Network Security Using Firewalls

Published on December 2021 | Categories: Documents | Downloads: 5 | Comments: 0 | Views: 129
of 11
Download PDF   Embed   Report

Comments

Content

 

for more:- www.PPTSworld. www.PPTSworld.com com

A TECHNICAL PAPER  ON

NETWORK SECURITY USING FIREWALLS

PRESENTED BY:

GUDLAVALLERU ENGINEERING COLLEGE

GUDLAVALLERU

for more:- www.PPTSworld. www.PPTSworld.com com

 

for more:- www.PPTSworld. www.PPTSworld.com com

INTRODUCTION:

This paper discusses the need for and the concept of network security. Some solutions to implem imp lement ent networ network k securi security ty like like firewa firewalls lls,, back-u back-ups ps etc., etc., are discus discussed sed.. It mainly mainly emphasizes on packet filtering firewalls, their advantages and disadvantages. It concludes with the difficulties encountered in the implementation of network security. Keywords: network security, threats and sources, firewalls, packet filtering.

The requirements of information security have undergone three major changes in the last three decades. The first major change was the introduction of the computer. The need for protec protecti ting ng files files and inform informati ation on became became eviden evident. t. Collec Collectio tion n of tools tools and  procedures designed to protect data and to control access to computing resources has the genericc name comput generi computer er security security.. The second major change change was the int introd roduct uction ion of  distributed systems, networks, and facilities for data communication. The third change is the curren current, t, rapid rapid develo developme pment nt of wirele wireless ss networ networks ks and mobil mobilee commun communicat ication ions. s. Wireless security is therefore of high priority today.

 Network security measures are needed   to protect data during transmission and storage    to control access to networks and network nodes.

Some terminology commonly used within network security can be defined as follows: • Data Integrity Protection against change. • Data Availability Protection against disruption of services. • Data Confidentiality Protection against unauthorized data. • Privacy Refers to the ability of a sender to remain anonymous. Accountability   • Accountability 

for more:- www.PPTSworld. www.PPTSworld.com com

 

for more:- www.PPTSworld. www.PPTSworld.com com

o f responsibility. The clear identification of • Authorization Refers to the process of awarding, monitoring.

“Taxonomy Diagram” shows the fundamental properties of network security - integrity,  protection, and security administration – as an interactive, animated Network Security tree (Figure 2).

www.PPTSworld.com com for more:- www.PPTSworld.

 

for more:- www.PPTSworld. www.PPTSworld.com com

Types and Sources of Network Threats Denialial-of-S of-Serv ervice ice -The attacke attacker's r's progra program m simply simply makes makes a connect connection ion on some some 1) Den

service port, perhaps forging the packet's header information that says where the packet came from, and then dropping the connection. If the host is able to answer 20 requests per  second, and the attacker is sending 50 per second, obviously the host will be unable to service all of the attacker's requests, much less any an y legitimate requests. Unauthorized rized Access - The goal of these attacks is to access some resource that your  2) Unautho

machine should not provide the attacker. attackerr might might wish wish to make make config configura uratio tion n 3) Exe Executi cuting ng Comm Command andss Illi Illicitl citly y - An attacke changes to a host for which w hich he gains administrator privileges. 4) Destructive Behavior -  There are two major categories(a)Data ata (a)D

the da data ta didd diddle lerr who who ac actu tual ally ly work workss be behi hind nd th thee sc scen enee Diddlin Did dling g. It is the

manipulating all the data, which would be unaware to the actual user. It includes the destruction of data. (b)Data Destruction. – It

Solutions1) Hope you have backups

This is is coord coordin inat ated ed wi with th a -Th disaster recovery plan. 2) Don’t put data where it doesn't

need

to

be

-Information that doesn't need

to be acce access ssib iblle fr from om th thee outside world sometimes is.  3) Avoid systems with single points of failure - In security degree of redundancy is

good, which helps in protection of any organization.

for more:- www.PPTSworld. www.PPTSworld.com com

 

for more:- www.PPTSworld. www.PPTSworld.com com

4) Watch for a person who is in knowledge of the current operating system patches.

Internet Firewalls Encryption helps to solve many security problems. However, it is not a complete soluti sol ution on and is often often compli complimen mented ted with with a  firewall  to re rest stri rict ct th thee ty types pes of ac acce cess ss  permitted between a company’s internal network and the rest of the Internet (i.e. a firewall firew all protects against unwanted Internet traffic). traffic). In order to provide provide some level of  separa sep aratio tion n betwee between n an organi organizat zation ion's 's Intran Intranet et and the Intern Internet, et,  firewalls hav havee been employed. A firewall is a system or group of systems that enforces an access control  policy between two networks. In principle, the firewall can be thought of as a pair of  mechanisms: one, which exists to block traffic, and the other, which exists to permit traffic. To be effective, all network traffic either entering or leaving the organization must pass through the firewall. In turn, the firewall implements a defined security policy that rejects any traffic that does not adhere to the policy. Finally, the firewall is itself  const con stru ruct cted ed to be im immu mune ne to se secu curi rity ty at atta tack cks. s. Fi Fire rewa wall llss help help to defin definee a se secu curi rity ty  perimeter; as such they can lower the cost of providing adequate security.

