Aparna Bulusu, profile picture
Uploaded byAparna Bulusu
PPTX, PDF560 views

Firewalls-Intro

Firewalls are systems designed to control network access by enforcing an access control policy. They work by examining packets and filtering them based on rules like IP addresses, protocols, and ports. There are different types of firewalls including packet filtering, proxy, and application layer firewalls. While firewalls help protect networks from unauthorized access and provide logging, they have limitations as they only control connectivity and not other aspects of security like encryption. It is important to take additional precautions like using strong passwords, keeping software updated, and practicing safe online habits.

Embed presentation

Downloaded 20 times
FIREWALLS Aparna Bulusu Faculty, Dept of Comp Science St. Ann’s College for Women, Hyderabad
Agenda How Internet works  Potential Threats  Firewalls  Types of firewalls  Implementation aspects  Problems beyond firewalls  Tips for the home user 
Firewalls – The Basics  A firewall is a system or set of systems designed to : ◦ Permit or deny network ◦ ◦ ◦ ◦ transmissions Based upon a set of rules Used to protect networks from unauthorized access Permit legitimate communications to pass. In Effect - Enforces access control policy
How internet works –
A little more detail
The Packet
Problems..  Vulnerabilities typically exist at entry and exit points
Problems.. Remote login - When someone is able to connect to your computer and control it in some form. This can range from being able to view or access your files to actually running programs on your computer. Application backdoors - Some programs have special features that allow for remote access. Others contain bugs that provide a backdoor, or hidden access, that provides some level of control of the program. SMTP session hijacking -. By gaining access to a list of e-mail addresses, a person can send unsolicited junk e-mail (spam) to thousands of users Operating system bugs - Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that an experienced hacker can take advantage of. routing by default.
Problems… Denial of service What happens is that the hacker sends a request to the server to connect to it. By inundating a server with these unanswerable session requests, a hacker causes the server to slow to a crawl or eventually crash. E-mail bombs - An e-mail bomb is usually a personal attack. Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages. Macros - To simplify complicated procedures, many applications allow you to create a script of commands that the application can run. This script is known as a macro. Hackers have taken advantage of this to create their own macros that, depending on the application, can destroy your data or crash your computer. Viruses - Probably the most well-known threat . A virus is a small program that can copy itself to other computers. This way it can spread quickly from one system to the next. Viruses range from harmless messages to erasing all of your data. Spam - Typically harmless but always annoying, spam is the electronic equivalent of junk mail. Especially if it contains links to Web sites. Redirect bombs - Hackers can use ICMP to change (redirect) the path
Basic types of Firewalls   Hardware/ Software firewalls Software ◦ Network Layer ◦ Application Layer ◦ Hybrids    Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded. Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa. Stateful inspection - compares certain key parts of the packet to a database of trusted information. Information travelling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.
Customizing Firewalls…         Firewall Configuration Firewalls are customizable. Add or remove filters based on several conditions. Some of these are: IP addresses -Based on IP Address Domain names: Block all access to certain domain names, or allow access only to specific domain names. Protocols -Include or exclude protocols in your filters ( TCP, IP, HTTP, FTP, UDP, SMTP, TELNET etc.) A company might set up only one or two machines to handle a specific protocol and ban that protocol on all other machines. Ports - Any server machine makes its services available to the Internet using numbered ports, For ex: Web server is typically available on port 80, and the FTP server is available on port 21. A company might block port 21 access on all machines but one inside the company.
