmarGB2
 
The role of big data in decision making.
The role of big data in decision making.The role of big data in decision making.
The role of big data in decision making.
ankuprajapati0525
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
obonagu
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
WENKENLI1
 
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdfH.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
MLILAB
 
road safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdfroad safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdf
VENKATESHvenky89705
 
Fundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptxFundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptx
manasideore6
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
FluxPrime1
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Sreedhar Chowdam
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
ongomchris
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
Kamal Acharya
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
fxintegritypublishin
 

Recently uploaded (20)

AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdfAKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
 
ASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdf
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
 
MCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdfMCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdf
 
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdfTop 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
 
The role of big data in decision making.
The role of big data in decision making.The role of big data in decision making.
The role of big data in decision making.
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
 
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdfH.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
 
road safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdfroad safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdf
 
Fundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptxFundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptx
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
 

Cyber Security - Firewall and Packet Filters

  • 1. SHREE SWAMI ATMANAND SARASWATI INSTITUTE OF TECHNOLOGY Cyber Security (2150002) PREPARED BY: ( Group:2) BHUMI AGHERA(130760107001) MONIKA DUDHAT(130760107007) RADHIKA TALAVIYA(130760107029) RAJVI VAGHASIYA(130760107031) Firewall and Packet Filters GUIDED BY: Prof. Disha Goradiya
  • 2. Firewall • “A firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.” • A firewall typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet, that is assumed to not be secure or trusted. • Firewalls are often categorized as either network firewalls or host-based firewalls. • Network firewalls are a software appliance running on general purpose hardware or hardware-based firewall computer appliances that filter traffic between two or more networks. • Host-based firewalls provide a layer of software on one host that controls network traffic in and out of that single machine.
  • 3. Firewall • A network firewall is similar to firewalls in building construction, because in both cases they are intended to isolate one "network" or "compartment“ from another. Firewall
  • 4. Relevant OSI Layers for Firewall Operation
  • 5. Firewall OSI Layer • Firewalls operate at different layers in network • Firewalls that can examine information at more than one layer is more thorough and effective • A firewall that works with layers 2 and 3 does deal with specific users • A firewall at application layer like an application-proxy gateway firewall • can enforce user authentication as well as logging events to specific users.
  • 6. Firewall Characteristics • Design goals: 1. All traffic form the inside to outside must pass through the firewall (physically blocking all access to the local network except via firewall). 2. Only Authorized traffic ( defined by the local security policy) will be allowed to pass. 3. The firewall itself is immune to penetration(use of trusted systems with secure operating system)
  • 7. Firewall Characteristics • Four General Technologies: 1. Service Control: determines the types of the internet services that can be accessed, in bounded or out bounded. 2. Direction Control: determines the direction in which particular services requests are allowed to flow. 3. User Control: controls access to a service according to which user is attempting to access it. 4. Behavior Control: controls how particular service are used(e.g. filter e-mail).
  • 8. Firewall Policies • To protect private networks and individual machines from the dangers of the greater Internet, a firewall can be employed to filter incoming or outgoing traffic based on a predefined set of rules called firewall policies.
  • 9. Policy Actions • Packets flowing through a firewall can have one of three outcomes: – Accepted: permitted through the firewall – Dropped: not allowed through with no indication of failure – Rejected: not allowed through, accompanied by an attempt to inform the source that the packet was rejected • Policies used by the firewall to handle packets are based on several properties of the packets being inspected, including the protocol used, such as: – TCP or UDP – the source and destination IP addresses – the source and destination ports – the application-level payload of the packet (e.g., whether it contains a virus).
  • 10. Blacklists and White Lists • There are two fundamental approaches to creating firewall policies (or rulesets) to effectively minimize vulnerability to the outside world while maintaining the desired functionality for the machines in the trusted internal network (or individual computer). • Blacklist approach – All packets are allowed through except those that fit the rules defined specifically in a blacklist. – This type of configuration is more flexible in ensuring that service to the internal network is not disrupted by the firewall, but is naïve from a security perspective in that it assumes the network administrator can enumerate all of the properties of malicious traffic. • Whitelist approach – A safer approach to defining a firewall ruleset is the default-deny policy, in which packets are dropped or rejected unless they are specifically allowed by the firewall.
