Firewall and its working

ByMithila Palamakula

Firewall

Sits between two networks Used to protect one from the other Places a bottleneck between the networks All communications must pass through the bottleneck which gives us a single

point of control

Need

Prevent attacks from untrusted networks.

Protecting data integrity

administerednetwork

publicInternet

firewalltrusted “good guys” untrusted “bad guys”

Computer Networking: Kurose, Ross

Evolution of firewalls:

1. Packet filters

2. Stateful packet filters

3. Application gateways

Packet filter Developed by Bill Cheswick and Steve Bellovin. Network layer. Packet filter drop or reject packet. Simple.

Application gateway or proxy Gene Spafford, Bill Cheswick, Marcus Ranum. Application layer.

Stateful packet filters Dave Pressetto, Janardan Sharma and Kshity Nigam. Between DataLink and Network layer. Connection column in addition to packet filters.

Packet Filters

Compare network and transport protocols to a database of rules and then forward only the packets that meet the criteria of the rules.

Implemented in routers and sometimes in the TCP/IP stacks of workstation machines

In a router a filter prevents suspicious packets from reaching your network

In a TCP/IP stack it prevents that specific machine from responding to suspicious traffic

https://www.google.com/search?q=packet+filters+firewall&espfw_invisible_filter.gif%3

Proxies

Proxy is a combination of a client and a server; internal users send requests to the server portion of the proxy which then sends the internal users requests out through its client

Hides internal users from the external network by hiding them behind the IP of the proxy

Prevents low level network protocols from going through the firewall eliminating some of the problems with NAT

Restricts traffic to only the application level protocols being proxied

Application gateways It is an application- specific server through which all application data must pass.

Computer Networking: Kurose, Ross

Procedure for application gateways: All telnet users to telnet through gateway. Gateway sets up telnet connection to destination host Router filter blocks all telnet connections.

Deployment Corporate gateway ( common one) Internal segment gateway Server-based firewall

Introduction to firewall: Jason Pan

Conclusion

Acts as a barrier between two or more networks.

Stateful is the leading firewall technology.

A small leak in firewall effects the whole organization network.

Questions?

References

Computer Networking: A top down approach, sixth edition, James F Kurose, Keith W Ross, Pearson

http://www.howstuffworks.com/firewall.htm

http://searchsecuritychannel.techtarget.com/feature/Network-firewall-vendors

http://www.wikepedia.org/

http://technet.Microsoft.com

http://www.bu.edu/

Thank you