200 likes | 208 Vues
ITIS 1210 Introduction to Web-Based Information Systems. Chapter 44 How Firewalls Work. Introduction. The Internet is a dangerous place Hackers can Damage your programs/data Steal Your identity Your credit information Use your computer for other purposes
E N D
ITIS 1210Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work
Introduction • The Internet is a dangerous place • Hackers can • Damage your programs/data • Steal • Your identity • Your credit information • Use your computer for other purposes • Distributed attacks on other computers • Spam • Illegal activities
Introduction • Choices are to • Stay off the Internet • Protect yourself • Firewalls are one kind of protection • Software/hardware • Monitors the computer-Internet interface
How Corporate Firewalls Work • The firewall acts as a shield • Separates the internal environment from the Wild-Wild-Web • Inside, normal Internet technologies are available • Email • Databases • Software
How Corporate Firewalls Work • Access to the outside is controlled by a choke router or a screening router • Examines packets traveling in both directions and can learn • Source & destination • Protocols being used • Ports being accessed
How Corporate Firewalls Work • Some packets permitted to continue, others blocked • Some services such as logins might be blocked • Suspicious locations could be blocked • System administrators set these rules
How Corporate Firewalls Work • A bastion host is a heavily protected server • Lots of security built in • Primary point of contact for connections coming in from the Internet • Internal computers or hosts inside the firewall cannot be contacted directly • Might also be a proxy server • For WWW requests from inside the firewall
How Corporate Firewalls Work • Bastion host is part of a perimeter network in the firewall • Not on the corporate network itself • Adds another layer of security • One more element the bad guys have to break down to get into the corporate network
How Corporate Firewalls Work • An exterior screening router or access router screens packets between the Internet and the perimeter network • Again, • Adds another layer of protection • Can implement the same rules as the choke router • If the choke router fails the screening router may still be able to block unauthorized access
How Personal Firewalls Work • What personal resources are attractive to hackers? • High-speed connections • “Always on” network connections like Roadrunner • Poorly protected computers that are vulnerable to exploits
How Personal Firewalls Work • Remember ports? • Virtual connections between your computer and the Internet • Each port has a specific purpose • Personal firewalls work by examining packets for information including • Source and destination IP address • Port numbers
How Personal Firewalls Work • Firewalls can be configured to block packets address to specific ports • Block port 21 and FTP can’t be used to attack your PC • Trojan horse software can permit a hacker access to your PC • Firewalls can detect when software attempts to send packets • If you don’t approve, the packets are blocked
How Personal Firewalls Work • Firewalls can block specific IP addresses as well • Your personal history might be a source of UP addresses to be blocked • NAT (Network Address Translation) is a technique whereby your true IP address is shielded from the Internet • It can’t be seen by anyone outside your home network so you become invisible
How Personal Firewalls Work • Firewalls can log probes or just plain traffic • These logs can be examined for clues about hacker’s efforts
How Proxy Servers Work • A proxy server is one that acts as an intermediary between its clients and external services • System administrators can establish many types of services • They decide which will go through proxy servers • Many types of proxy servers are available
How Proxy Servers Work • A Web proxy handles Web traffic • Commonly serves as a Web cache • Could also provide content filtering by denying access to specific URLs • Some reformat Web pages for a certain audience (e.g., for cell phones) • To the internal user the use of the proxy is transparent • But it controls the interaction
How Proxy Servers Work • A proxy server can be used to log Internet traffic for analysis purposes • Could record keystrokes • Also how the external server reacted to those keystrokes • Could log • IP addresses • Date and time of access • URLS • Number of bytes downloaded
How Proxy Servers Work • Could be used to implement security schemes • Permits files to be transferred internally • But blocks access to external sites • Common use is caching • Speeds up performance by keeping copies of frequently-requested Web pages • Requests fulfilled by proxy eliminating need to contact an external server
How Proxy Servers Work • Other types of proxy servers • An anonymizing proxy server • Protects your identity by making you seem anonymous to servers • Vulnerable to man-in-the-middle attack • Since they can read and modify messages • Could intercept your credit card or logon information
How Proxy Servers Work • Circumventor – Method of defeating blocking policies implemented using proxy servers • Web-based page that allows access to blocked sites by routing it through an unblocked site • Famous example was elgooG, a mirror of Google • Search engine that only recognized search terms entered backwards