Specific words and phrases - The firewall will sniff (search through) each packet of information for an exact match of the text listed in the filter. For example, you could instruct the firewall to block any packet with the word "X-rated" in it.  With a hardware firewall, the firewall unit itself is normally the gateway. A good example is the Linksys Cable/DSL router. It has a built-in Ethernet card and hub. You configure the router via a Web-based interface that you reach through the browser on your computer. You can then set any filters or additional information. 
Firewall technology – Packet Filtering Inspecting the "packets”  If a packet matches the packet filter's set of rules, the packet filter will  ◦ drop (silently discard) the packet ◦ reject it
Circuit level / Stateful filters Operates up to layer 4 (transport layer) of the OSI model.  Examine each data packet as well as its position within the data stream.  Records all connections passing through it to determine whether a packet is the start of a new connection, a part of an existing connection, or not part of any connection.  Though static rules are still used, these rules can now contain connection state as one of their test criteria. 
Application layer filtering Can "understand" certain applications and protocols (such as File Transfer Protocol, DNS, or HTTP  Can detect if an unwanted protocol is sneaking through on a non-standard port  If a protocol is being abused in any harmful way. 
Network Address Translation (NAT)   Firewalls often have this functionality to hide the true address of protected hosts. The hosts protected behind a firewall commonly have addresses in the "private address range”.
Proxies A proxy server could be dedicated hardware or as software on a generalpurpose machine.  Acts as a firewall by responding to input packets (connection requests, for example) in the manner of an application, while blocking other packets. 
Hybrid…  Modern firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, net block of originator, of the source, and many other attributes.
LAN INTERNET
What firewalls Accomplish  Prevent access to some web sites!!! ◦ Categories web sites         Adult/Sexually Explicit Advertisements & Pop-Ups Chat Gambling Games Hacking Peer-to-Peer …… ◦ Check by content type  .Exe / .Com  .Mid / .MP3 / .Wav  .Avi / .Mpeg / .Rm
Security..      Any system is only as secure as the people who use it. Education is the best way to ensure that users take appropriate precautions: Install personal firewalls for the client machines. Store confidential information in encrypted form. Encrypt the stream using the Secure Socket Layer (SSL) protocol to protect information flowing between the client and Web sites. Use appropriate password policies, firewalls, and routine external security audits.
Drawbacks.. Can only protect what goes through the firewall  Host to host authentication and encryption are not within the ambit of firewalls…  ◦ In Essence firewalls only deal with the kinds of connectivity allowed between different networks – Not with integrity and privacy of information      Cannot offer protection from trojan type attacks over IRC( Internet Relay Chat) No protection from data- driven attacks – malware, viruses etc. Overall security architecture must be strong for the firewall to be effective E.g. Use USB firewalling technology No Protection from Ignorance though - Never ever reveal sensitive information
In Summary.. Firewalls help protect your network from unauthorized access  Provide a single ‘choke point’ or bottleneck to impose security and audit  Provide important logging and auditing functions 
Tips for enhancing your online security Have robust passwords  Never download anything when you are not sure of the source  Keep your anti virus software updated  Always scan all material before use  Always log out of all your accounts  Never shop online without having you phishing filter on. 

