Scribd
Upload
76 views

What Is A Firewall?

A firewall is a network security device that monitors incoming and outgoing network traffic and filters it based on security rules. It establishes a barrier between internal secure networks and external untrusted networks like the Internet. Firewalls have limitations as they cannot protect against all internal or external threats. There are different types of firewalls including packet filters, application-level gateways, and circuit-level gateways that examine traffic at different levels to filter network access.

Uploaded by

Mahesh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
76 views

What Is A Firewall?

A firewall is a network security device that monitors incoming and outgoing network traffic and filters it based on security rules. It establishes a barrier between internal secure networks and external untrusted networks like the Internet. Firewalls have limitations as they cannot protect against all internal or external threats. There are different types of firewalls including packet filters, application-level gateways, and circuit-level gateways that examine traffic at different levels to filter network access.

Uploaded by

Mahesh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

What is a Firewall?

• A firewall is a hardware or software-based


network security device that monitors all
incoming and outgoing traffic and accepts,
rejects, or drops that traffic depending on
a specified set of security rules.
• Accept : allow the traffic
Reject : block the traffic but reply with an
“unreachable error”
• Drop : block the traffic with no reply
Firewall
A firewall establishes a barrier between
secured internal networks and outside
untrusted network, such as the Internet
Firewall Limitations
• cannot protect from attacks bypassing it
– eg sneaker net, utility modems, trusted
organisations, trusted services (eg SSL/SSH)
• cannot protect against internal threats
– eg disgruntled employee
• cannot protect against transfer of all virus
infected programs or files
– because of huge range of O/S & file types
Firewalls – Packet Filters
Packet filters
Firewalls – Packet Filters
• simplest of components
• foundation of any firewall system
• examine each IP packet (no context) and
permit or deny according to rules
• hence restrict access to services (ports)
• possible default policies
– that not expressly permitted is prohibited
– that not expressly prohibited is permitted
Attacks on Packet Filters
• IP address spoofing
– fake source address to be trusted
– add filters on router to block
• source routing attacks
– attacker sets a route other than default
– block source routed packets
• tiny fragment attacks
– split header info over several tiny packets
– either discard or reassemble before check
Firewalls - Application Level
Gateway (or Proxy)
Firewalls - Application Level
Gateway (or Proxy)
• use an application specific gateway /
proxy
• has full access to protocol
– user requests service from proxy
– proxy validates request as legal
– then actions request and returns result to user
• need separate proxies for each service
– some services naturally support proxying
– others are more problematic
– custom services generally not supported
Firewalls - Circuit Level Gateway
Firewalls - Circuit Level Gateway
• relays two TCP connections
• imposes security by limiting which such
connections are allowed
• once created usually relays traffic without
examining contents
• typically used when trust internal users by
allowing general outbound connections
• SOCKS commonly used for this
Bastion Host
• highly secure host system
• potentially exposed to "hostile" elements
• hence is secured to withstand this
• may support 2 or more net connections
• may be trusted to enforce trusted
separation between network connections
• runs circuit / application level gateways
• or provides externally accessible services
Firewall Configurations
Firewall Configurations
Firewall Configurations
Application-
Packet- Stateful Level
Feature Circuit-Level
Filtering Inspection Gateways
Gateways
Firewalls Firewalls (Proxy
Firewall)
Destination/I
P Address Yes No Yes Yes
Check
TCP
Handshake No Yes Yes Yes
Check
Deep-Layer
No No No Yes
Inspection
Virtualized
No No No Yes
Connection
Resource
Minimal Minimal Small Moderate
Impact

You might also like