SlideShare a Scribd company logo

Firewalls-Intro

Download as PPTX, PDF
Aparna Bulusu
Aparna Bulusu

Firewalls are systems designed to control network access by enforcing an access control policy. They work by examining packets and filtering them based on rules like IP addresses, protocols, and ports. There are different types of firewalls including packet filtering, proxy, and application layer firewalls. While firewalls help protect networks from unauthorized access and provide logging, they have limitations as they only control connectivity and not other aspects of security like encryption. It is important to take additional precautions like using strong passwords, keeping software updated, and practicing safe online habits.

Technology
1 of 27
FIREWALLS Aparna Bulusu Faculty, Dept of Comp Science St. Ann’s College for Women, Hyderabad
Agenda How Internet works  Potential Threats  Firewalls  Types of firewalls  Implementation aspects  Problems beyond firewalls  Tips for the home user 
Firewalls – The Basics  A firewall is a system or set of systems designed to : ◦ Permit or deny network ◦ ◦ ◦ ◦ transmissions Based upon a set of rules Used to protect networks from unauthorized access Permit legitimate communications to pass. In Effect - Enforces access control policy
How internet works –
A little more detail
The Packet
Problems..  Vulnerabilities typically exist at entry and exit points
Problems.. Remote login - When someone is able to connect to your computer and control it in some form. This can range from being able to view or access your files to actually running programs on your computer. Application backdoors - Some programs have special features that allow for remote access. Others contain bugs that provide a backdoor, or hidden access, that provides some level of control of the program. SMTP session hijacking -. By gaining access to a list of e-mail addresses, a person can send unsolicited junk e-mail (spam) to thousands of users Operating system bugs - Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that an experienced hacker can take advantage of. routing by default.
Problems… Denial of service What happens is that the hacker sends a request to the server to connect to it. By inundating a server with these unanswerable session requests, a hacker causes the server to slow to a crawl or eventually crash. E-mail bombs - An e-mail bomb is usually a personal attack. Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages. Macros - To simplify complicated procedures, many applications allow you to create a script of commands that the application can run. This script is known as a macro. Hackers have taken advantage of this to create their own macros that, depending on the application, can destroy your data or crash your computer. Viruses - Probably the most well-known threat . A virus is a small program that can copy itself to other computers. This way it can spread quickly from one system to the next. Viruses range from harmless messages to erasing all of your data. Spam - Typically harmless but always annoying, spam is the electronic equivalent of junk mail. Especially if it contains links to Web sites. Redirect bombs - Hackers can use ICMP to change (redirect) the path
Basic types of Firewalls   Hardware/ Software firewalls Software ◦ Network Layer ◦ Application Layer ◦ Hybrids    Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded. Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa. Stateful inspection - compares certain key parts of the packet to a database of trusted information. Information travelling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.
Customizing Firewalls…         Firewall Configuration Firewalls are customizable. Add or remove filters based on several conditions. Some of these are: IP addresses -Based on IP Address Domain names: Block all access to certain domain names, or allow access only to specific domain names. Protocols -Include or exclude protocols in your filters ( TCP, IP, HTTP, FTP, UDP, SMTP, TELNET etc.) A company might set up only one or two machines to handle a specific protocol and ban that protocol on all other machines. Ports - Any server machine makes its services available to the Internet using numbered ports, For ex: Web server is typically available on port 80, and the FTP server is available on port 21. A company might block port 21 access on all machines but one inside the company.
Specific words and phrases - The firewall will sniff (search through) each packet of information for an exact match of the text listed in the filter. For example, you could instruct the firewall to block any packet with the word "X-rated" in it.  With a hardware firewall, the firewall unit itself is normally the gateway. A good example is the Linksys Cable/DSL router. It has a built-in Ethernet card and hub. You configure the router via a Web-based interface that you reach through the browser on your computer. You can then set any filters or additional information. 
Firewall technology – Packet Filtering Inspecting the "packets”  If a packet matches the packet filter's set of rules, the packet filter will  ◦ drop (silently discard) the packet ◦ reject it
Circuit level / Stateful filters Operates up to layer 4 (transport layer) of the OSI model.  Examine each data packet as well as its position within the data stream.  Records all connections passing through it to determine whether a packet is the start of a new connection, a part of an existing connection, or not part of any connection.  Though static rules are still used, these rules can now contain connection state as one of their test criteria. 
Application layer filtering Can "understand" certain applications and protocols (such as File Transfer Protocol, DNS, or HTTP  Can detect if an unwanted protocol is sneaking through on a non-standard port  If a protocol is being abused in any harmful way. 
Network Address Translation (NAT)   Firewalls often have this functionality to hide the true address of protected hosts. The hosts protected behind a firewall commonly have addresses in the "private address range”.
Proxies A proxy server could be dedicated hardware or as software on a generalpurpose machine.  Acts as a firewall by responding to input packets (connection requests, for example) in the manner of an application, while blocking other packets. 
Hybrid…  Modern firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, net block of originator, of the source, and many other attributes.
LAN INTERNET
What firewalls Accomplish  Prevent access to some web sites!!! ◦ Categories web sites         Adult/Sexually Explicit Advertisements & Pop-Ups Chat Gambling Games Hacking Peer-to-Peer …… ◦ Check by content type  .Exe / .Com  .Mid / .MP3 / .Wav  .Avi / .Mpeg / .Rm
Security..      Any system is only as secure as the people who use it. Education is the best way to ensure that users take appropriate precautions: Install personal firewalls for the client machines. Store confidential information in encrypted form. Encrypt the stream using the Secure Socket Layer (SSL) protocol to protect information flowing between the client and Web sites. Use appropriate password policies, firewalls, and routine external security audits.
Drawbacks.. Can only protect what goes through the firewall  Host to host authentication and encryption are not within the ambit of firewalls…  ◦ In Essence firewalls only deal with the kinds of connectivity allowed between different networks – Not with integrity and privacy of information      Cannot offer protection from trojan type attacks over IRC( Internet Relay Chat) No protection from data- driven attacks – malware, viruses etc. Overall security architecture must be strong for the firewall to be effective E.g. Use USB firewalling technology No Protection from Ignorance though - Never ever reveal sensitive information
In Summary.. Firewalls help protect your network from unauthorized access  Provide a single ‘choke point’ or bottleneck to impose security and audit  Provide important logging and auditing functions 
Tips for enhancing your online security Have robust passwords  Never download anything when you are not sure of the source  Keep your anti virus software updated  Always scan all material before use  Always log out of all your accounts  Never shop online without having you phishing filter on. 

