1 / 29

Firewalls

Firewalls. CS591 Topics in Internet Security November 15 1999. Steve Miskovitz, Steve Peckham, Kan Hayashi. Outline. Overview/Motivation Packet Filtering Application Gateway. Overview/Motivation. Why Do We Need Firewalls? Design Issues Firewall Characteristics Typical Setups/Analysis.

steve
Télécharger la présentation

Firewalls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Firewalls CS591 Topics in Internet Security November 15 1999 Steve Miskovitz, Steve Peckham, Kan Hayashi

  2. Outline • Overview/Motivation • Packet Filtering • Application Gateway

  3. Overview/Motivation • Why Do We Need Firewalls? • Design Issues • Firewall Characteristics • Typical Setups/Analysis

  4. Why Do We Need Firewalls? • Prevent unauthorized access to private networks • Prevent unauthorized export of private information

  5. Design Issues • That which is not expressly permitted is prohibited • firewall is designed to block everything, services are enabled on a case-by-case basis • can be seen as a hindrance by users • That which is not expressly prohibited is permitted • reactive, must predict what kinds of actions would compromise the security of the firewall

  6. Firewall Characteristics • Damage Control • If the firewall is compromised or destroyed what kinds of threats does it leave the private network open to? • Zones of Risk • How large is the zone of risk during normal operation?

  7. Firewall Characteristics • Failure Mode • If the firewall is broken into or destroyed, how easy is it to detect? • How much information is retained to analyze the attack? • Ease of Use • How much of an inconvenience is the firewall? • Stance • Permissive or prohibitive?

  8. Typical Setups • Screening Router • Dual Homed Gateway • Screened Host Gateway • Screened Subnet

  9. Screening Router • Basic router with some kind of packet filtering capability • Typically will be able to block traffic between networks or specific hosts on an IP level

  10. Analysis of Screening Router • Damage control is difficult because you would need to examine every host for traces of a break-in • Zone of risk is the all the hosts on the private network because direct communication is permitted • Usually set up as permissive

  11. Analysis of Screening Router • In the case of destruction of the firewall it is very hard to trace because commercial routers generally do not keep logs • Can fairly easily get around the screening using tunnelling • Popular because they allow fairly free access from any point in the private network

  12. Dual Homed Gateway • Has a system on both the private network and the Internet , with TCP/IP forwarding disabled

  13. Analysis of Dual Homed Gateway • Often used and easy to implement • Hosts on the private network can communicate with the gateway, as can hosts on the Internet, but direct traffic between the networks is blocked • If the gateway is compromised then the whole private network is accessible • Zone of risk is only the gateway host

  14. Analysis of Dual Homed Gateway • Permissiveness dependant on the stance of the gateway • logins on gateway is permissive • application gateways is prohibitive • Can be adapted more easily to keep logs which can help with tracing what went wrong and which machines on the private network were compromised

  15. Screened Host Gateway • Combines a screening router and a dual homed gateway. The screening router is configured such that the gateway is the only system reachable from the Internet

  16. Analysis of Screened Host Gateway • Can be configured to block traffic to the gateway on certain ports, permitting only a small number of services to communicate with it • Generally very secure, while fairly easy to implement • Router is configured to only permit Internet access to the gateway

  17. Analysis of Screened Host Gateway • Zone of risk is the gateway and the router • Gateway can be on the private network so connectivity is good for local users • Stance is dependant upon the gateway • Similar to a dual homed gateway

  18. Screened Subnet • An isolated subnet is created, between the private network and the Internet • isolate the private network using screening routers with varying levels of filtering

  19. Analysis of Screened Subnet • Generally, both the Internet and the private network have access to the subnet but traffic across the screened subnet is blocked • Usually configured with one host as the sole point of access on the subnet • Zone of risk is host and any screening routers that connect the subnet • Appealing for firewalls that use routing to reinforce the existing screening

  20. Analysis of Screened Subnet • Forces all services to be provided by application gateways • Strongly prohibitive • Much harder to break into since you need to compromise multiple systems • Can be an inconvenience since hosts that are not addressed correctly cannot use the firewall properly

  21. Packet FilteringOverview • Control data traffic using header of each packet • source IP address • destination IP address • etc • Screened (Host, Subnet) Setups

  22. Static Packet Filtering • “Static” = “doors” are open at all times • Advantages • Low overhead / High throughput • Inexpensive or free • Good for traffic management • Disadvantages • Allows dangerous direct connections • Leaves holes open • Unsuitable for complex environment • No user authentication

  23. Dynamic Packet Filtering • “Dynamic” = opens and closes “doors” according packet header data • Can keep track of context information about a session. (stateful filtering) • Advantages • Only temporarily opens holes in Network Perimeter • Low overhead / High throughput • Supports almost any service • Disadvantages • Allows direct IP connections • No user authentication (requires application gateway)

  24. Application GatewaysOverview • First Generation vs. Second Generation (transparent) • TCP connection state and sequencing are maintained. • Prevents direct access to services on the internal network. • Outgoing traffic appears to be coming from the firewall rather than the internal network. • Works on an application (or service) level.

  25. Application GatewaysLawyer Example B Unapproved Message B’s Lawyer Approved Message A

  26. Application GatewaysExample of masking internal network

  27. Application GatewaysAdvantages • Doesn’t allow direct connections between internal and external hosts (proxy). • Supports user-level authentication. • Ability to analyze application specific commands inside traffic. • Can keep logs of traffic.

  28. Application GatewaysDisadvantages • Takes time to check requests. • Doesn’t support every type of connection.

  29. References • Thinking About Firewalls V2.0: Beyond Perimeter Security (1997) • http://www.clark.net/pub/mjr/pubs/think/index.htm • Application Gateways and Stateful Inspection: A Brief Note Comparing and Contrasting (Avolio & Blask 1998) • http://www.avolio.com/apgw+spf.html

More Related