Professional Documents
Culture Documents
Jason C. White
ECE 578
Network Security
Spring 2004
What is a firewall?
An approach to security
A system to control access to or from a
protected or private network
Works to implement a security policy
defined by an organization
A private networks single point of attack
from Internet intruders
Why Firewalls?
Internet connectivity has become essential
for most organizations.
The Internet was not designed to be secure
Benefits of a Firewall
Protect from vulnerable services
Benefits of a Firewall
Enhanced privacy
Concentrated security
Policy enforcement
Disadvantages of Firewalls
Backdoors may exist
Disadvantages of Firewalls
Considered an all eggs in one basket approach
Strong Authentication
Externally accessing the network using the same
username and password is dangerous.
Types of Firewalls
Packet-filtering routers
Details of Packet-Filtering
Routers
Source IP address
Destination IP address
TCP/UDP source port
TCP/UDP destination port
Details of Packet-Filtering
Routers
Firewall administrator generates rules at the router to deny
or allow access between an internal and external host
Examples of filtered ports include:
Port 111 RPC which can be used to steal system information such as
passwords
Port 69 TFTP which can read system files if improperly configured
Benefits of packet-filtering:
Vulnerabilities of Packet-Filtering
Routers
Address & port spoofing
Vulnerabilities of Packet-Filtering
Routers
Router rules are complex
Some routers do not filter on TCP/UDP source ports which makes filtering
more difficult
It is common for an administrator to modify one rule while unknowingly
opening up a vulnerability
Routers usually offer no testing methods to insure the rules work
This allows for holes in the firewall that can be used to gain access to the
network
Details of Application
Gateways/Proxy Servers
Details of Application
Gateways/Proxy Servers
Proxies are typically designed & tested to be secure
i.e. if the gateway only has a proxy for FTP & TELNET then these
are the only services allow to pass. All other requests would be
denied
Vulnerabilities of Application
Gateways/Proxy Servers
Inability to defend against content related
attacks
Combination Firewalls
The most secure firewalls consist of multiple
components in specific configurations
The are many different configurations
available.
The following two types are to be examined:
Summary
The use of firewalls has become crucial to
protecting internal networks
There are many different types of firewalls on the
market
Sources
Wack, J. & Carnahan, L. (1995). Keeping your site
comfortably secure: An introduction to Internet firewalls. NIST
Special Publication 800-10.
Ker, K. (1995). Internet firewalls. Proceedings of SPIE International
Society of Optical Engineering, 2616, 65 - 77.
Stallings, W. (2003). Firewalls In Cryptography & Network
Security: Principles & Practices (pp. 616-635). Location: Prentice
Hall.
Wilner, B. (1995). Six Pitfalls in firewall deployment. Proceedings of
SPIE International Society of Optical Engineering, 2616, 78 85
Ioannidis, S., Keromytis, A., Bellovin, S. & Smith, J. (2000).
Implementing a distributed firewall. Proceedings of the ACM
Conference on Computer and Communications Security, 190-199.