Recommended

Firewall
FirewallFirewall
FirewallAhmed Elnaggar
 
Firewall
FirewallFirewall
Firewall
Sami Bacha
 
Firewall
FirewallFirewall
Firewalllmbriscoe
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
Mohammed Maajidh
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
Firewalls
FirewallsFirewalls
Firewalls
Dr.Florence Dayana
 
Firewall and its configuration
Firewall and its configurationFirewall and its configuration
Firewall and its configuration
Muhammad Baqar Kazmi
 
Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 

Recommended

Firewall
FirewallFirewall
FirewallAhmed Elnaggar
 
Firewall
FirewallFirewall
Firewall
Sami Bacha
 
Firewall
FirewallFirewall
Firewalllmbriscoe
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
Mohammed Maajidh
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
Firewalls
FirewallsFirewalls
Firewalls
Dr.Florence Dayana
 
Firewall and its configuration
Firewall and its configurationFirewall and its configuration
Firewall and its configuration
Muhammad Baqar Kazmi
 
Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 
Firewall
FirewallFirewall
FirewallShivank Shah
 
Firewall
FirewallFirewall
Firewall
nayakslideshare
 
Firewall configuration
Firewall configurationFirewall configuration
Firewall configuration
Nutan Kumar Panda
 
Firewall
FirewallFirewall
FirewallApo
 
Intoduction to Network Security NS1
Intoduction to Network Security NS1Intoduction to Network Security NS1
Intoduction to Network Security NS1koolkampus
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
ajeet singh
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
Hem Pokhrel
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationyogendrasinghchahar
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
gaurav96raj
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter new
Karnav Rana
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
ANJUMOHANANU
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
Anthony Daniel
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
edu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptxedu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptx
ANJUMOHANANU
 
mcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdfmcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdf
ANJUMOHANANU
 
internet-firewalls
internet-firewallsinternet-firewalls
internet-firewalls
Miftakhul Hijriyah
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
VC Infotech
 
Firewall
FirewallFirewall
Firewall
reddivarihareesh
 
Firewall
FirewallFirewall
Firewall
Saurabh Chauhan
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
Puneet Bawa
 
Firewalls
FirewallsFirewalls
FirewallsShashwat Shriparv
 

More Related Content

What's hot

Firewall
FirewallFirewall
Firewall
nayakslideshare
 
Firewall configuration
Firewall configurationFirewall configuration
Firewall configuration
Nutan Kumar Panda
 
Firewall
FirewallFirewall
FirewallApo
 
Intoduction to Network Security NS1
Intoduction to Network Security NS1Intoduction to Network Security NS1
Intoduction to Network Security NS1koolkampus
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
ajeet singh
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
Hem Pokhrel
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
gaurav96raj
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter new
Karnav Rana
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
ANJUMOHANANU
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
Anthony Daniel
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
edu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptxedu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptx
ANJUMOHANANU
 
mcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdfmcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdf
ANJUMOHANANU
 
internet-firewalls
internet-firewallsinternet-firewalls
internet-firewalls
Miftakhul Hijriyah
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
VC Infotech
 
