1 / 17

Firewall

Firewall. Matthew Prestifilippo, Bill Kazmierski, Pat Sparrow. Basics. Intended to stop unauthorized traffic from traveling from one network to another Between router and internal network setup. Basics.

najila
Télécharger la présentation

Firewall

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Firewall Matthew Prestifilippo, Bill Kazmierski, Pat Sparrow

  2. Basics • Intended to stop unauthorized traffic from traveling from one network to another • Between router and internal network setup

  3. Basics All data arriving at or leaving the network passes through the firewall, where it can be accepted or denied. A list of rules can be set, allowing the firewall to determine what types of data should not be allowed to pass through . These rules can allow certain devices inside the network to have different privileges

  4. Filtering • Packet Filters • This job is done in the transport and network layer • Looks at the packets to see if forbidden IP’s are trying to come in. • Not affective in the case of spoofing • Stateful Inspection • Use ACK and SYN packet for verification/correspondence • Keeps track of sessions

  5. Filtering • Application Proxies • Application level • Extra processing power needed, but more security provided

  6. Filtering • A firewall can filter packets based on the source or destination IP address • A firewall can filter packets based on the destination port • A firewall can filter packets based on the protocol (UDP, TCP, IP …)

  7. Interfaces • 3 basic interfaces: • 1. Inside – trusted network • 2. Outside – untrusted network • 3. DMZ – demilitarized zone • Web server • Why a DMZ?

  8. NAT • Static • Permanent inside local -> inside global mapping • Dynamic • Pool of global addresses are defined. Machines that make a request to the outside are assigned accordingly.

  9. NAT • Overloading (PAT) • When there are more nodes than there are global addresses available, use port space to map to extra machines • This means that one address can be used for multiple computers (hence the term overloading)

  10. PAT

  11. URL Filtering • Need a N2H2 or a Websense server • Filtering process includes the PIX relying on the server to determine whether or not a website is allowed. • Could also use the access-list command

  12. Packet Inspection • A Firewall must inspect every packet traveling in and out of a network • Too many rules can result in a bottleneck • Looking up domain names while logging can slow performance • Using VPN and other functions can slow the performance

  13. PIX 515e Firewall • 433 MHz Intel Celeron processor • 64 MB RAM • 16 MB onboard flash memory • 188 Mbps throughput • can handle more than 130,000 sessions • Recommended for small to medium-sized business networks

  14. Our Setup • We reset the firewall with the inside IP address of 134.198.161.254 with a netmask of 255.255.248.0, which is the same as the inside address of the original network configuration • We set the outside IP address to 134.161.170.252, which is the same as the original network configuration. • The PIX515 has replaced the router. • By default, the firewall allows outgoing traffic to any IP address.

  15. Rules • Source and Destinations IPs • Source and Destination interface • Type of Packet • Default rule: Source: 0.0.0.0 on inside interface Destination: 0.0.0.0 on outside interface Packet Type: IP Action: Permit

  16. Our Rules • Allow all traffic to enter the network Source: 0.0.0.0 on the outside Destination: 0.0.0.0 on the inside Packet Type: IP Action: Permit • Prevent hosts from accessing Playboy.com Source: 216.163.137.3 on the outside Destination: 0.0.0.0 on the inside Packet Type: IP Action: Deny

  17. Work With IDS • View IDS logs to find any bad IPS and add rules to prevent them from sending packets to the network

More Related