  • 11. State • A state is a dynamic rule created by the firewall containing the source-destination port combination, allowing the desired return traffic to pass the firewall. • A single computer could have hundreds of states depending on the number of established connection. • Consider a server supporting POP3, FTP, WWW, and Telnet/SSH access.It could have thousands of states. • Without state, your request for traffic would leave the firewall but the reply would be blocked.
  • 12. Firewall Types • packet filters (stateless) – If a packet matches the packet filter's set of rules, the packet filter will drop or accept it. • "stateful" filters – it maintains records of all connections passing through it and can determine if a packet is either the start of a new connection, a part of an existing connection, or is an invalid packet. • application layer – It works like a proxy it can “understand” certain applications and protocols. – It may inspect the contents of the traffic, blocking what it views as inappropriate content (i.e. websites, viruses, vulnerabilities, ...)
  • 13. Stateless Firewalls • A stateless firewall doesn’t maintain any remembered context (or “state”) with respect to the packets it is processing. Instead, it treats each packet attempting to travel through it in isolation without considering packets that it has processed previously.
  • 14. Stateless Restrictions • Stateless firewalls may have to be fairly restrictive in order to prevent most attacks.
  • 15. Statefull Firewalls • Stateful firewalls can tell when packets are part of legitimate sessions originating within a trusted network. • Stateful firewalls maintain tables containing information on each active connection, including the IP addresses, ports, and sequence numbers of packets. • Using these tables, stateful firewalls can allow only inbound TCP packets that are in response to a connection initiated from within the internal network.
  • 16. Statefull Firewall Example • Allow only requested TCP connections.
  • 17. Why use a firewall? • Protect a wide range of machines from general probes and many attacks. • Provides some protection for machines lacking in security. • Prevent viruses and worms on your network. • Prevent malicious attackers from getting into your network. • Prevent adware, malware, and spyware. • Prevent loss of sensitive or valuable company information. • Prevent Denial of Service (DoS) attack. • Acting as a forensics tool. • Authenticate users, log users (accounting), and authorize users only for certain content or application.
  • 18. Windows Firewall • In 2003, Sasser worm and blaster worm attacked a large number of Windows machines, taking advantage of flaws in the RPC Windows service. Adding to that, Microsoft was criticized for not being active in protecting customers from threats. Therefore, Microsoft decided to improve both functionality and the interface of Windows XP’s built-in firewall, and rebrand it as: “Windows Firewall”. • Windows Firewall helps protecting your computer by preventing unauthorized users from gaining access to your computer through a network or internet.
  • 20. Linux Firewall • Use GUI (Applications ->System Settings-> Security Level) to activate the firewall • Allow standard services and any specific port based application • All other services and ports are blocked
  • 21. Linux Firewall- SELinux • Malicious or broken software can have root-level access to the entire system by running as a root process. • SELinux (Security Enhanced Linux) provides enhanced security. • Through SELinux policies, a process can be granted just the permissions it needs to be functional, thus reducing the risk • SELinux can take one of these three values 1. Enforcing: SELinux security policy is enforced. 2. permissive: SELinux prints warnings instead of enforching. 3. Disabled: SELinux is fully disabled.
  • 22. SELinux Configuration • Use GUI (Applications ->System Settings-> Security Level) to activate SELinux • Enable/Disable SELinux • Allow standard features in various services (http,nis,nfs,dns etc.) • All other services and features are blocked
  • 23. Packet Filter • “Packet filter is a hardware or software designed to block or allow transmission of packets based on criteria such as port, IP address, protocol.” • To control movement of traffic through the network perimeter, know how packets are structured and what goes into packet headers • Packet filter inspects packet headers before sending packets on to specific locations within the network. • Packet filter operate on 2/3 OSI layer. • A variety of hardware devices and software programs perform packet filtering.  Router: Probably most common packet filters  Operating system: Some have built-in utilities to filter packets on TCP/IP stack of the server software.  Software firewall: Most enterprise-level programs and personal firewalls filter packets.
  • 24. Anatomy of a Packet Header • Header – Contains IP source and destination addresses – Not visible to end users • Data – Contains the information that it is intending to send (e.g., body of an e-mail message) – Visible to the recipient stnusers Data Contains the information that it is intending to send (e.g., body of an e-mail message) Visible to the recipient
  • 25. Anatomy of a Packet
  • 26. Packet-Filtering Rules • Packet filtering: procedure by which packet headers are inspected by a router or firewall to make a decision on whether to let the packet pass • Header information is evaluated and compared to rules that have been set up (Allow or Deny) • Packet filters examine only the header of the packet (application proxies examine data in the packet) • Drop all inbound connection; allow only outbound connection on ports 80, 25,and 21. • Eliminate packets bound for ports that should not be available to the internet(e.g., NetBIOS)
  • 27. Packet-Filtering Rules • Filter out ICMP redirect or echo(ping) message (may indicate hackers are attempting to locate open ports or host IP addresses) • Drop packets that use IP header source routing feature. • Set up an access list that includes all computers in the local network by name or IP address so communications can flow between them • Allow all traffic between “trusted” hosts • Set up rules yourself
  • 28. Common Ports 80 HTTP 443 HTTPS 21 FTP 23 Telnet 22 SSH 25 SMTP