NEED FOR A FIREWALLProbably the most important thing to recognize about a firewall is that it is designed to prevent unauthorized unauthorized access to or from a private private network connected to the Internet, Internet, especially intranets intranets.. They They ca can n be im impl plem ement ented ed in bo both th ha hard rdwa ware re an and d so soft ftwa ware re,, or a combination of both. They sit between two or more networks and mediate traffic. General-purpose computer used to control access between the internal (private) network  (Intranet) and the Internet (or any other untrusted network).

Types of Firewalls 1) Application Gateways -Also known as proxy gateways, application proxy or 

application-level proxy, proxy, it is an application program that runs on a firewall system  between two networks. These are made up of bastion hosts that run special software to act as a proxy server.

for more:- www.PPTSworld. www.PPTSworld.com com

 

for more:- www.PPTSworld. www.PPTSworld.com com

2) Packet Filtering -Packet filtering is a technique whereby routers have  ACLs (Access

Control Lists) turned on. By default, a router will pass all traffic sent it, and will do so without any sort of restrictions. Employing ACLs is a method for enforcing your security  policy with regard to what sorts of access you allow the outside world to have to your  internal network, and vice versa. There is less overhead in packet filtering than with an applicat appl ication ion gateway gateway,, becaus becausee the featur featuree of access access control control is perfor performe med d at a lower  lower  ISO/OSI layer (typically, the transport or session layer). Due to the lower overhead and the fact fact that that packet packet filter filtering ing is done done with with router routers, s, which which are specia specializ lized ed comput computers ers optimized for tasks related to networking, a packet filtering gateway is often much faster  than its application layer cousins. Figure 6 shows a packet-filtering gateway. Packet filtering filtering is a network network security security mechanism that works by controlling controlling what data can flow to and from a network. To transfer information across a network, the information has to be broken up into small pieces of data called as packets, each of which is sent separately. Packets traversing an Internet work (a network of networks) travel from router to router until they reach their destination. A router has to make a routing decision about each packet it receives; it has to decide how to send that packet on towards its ultimate destination. In general, a packet carries no information. The packet tells the router where it wants to go, but not how to get there. the re. Router Routerss commun communica icate te with with each each other other using using "routi "routing ng protoc protocols ols"" such such as the Routing Information Protocol (RIP) to build routing tables in memory to determine how to get the packets to their destinations. When routing a packet, a router compares the  packet's destination address to entries in the routing table and sends the packet onward as directed by the routing table.

A packet filtering firewall filter inspection takes place at the network or transportation layers, layer s, and they are application application independent. independent. It is the least secure secure form of firewall, firewall, as they do not take account of the communication performed by different applications.

www.PPTSworld.com com for more:- www.PPTSworld.

 

for more:- www.PPTSworld. www.PPTSworld.com com

Packet filtering is based on: The address of the source and destination data. The session and application protocols being used to transfer the data. NEED FOR PACKET FILTERING

The main advantage of packet filtering is leverage: it allows you to provide, in a single  place, particular protections for an entire network. Routers also present a useful chokepoint all of the traffic entering or leaving a network. Only filtering routers can  provide certain protections. Protocols Are Usually Bi-directionalBi-directional - Protocols is usually bi-directional; they almost

always involve one side sending an inquiry or a command, and the other side sending a response of some kind.

What Does a Packet look like?

A packe packett ha hass tw two o pa part rts: s: the the heade headerr an and d the the bo body dy.. The The he head ader er conta contain inss pr prot otoc ocol ol information relevant to that layer, while the body contains the data for that layer which often consists of a whole packet from the next layer in the stack. Each layer treats the information it gets from the layer above it as data, and applies its own header to this data. At each layer, the packet contains all of the information passed from the higher layer; nothing is lost. This process of preserving the data while attaching a new header is known as encapsulation.

for more:- www.PPTSworld. www.PPTSworld.com com

 

for more:- www.PPTSworld. www.PPTSworld.com com

Filtering by Address

The simplest, although not the most common, form of packet filtering is filtering by address. Filtering in this way lets you restrict the flow of packets based on the source and/or destination addresses of the packets, without having to consider what protocols are involved. Such filtering can be used to allow certain external hosts to talk to certain intern internal al hosts, hosts, for example example or to prevent prevent an att attack acker er from from inj inject ecting ing forged forged packet packetss (packets handcrafted) so they appear to come from somewhere other than their true source into your network. Risks of Filtering by Source Address