Firewall
FirewallFirewall
Firewall
reddivarihareesh
 
Firewall
FirewallFirewall
Firewall
Saurabh Chauhan
 

What's hot (20)

Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewall configuration
Firewall configurationFirewall configuration
Firewall configuration
 
Firewall
FirewallFirewall
Firewall
 
Intoduction to Network Security NS1
Intoduction to Network Security NS1Intoduction to Network Security NS1
Intoduction to Network Security NS1
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter new
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewalls
 
edu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptxedu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptx
 
mcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdfmcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdf
 
internet-firewalls
internet-firewallsinternet-firewalls
internet-firewalls
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 

Similar to Firewalls-Intro

Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
Puneet Bawa
 
UNIT-4.docx
UNIT-4.docxUNIT-4.docx
UNIT-4.docx
CSEA18Arun537
 
Lec # 13 Firewall.pptx
Lec # 13 Firewall.pptxLec # 13 Firewall.pptx
Lec # 13 Firewall.pptx
skknowledge
 
Firewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsürFirewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsüremin_oz
 
Unit II Chapter 6 firewalls.ppt
Unit II Chapter 6 firewalls.pptUnit II Chapter 6 firewalls.ppt
Unit II Chapter 6 firewalls.ppt
AkshitRana31
 
Network security
Network securityNetwork security
Network security
Presentaionslive.blogspot.com
 
Seucrity in a nutshell
Seucrity in a nutshellSeucrity in a nutshell
Seucrity in a nutshell
Yahia Kandeel
 
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptxCSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
VivekTripathi684438
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
Amare Kassa
 
Firewall
Firewall Firewall
Firewall
Amuthavalli Nachiyar
 
Firewalls
FirewallsFirewalls
Firewalls
Shreya Singireddy
 
Firewall
FirewallFirewall
Firewall
syeda zoya mehdi
 
Firewall
FirewallFirewall
Firewall
Netwax Lab
 
23 computer security
23 computer security23 computer security
23 computer security
hafizhanif86
 
Firewall
FirewallFirewall
Firewall
Naga Dinesh
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
OECLIB Odisha Electronics Control Library
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
Radhika Talaviya
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
ImXaib
 
Firewalls
FirewallsFirewalls
Firewalls
vaishnavi
 

Similar to Firewalls-Intro (20)

Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
 
Firewalls
FirewallsFirewalls
Firewalls
 
UNIT-4.docx
UNIT-4.docxUNIT-4.docx
UNIT-4.docx
 
Lec # 13 Firewall.pptx
Lec # 13 Firewall.pptxLec # 13 Firewall.pptx
Lec # 13 Firewall.pptx
 
Firewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsürFirewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsür
 
Unit II Chapter 6 firewalls.ppt
Unit II Chapter 6 firewalls.pptUnit II Chapter 6 firewalls.ppt
Unit II Chapter 6 firewalls.ppt
 
Network security
Network securityNetwork security
Network security
 
Seucrity in a nutshell
Seucrity in a nutshellSeucrity in a nutshell
Seucrity in a nutshell
 
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptxCSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
 
Firewall
Firewall Firewall
Firewall
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
23 computer security
23 computer security23 computer security
23 computer security
 
Firewall
FirewallFirewall
Firewall
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
 
Firewalls
FirewallsFirewalls
Firewalls
 

Recently uploaded

"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 

Recently uploaded (20)