More Related Content

PPT
Firewall
bylmbriscoe
 
PPTX
firewall and its types
byMohammed Maajidh
 
PPTX
Firewall and its configuration
byMuhammad Baqar Kazmi
 
PPT
Presentation, Firewalls
bykkkseld
 
PDF
Firewalls
byDr.Florence Dayana
 
PPT
Firewalls
byRam Dutt Shukla
 
PDF
Firewall
bySami Bacha
 
PDF
Firewall
byAhmed Elnaggar
 
Firewall
bylmbriscoe
 
firewall and its types
byMohammed Maajidh
 
Firewall and its configuration
byMuhammad Baqar Kazmi
 
Presentation, Firewalls
bykkkseld
 
Firewalls
byDr.Florence Dayana
 
Firewalls
byRam Dutt Shukla
 
Firewall
bySami Bacha
 
Firewall
byAhmed Elnaggar
 

What's hot

PPT
Firewall protection
byVC Infotech
 
PPTX
Firewall
byreddivarihareesh
 
PDF
Network firewall function & benefits
byAnthony Daniel
 
PPTX
Firewall & packet filter new
byKarnav Rana
 
PPTX
Firewall presentation
bygaurav96raj
 
PPT
Firewall
bynayakslideshare
 
PPT
Presentation, Firewalls
bykkkseld
 
PPTX
Firewall
bySaurabh Chauhan
 
PPTX
Firewall Design and Implementation
byajeet singh
 
PPTX
Introduction of firewall slides
byrahul kundu
 
PPTX
Firewall
byShivank Shah
 
PDF
internet-firewalls
byMiftakhul Hijriyah
 
PPTX
edu03firewall,Antivirus software.pptx
byANJUMOHANANU
 
DOCX
Firewall configuration
byNutan Kumar Panda
 
PPTX
Firewall and It's Types
byHem Pokhrel
 
PDF
Edu 03Anju 23 assignment.pdf
byANJUMOHANANU
 
PPT
Firewall
byApo
 
PPTX
Firewall presentation
byyogendrasinghchahar
 
PDF
mcq edu03 Anju 23.pdf
byANJUMOHANANU
 
PPT
Intoduction to Network Security NS1
bykoolkampus
 
Firewall protection
byVC Infotech
 
Firewall
byreddivarihareesh
 
Network firewall function & benefits
byAnthony Daniel
 
Firewall & packet filter new
byKarnav Rana
 
Firewall presentation
bygaurav96raj
 
Firewall
bynayakslideshare
 
Presentation, Firewalls
bykkkseld
 
Firewall
bySaurabh Chauhan
 
Firewall Design and Implementation
byajeet singh
 
Introduction of firewall slides
byrahul kundu
 
Firewall
byShivank Shah
 
internet-firewalls
byMiftakhul Hijriyah
 
edu03firewall,Antivirus software.pptx
byANJUMOHANANU
 
Firewall configuration
byNutan Kumar Panda
 
Firewall and It's Types
byHem Pokhrel
 
Edu 03Anju 23 assignment.pdf
byANJUMOHANANU
 
Firewall
byApo
 
Firewall presentation
byyogendrasinghchahar
 
mcq edu03 Anju 23.pdf
byANJUMOHANANU
 
Intoduction to Network Security NS1
bykoolkampus
 

Similar to Firewalls-Intro

PPTX
_____________________________________firewall_ppt
byarjunpanditarjunpand
 
PPTX
Cyber Security - Firewall and Packet Filters
byRadhika Talaviya
 
PPT
Lecture in network security and mobile computing
byAbdullahOmar704132
 
PPT
Unit II Chapter 6 firewalls.ppt
byAkshitRana31
 
PPTX
Firewall
byNaga Dinesh
 
PPTX
Firewall Design and Implementation
byajeet singh
 
PDF
Firewall.pdf
byImXaib
 
PPTX
Firewall ppt
byLakshmiSamivel
 
PPT
Tech 101: Understanding Firewalls
byLikan Patra
 
PPT
Network security
byVikas Jagtap
 
PPT
Class 10 Cyber Security for engineering students
byDrVikasMahor
 
PPTX
Firewalls
byvaishnavi
 
PPTX
firewall firewall firewall firewall firewall firewall firewall firewall
byNagaraja465570
 
PPTX
Firewall ppt.pptx
byBhushanLokhande12
 
PPT
Firewalls
byUniversity of Central Punjab
 
PPTX
Firewall ( Cyber Security)
byJainam Shah
 
PPTX
Firewall ppt
byOECLIB Odisha Electronics Control Library
 
PPTX
FIREWALLS BY SAIKIRAN PANJALA
bySaikiran Panjala
 
PPTX
Section c group2_firewall_ final
bypg13tarun_g
 
PPT
Unified Threat Management
byTapas Shome
 
_____________________________________firewall_ppt
byarjunpanditarjunpand
 
Cyber Security - Firewall and Packet Filters
byRadhika Talaviya
 
Lecture in network security and mobile computing
byAbdullahOmar704132
 
Unit II Chapter 6 firewalls.ppt
byAkshitRana31
 
Firewall
byNaga Dinesh
 
Firewall Design and Implementation
byajeet singh
 
Firewall.pdf
byImXaib
 
Firewall ppt
byLakshmiSamivel
 
Tech 101: Understanding Firewalls
byLikan Patra
 
Network security
byVikas Jagtap
 
Class 10 Cyber Security for engineering students
byDrVikasMahor
 
Firewalls
byvaishnavi
 
firewall firewall firewall firewall firewall firewall firewall firewall
byNagaraja465570
 
