Professional Documents
Culture Documents
Vivek Srinivasan
Contents
Introduction
Conclusion
Introduction
Packet Sniffers
IP Spoofing
Password attacks
Denial of service.
Concentrated security.
Policy enforcement.
Packet filters
Circuit level gateways
Application level gateways
Packet Filters
A packet coveys the following information
source IP address and port
destination IP address and port
information about the protocol
error checking information
Packet filters work at the network layer of the OSI model and
are generally part of a router.
Packet filtering(contd.)
Packet filter firewalls often readdress network packets so that
outgoing traffic appears to have originated from a different
host rather than an internal host. The process of readdressing
network packets is called network address translation.
Network address translation hides the topology and
addressing schemes of trusted networks from untrusted
networks.
Advantages of packet filters
Faster than other firewalls because they perform fewer
evaluations.
Packet filtering(contd.)
connection:
Time of day.
Protocol
A unique session identifier for the connection, which is
used for tracking purposes
The state of the connection: handshake, established, or
closing
The source IP address, which is the address from which the
data is being delivered
The destination IP address, which is the address to which
the data is being delivered
Application firewalls
Application level gateways, also called proxies.They
filter packets at the application layer of the OSI model.
Application firewalls(contd.)
Application firewalls(contd.)
Advantages of Application firewalls
understand and enforce high-level protocols, such as HTTP
and FTP.
Application firewalls(contd.)
Disadvantages of application firewalls
Proxy services introduce performance delays.
New proxy must be written for each protocol that you want
to pass through the firewall.
Is firewall sufficient
A firewall cant protect from malicious insiders.
A firewall cant protect against viruses.
A firewall cant protect from completely new threats.
A firewall cant protect against connections that dont go
through it.