Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Prepared and presented By Rahat Azim Chowdhury Junior Researcher Genesis Technologies Ltd.
a hardware device and/or software program which sits between the Internet and the intranet, internet, of an organization
what should come in the intranet (inbound traffic) and what should come out of the intranet (outbound traffic).
may allow all traffic through unless it meets certain criteria, or may deny all traffic unless it meets certain criteria
Note: many other access systems also use this allow/deny rule.
Firewall layer
Firewall types
Hardware gateways
Market: they are in the upswing, see this article. Cisco: product line and some problems. WatchGuard: product line. SonicWall: product line. D-Link: product line (a low cost SOHO player). How they work: D-Link example. Filtering inbound traffic: allowing special applications, redirecting traffic to specific servers, denying all other inbound traffic. Filtering outbound traffic: allowing/denying specific LAN hosts to use certain ports. NAT and DHCP: all LAN hosts use local IP numbers, only the gateway has both a local IP number and a regular Internet IP number. NAT - network address translation - converts the request of a host in the LAN to the gateway IP number when sending an outbound request, and convert back to the local IP number when receiving an inbound reply. DHCP: automatically assigns local IP numbers, DNS, etc., to hosts in the LAN, as shown in this example (disabled).
Software firewalls
Market: dominant in SOHO and a player in business. F.W.T.K. org: how it all started, still a free firewall toolkit. Checkpoint: FireWall-1, a leader in business networks CSI: comparison table, mostly for business networks. Zone Labs: a leader in SOHO networks, free for personal use. Tiny Software: also a leader in SOHO, also free for personal use. Network ICE: another leader in SOHO, see it here. Symantec: a traditional Windows developer built a solid firewall. How they work: similar to hardware, but using a generic computer as the firewall device. Tiny example: once downloaded and installed it is set by default to block all inbound traffic and ask for authorization for outbound traffic, creating, or not rules, as you choose. You can create rules directly, and see status of the connections in your host. ZoneAlarm example: similarly blocks all inbound traffic, require you to setup security levels for LAN and Internet. Ask for authorization for outbound traffic, adding authorized programs to the list.
Firewall resources
Internet connection sharing and gateway: Wingate: the pioneer proxy SOHO software (includes firewall,) Sygate: the pioneer NAT SOHO software (also includes firewall). Windows XP: the ICF is a stateful firewall (a plus for XP). General resources Firewall.com Internet Firewalls: Frequently Asked Questions Firewall and Proxy Server HOWTO Shields UP Personal Firewalls Intrusion Detection Systems: FAQ Security of firewalls: proper configuration ... Leak test: LeakTest, PC World and PC Magazine articles. Wingate: read book to close vulnerabilities (telnet, mail, IRC), see here list of servers. Scanning through firewalls: Hping.
THANKS TO ALL