Firewall ppt.pptx
byBhushanLokhande12
 
Firewalls
byUniversity of Central Punjab
 
Firewall ( Cyber Security)
byJainam Shah
 
Firewall ppt
byOECLIB Odisha Electronics Control Library
 
FIREWALLS BY SAIKIRAN PANJALA
bySaikiran Panjala
 
Section c group2_firewall_ final
bypg13tarun_g
 
Unified Threat Management
byTapas Shome
 

Recently uploaded

PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PPTX
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PDF
API-First Architecture in Financial Systems
bycyy111112
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PPTX
Kanban India 2025 | Daksh Gupta | Modeling the Models, Generative AI & Kanban
byLeanKanbanIndia
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
software-security-intro in information security.ppt
byismaeelsahib032
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
December Patch Tuesday
byIvanti
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
The year in review - MarvelClient in 2025
bypanagenda
 
cybercrime in Information security .pptx
byismaeelsahib032
 
API-First Architecture in Financial Systems
bycyy111112
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
Kanban India 2025 | Daksh Gupta | Modeling the Models, Generative AI & Kanban
byLeanKanbanIndia
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 

Firewalls-Intro

  • 1.
    FIREWALLS Aparna Bulusu Faculty, Deptof Comp Science St. Ann’s College for Women, Hyderabad
  • 2.
    Agenda How Internet works Potential Threats  Firewalls  Types of firewalls  Implementation aspects  Problems beyond firewalls  Tips for the home user 
  • 3.
    Firewalls – TheBasics  A firewall is a system or set of systems designed to : ◦ Permit or deny network ◦ ◦ ◦ ◦ transmissions Based upon a set of rules Used to protect networks from unauthorized access Permit legitimate communications to pass. In Effect - Enforces access control policy
  • 4.
  • 5.
  • 7.
  • 8.
  • 9.
    Problems.. Remote login -When someone is able to connect to your computer and control it in some form. This can range from being able to view or access your files to actually running programs on your computer. Application backdoors - Some programs have special features that allow for remote access. Others contain bugs that provide a backdoor, or hidden access, that provides some level of control of the program. SMTP session hijacking -. By gaining access to a list of e-mail addresses, a person can send unsolicited junk e-mail (spam) to thousands of users Operating system bugs - Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that an experienced hacker can take advantage of. routing by default.
  • 10.
    Problems… Denial of serviceWhat happens is that the hacker sends a request to the server to connect to it. By inundating a server with these unanswerable session requests, a hacker causes the server to slow to a crawl or eventually crash. E-mail bombs - An e-mail bomb is usually a personal attack. Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages. Macros - To simplify complicated procedures, many applications allow you to create a script of commands that the application can run. This script is known as a macro. Hackers have taken advantage of this to create their own macros that, depending on the application, can destroy your data or crash your computer. Viruses - Probably the most well-known threat . A virus is a small program that can copy itself to other computers. This way it can spread quickly from one system to the next. Viruses range from harmless messages to erasing all of your data. Spam - Typically harmless but always annoying, spam is the electronic equivalent of junk mail. Especially if it contains links to Web sites. Redirect bombs - Hackers can use ICMP to change (redirect) the path
  • 11.
    Basic types ofFirewalls   Hardware/ Software firewalls Software ◦ Network Layer ◦ Application Layer ◦ Hybrids    Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded. Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa. Stateful inspection - compares certain key parts of the packet to a database of trusted information. Information travelling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.
  • 12.