It's not necessarily safe to trust source addresses because source addresses can be forged. Unless you use some kind of cryptographic authentication between you and the host you want to talk to, you won't know if you're really talking to that host, or to some other  machine that is pretending to be that host. The filters we've discussed above will help you if an external host is claiming to be an internal host, but they won't do anything about an external host claiming to be a different external host. There are two kinds of attacks that rely on forgery: source forgery: source address and man in the middle. middle . In a basic  source address forgery attack, an attacker sends you packets that claim to be from some trusted person, hoping that you would take some action without expecting to get any packets from you. In fact, your responses will go to whoever the attacker is  pretending to be, not to the attacker. There are plenty of attacks that can be carried out without the attacker needing to see the results directly. For example, suppose an attacker  issues a command to your system that causes it to email your password file to him; if  your system is going to send the attacker the password file in the mail, there is no need for him to see it during the attack itself. In many circumstances - particularly those involving TCP connections - the real machine (that the attacker is pretending to be) will react to your packets by trying to reset the  bogus connection. Obviously, the attacker doesn't want this to happen. He has to ensure the attack completes before the real machine gets the packets you're sending, or before you get the reset packets from the real machine. There are a number of ways to ensure this - for example:

for more:- www.PPTSworld. www.PPTSworld.com com

 

for more:- www.PPTSworld. www.PPTSworld.com com

1) Carrying Carrying out the attack attack while while the the real real machine machine is down 2) Crashing Crashing the the real machine machine so the the attack attack can be carried carried out out 3) Flooding Flooding the real machine machine while while the attack attack is is carried carried out out 4) Confusing Confusing the the routing routing between between the real real machine machine and the the target target 5) Using an attack attack where where only the first first response response packet packet is required, required, so that that the reset doesn't matter. Filtering by Service

Blocki Blo cking ng incomi incoming ng forged forged packets packets,, as discus discussed sed previo previousl usly, y, is just just about about the only common use of filtering solely by address. Most other uses of packet filtering involve filtering by service, which is somewhat more complicated. We're going to take a detailed look at Telnet. Telnet allows a user to log in to another system, as if the user had a terminal directly connected to that system. Outbound Service-In outbound Telnet service, in which a local client (a Outbound Telnet Service-

user) is talking to a remote server for handling both outgoing and incoming  packets. Inbound Telnet Service-In this a remote client (a remote user) communicates

with a local Telnet server. Advantages of Packet Filtering

1) One screening router can help protect an entire network  you gain tremendous

leverage on network security 2) Packet filtering doesn't require user knowledge or cooperation , custom software or  configuration of client machines, nor does it require any special training or procedures for  users. 3) Packet filtering is widely available in many routers hardware and software routing  products, both commercial and freely available over the Internet Disadvantages of Packet Filtering-

for more:- www.PPTSworld. www.PPTSworld.com com

 

for more:- www.PPTSworld. www.PPTSworld.com com

1) Current filtering tools are not perfect-Despite the widespread availability of packet filtering in various hardware and software packages, packet filtering is still not a perfect tool. 2) The packet packet filtering filtering rules rules tend to to be hard to configure configure.. Although there there is a range range

of 

difficulty, it mostly mostly runs from slightly slightly mind-twisting to brai brain-numbingly n-numbingly impossible. 3) Once configured, the packet filtering rules tend to be hard to test. 4) The packet filtering capabilities of many of the products are incomplete, making implementation of certain types of highly desirable filters difficult or impossible.

CONCLUSIONS  



 Network security implies restrictions such as  network network traffic traffic filtering filtering with firewall firewall technology, technol ogy, defence defence against against distribut distribution ion of malicious malicious programs like virus    prevention. Security is a very difficult topic. Everyone has a different idea of what ``security'' is, and what levels of risk are acceptable. The key for building a secure network is to define what security means to your organization. organization . It's important to build systems and networks in such a way that the user is not constantly reminded of the security system around him. Users who find security policies and systems too restrictive will find ways around them. It's important to get their feedback to understand what can be improved, and it's important to let them know why what have been done has been, the sorts of risks that are deemed unacceptable, and what has been done to minimize the organization's exposure to them. Security is everybody's business, and only with everyone's cooperation, an intelligent  policy, and consistent practices, will it be achievable.

REFERENCES:

.NET Messenger Service (2002). Free (2002). Free Instant Messaging service. service. Retrieved November  29, 2002 from the World Wide Web

for more:- www.PPTSworld. www.PPTSworld.com com

 

for more:- www.PPTSworld. www.PPTSworld.com com

http://messenger.microsoft.com/default.asp?mkt=en-us

 Bluetooth.. (2001). the Official Bluetooth Wireless Info Site. Retrieved November 29,  Bluetooth 2002 from the World Wide htt ttp p:/ :///ww www w.b .blu lueeto toot oth h.c .com om /

for more:- www.PPTSworld. www.PPTSworld.com com

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close