1 / 19

Firewalls

Firewalls. Overview.

haroldlewis
Télécharger la présentation

Firewalls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Firewalls

  2. Overview “ A firewall is a hardware or software solution to enforce security policies. In the physical security analogy, a firewall is equivalent to a door lock on a perimeter door or on a door to a room inside of the building - it permits only authorized users such as those with a key or access card to enter. A firewall has built-in filters that can disallow unauthorized or potentially dangerous material from entering the system. It also logs attempted intrusions “ Ref: www.tecrime.com/0gloss.htm

  3. Topics Covered • Iptables • SSH Bouncing • Reverse WWW Shell • Windows RealSecure • Windows ICF (Built-In Firewall) • Cisco PIX 515E

  4. Firewall Basics • Packet Filtering • Proxy Service • Stateful Inspection

  5. Iptables • Stateful and stateless packet filtering • Network address and port translation • Packet manipulation Iptables inspects every packet through the network and compares the packet properties with predefined rules to determine whether the packet is allowed to pass or is dropped

  6. Iptables Overview

  7. Iptables Functions • Jump • Specify Protocol • Specify Interface • Specify Source/Destination • State Matching • Limiting • NAT • Forwarding • Masquerading

  8. Iptables cont’d • With Firewall turn on, ports are filtered according to a defined set of rules • iptables –P INPUT DROP • ICMP ping floods • Iptables –A INPUT –p icmp –icmp –type echo-request –m limit –limit 30/minute –limit-burst 1 –j ACCEPT • Forwarding Packet • Iptables –A FORWARD –i vmnet –o vmnet –m state –state ESTABLISHED,RELATED –j ACCEPT

  9. Iptables cont’d • Log telnet packets • Iptables –A INPUT –d 131.210.231.1 –p tcp –dport 23 –j LOG –log-prefix ‘TELNET ATTEMPT’ • /var/log/messages • Ex. Feb 24 05:06:40 Firewall kernel: Telnet Attempt

  10. SSH Bouncing using Netcat • Uses netcat for proxy • Allows direct connection between a computer outside of a firewall and any machine that runs an SSH server behind the firewall

  11. Reverse WWW shell • Fakes HTTP traffic • Connection does not show up using the netstat command • Difficult to identify traffic

  12. Windows RealSecure • Personal firewall by Internet Security Systems • Allows security policies to be centrally controlled and updated • Run NMAP to test the security of the default configuration – wasn’t good enough • Manually hardened to block ICMP ping and one opened port

  13. Windows Built-In Firewall • Similar to RealSecure but simpler and less configurable • Ran NMAP test again • With firewall turned on it does the job of blocking potential attacks • Does not filter outbound traffic

  14. Summary on Windows Firewalls • RealSecure Firewall is a great tool, but not necessarily a perfect tool • Default firewall settings are not secure enough • Always customize your firewall for your custom fit

  15. Cisco PIX 515E • (Private Internet EXchange) • Network Layer Firewall • Stateful Inspection • only allows inbound traffic that is a response to a valid request or is allowed by an ACL (Access Control List) or a conduit

  16. Cisco PIX 515E • Permit no access from the Outside to the Inside. • Permit limited access from the Outside to the DMZ • Permit all access from the Inside to the Outside. • Permit limited access from the Inside to the DMZ. • Security Levels

  17. Cisco PIX 515E

  18. fin Wikipedia was heavily used in the creation of this presentation

More Related