"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 

Firewalls-Intro

  • 1. FIREWALLS Aparna Bulusu Faculty, Dept of Comp Science St. Ann’s College for Women, Hyderabad
  • 2. Agenda How Internet works  Potential Threats  Firewalls  Types of firewalls  Implementation aspects  Problems beyond firewalls  Tips for the home user 
  • 3. Firewalls – The Basics  A firewall is a system or set of systems designed to : ◦ Permit or deny network ◦ ◦ ◦ ◦ transmissions Based upon a set of rules Used to protect networks from unauthorized access Permit legitimate communications to pass. In Effect - Enforces access control policy
  • 5. A little more detail
  • 6.
  • 9. Problems.. Remote login - When someone is able to connect to your computer and control it in some form. This can range from being able to view or access your files to actually running programs on your computer. Application backdoors - Some programs have special features that allow for remote access. Others contain bugs that provide a backdoor, or hidden access, that provides some level of control of the program. SMTP session hijacking -. By gaining access to a list of e-mail addresses, a person can send unsolicited junk e-mail (spam) to thousands of users Operating system bugs - Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that an experienced hacker can take advantage of. routing by default.
  • 10. Problems… Denial of service What happens is that the hacker sends a request to the server to connect to it. By inundating a server with these unanswerable session requests, a hacker causes the server to slow to a crawl or eventually crash. E-mail bombs - An e-mail bomb is usually a personal attack. Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages. Macros - To simplify complicated procedures, many applications allow you to create a script of commands that the application can run. This script is known as a macro. Hackers have taken advantage of this to create their own macros that, depending on the application, can destroy your data or crash your computer. Viruses - Probably the most well-known threat . A virus is a small program that can copy itself to other computers. This way it can spread quickly from one system to the next. Viruses range from harmless messages to erasing all of your data. Spam - Typically harmless but always annoying, spam is the electronic equivalent of junk mail. Especially if it contains links to Web sites. Redirect bombs - Hackers can use ICMP to change (redirect) the path
  • 11. Basic types of Firewalls   Hardware/ Software firewalls Software ◦ Network Layer ◦ Application Layer ◦ Hybrids    Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded. Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa. Stateful inspection - compares certain key parts of the packet to a database of trusted information. Information travelling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.
  • 12. Customizing Firewalls…         Firewall Configuration Firewalls are customizable. Add or remove filters based on several conditions. Some of these are: IP addresses -Based on IP Address Domain names: Block all access to certain domain names, or allow access only to specific domain names. Protocols -Include or exclude protocols in your filters ( TCP, IP, HTTP, FTP, UDP, SMTP, TELNET etc.) A company might set up only one or two machines to handle a specific protocol and ban that protocol on all other machines. Ports - Any server machine makes its services available to the Internet using numbered ports, For ex: Web server is typically available on port 80, and the FTP server is available on port 21. A company might block port 21 access on all machines but one inside the company.
  • 13. Specific words and phrases - The firewall will sniff (search through) each packet of information for an exact match of the text listed in the filter. For example, you could instruct the firewall to block any packet with the word "X-rated" in it.  With a hardware firewall, the firewall unit itself is normally the gateway. A good example is the Linksys Cable/DSL router. It has a built-in Ethernet card and hub. You configure the router via a Web-based interface that you reach through the browser on your computer. You can then set any filters or additional information. 
  • 14. Firewall technology – Packet Filtering Inspecting the "packets”  If a packet matches the packet filter's set of rules, the packet filter will  ◦ drop (silently discard) the packet ◦ reject it
  • 15. Circuit level / Stateful filters Operates up to layer 4 (transport layer) of the OSI model.  Examine each data packet as well as its position within the data stream.  Records all connections passing through it to determine whether a packet is the start of a new connection, a part of an existing connection, or not part of any connection.  Though static rules are still used, these rules can now contain connection state as one of their test criteria. 
  • 16. Application layer filtering Can "understand" certain applications and protocols (such as File Transfer Protocol, DNS, or HTTP  Can detect if an unwanted protocol is sneaking through on a non-standard port  If a protocol is being abused in any harmful way. 
  • 17. Network Address Translation (NAT)   Firewalls often have this functionality to hide the true address of protected hosts. The hosts protected behind a firewall commonly have addresses in the "private address range”.
  • 18. Proxies A proxy server could be dedicated hardware or as software on a generalpurpose machine.  Acts as a firewall by responding to input packets (connection requests, for example) in the manner of an application, while blocking other packets. 
  • 19. Hybrid…  Modern firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, net block of originator, of the source, and many other attributes.
  • 21.
  • 22. What firewalls Accomplish  Prevent access to some web sites!!! ◦ Categories web sites         Adult/Sexually Explicit Advertisements & Pop-Ups Chat Gambling Games Hacking Peer-to-Peer …… ◦ Check by content type  .Exe / .Com  .Mid / .MP3 / .Wav  .Avi / .Mpeg / .Rm
  • 23.
  • 24. Security..      Any system is only as secure as the people who use it. Education is the best way to ensure that users take appropriate precautions: Install personal firewalls for the client machines. Store confidential information in encrypted form. Encrypt the stream using the Secure Socket Layer (SSL) protocol to protect information flowing between the client and Web sites. Use appropriate password policies, firewalls, and routine external security audits.
  • 25. Drawbacks.. Can only protect what goes through the firewall  Host to host authentication and encryption are not within the ambit of firewalls…  ◦ In Essence firewalls only deal with the kinds of connectivity allowed between different networks – Not with integrity and privacy of information      Cannot offer protection from trojan type attacks over IRC( Internet Relay Chat) No protection from data- driven attacks – malware, viruses etc. Overall security architecture must be strong for the firewall to be effective E.g. Use USB firewalling technology No Protection from Ignorance though - Never ever reveal sensitive information
  • 26. In Summary.. Firewalls help protect your network from unauthorized access  Provide a single ‘choke point’ or bottleneck to impose security and audit  Provide important logging and auditing functions 
  • 27. Tips for enhancing your online security Have robust passwords  Never download anything when you are not sure of the source  Keep your anti virus software updated  Always scan all material before use  Always log out of all your accounts  Never shop online without having you phishing filter on. 