    Customizing Firewalls…         Firewall Configuration Firewallsare customizable. Add or remove filters based on several conditions. Some of these are: IP addresses -Based on IP Address Domain names: Block all access to certain domain names, or allow access only to specific domain names. Protocols -Include or exclude protocols in your filters ( TCP, IP, HTTP, FTP, UDP, SMTP, TELNET etc.) A company might set up only one or two machines to handle a specific protocol and ban that protocol on all other machines. Ports - Any server machine makes its services available to the Internet using numbered ports, For ex: Web server is typically available on port 80, and the FTP server is available on port 21. A company might block port 21 access on all machines but one inside the company.
  • 13.
    Specific words andphrases - The firewall will sniff (search through) each packet of information for an exact match of the text listed in the filter. For example, you could instruct the firewall to block any packet with the word "X-rated" in it.  With a hardware firewall, the firewall unit itself is normally the gateway. A good example is the Linksys Cable/DSL router. It has a built-in Ethernet card and hub. You configure the router via a Web-based interface that you reach through the browser on your computer. You can then set any filters or additional information. 
  • 14.
    Firewall technology –Packet Filtering Inspecting the "packets”  If a packet matches the packet filter's set of rules, the packet filter will  ◦ drop (silently discard) the packet ◦ reject it
  • 15.
    Circuit level /Stateful filters Operates up to layer 4 (transport layer) of the OSI model.  Examine each data packet as well as its position within the data stream.  Records all connections passing through it to determine whether a packet is the start of a new connection, a part of an existing connection, or not part of any connection.  Though static rules are still used, these rules can now contain connection state as one of their test criteria. 
  • 16.
    Application layer filtering Can"understand" certain applications and protocols (such as File Transfer Protocol, DNS, or HTTP  Can detect if an unwanted protocol is sneaking through on a non-standard port  If a protocol is being abused in any harmful way. 
  • 17.
    Network Address Translation (NAT)   Firewallsoften have this functionality to hide the true address of protected hosts. The hosts protected behind a firewall commonly have addresses in the "private address range”.
  • 18.
    Proxies A proxy servercould be dedicated hardware or as software on a generalpurpose machine.  Acts as a firewall by responding to input packets (connection requests, for example) in the manner of an application, while blocking other packets. 
  • 19.
    Hybrid…  Modern firewalls canfilter traffic based on many packet attributes like source IP address, source port, destination IP address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, net block of originator, of the source, and many other attributes.
  • 20.
  • 22.
    What firewalls Accomplish  Preventaccess to some web sites!!! ◦ Categories web sites         Adult/Sexually Explicit Advertisements & Pop-Ups Chat Gambling Games Hacking Peer-to-Peer …… ◦ Check by content type  .Exe / .Com  .Mid / .MP3 / .Wav  .Avi / .Mpeg / .Rm
  • 24.
    Security..      Any system isonly as secure as the people who use it. Education is the best way to ensure that users take appropriate precautions: Install personal firewalls for the client machines. Store confidential information in encrypted form. Encrypt the stream using the Secure Socket Layer (SSL) protocol to protect information flowing between the client and Web sites. Use appropriate password policies, firewalls, and routine external security audits.
  • 25.
    Drawbacks.. Can only protectwhat goes through the firewall  Host to host authentication and encryption are not within the ambit of firewalls…  ◦ In Essence firewalls only deal with the kinds of connectivity allowed between different networks – Not with integrity and privacy of information      Cannot offer protection from trojan type attacks over IRC( Internet Relay Chat) No protection from data- driven attacks – malware, viruses etc. Overall security architecture must be strong for the firewall to be effective E.g. Use USB firewalling technology No Protection from Ignorance though - Never ever reveal sensitive information
  • 26.
    In Summary.. Firewalls helpprotect your network from unauthorized access  Provide a single ‘choke point’ or bottleneck to impose security and audit  Provide important logging and auditing functions 
  • 27.
    Tips for enhancingyour online security Have robust passwords  Never download anything when you are not sure of the source  Keep your anti virus software updated  Always scan all material before use  Always log out of all your accounts  Never shop online without having you phishing filter on. 