Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Firewalls
[Type the document subtitle]
CS101
11/19/2009
An Introduction to Firewalls
Contents
1. Definition: ............................................................................................................. 2
2. Why do we require firewalls? ................................................................................... 2
2.1 What is an attack? ............................................................................................. 2
3. Types of Firewalls (Krause) ...................................................................................... 2
3.1 Static packet filter .............................................................................................. 2
3.1.1 Advantages ................................................................................................. 3
3.1.2 Disadvantages ............................................................................................. 3
3.2 Dynamic Packet Filter ......................................................................................... 3
3.2.1 Advantages ............................................................................................... 4
3.2.2 Disadvantages .......................................................................................... 4
3.3 Circuit level Gateway .......................................................................................... 4
3.3.1 Advantages ............................................................................................... 5
3.3.2 Disadvantages .......................................................................................... 5
3.4 Application level Gateway ...................................................................................... 5
3.4.1 Proxy Server .................................................................................................. 6
3.4.2 Advantages .................................................................................................. 6
3.4.3 Disadvantages ............................................................................................. 6
4. Latest Firewall Technologies ..................................................................................... 6
5. A review about the Windows Firewall (Vamosi) ........................................................... 7
Works Cited ............................................................................................................... 7
Firewalls
1. Definition:
A firewall is defined as a hardware device/software that provides
secure access between the internal network and the external network.
Source address
Destination address
Application or protocol
3.1.1 Advantages
Low impact on network performance
3.1.2 Disadvantages
Operates in the network layer, examines only the IP header and TCP
header. So it is not aware of the packet payload.
Destination address
Application or protocol
A dynamic filter is a static packet that is state aware, i.e. it can differentiate
between a new and an established connection. After a connection is
established information about this connection is stored in a table on RAM,
any packet from this connection will be allowed to go ahead without any
further processing. This is a very important performance enhancement
feature in the Dynamic packet filter. (zebulebu)
The dynamic packet filter had some performance issue when it was used
with RISC processors. In order to overcome this some of the vendors
designed firewalls that violated the RFC guide lines for three way hand
shake. Some of the firewall designed would open a connection when the
server received a single SYN packet. This was a big security issue during
that period.
3.2.1 Advantages
3.2.2 Disadvantages
Operates in the network layer, examines only the TCP and IP header,
does not examine the packet payload
Susceptible to IP spoofing
Can create a problem when RFC recommended hand shake is not
followed
Provided a low level of protection
The circuit level gateway examines and validates TCP and UDP
sessions before if open up a connection or circuit through the firewall. So it
will provide more security than the static packet and dynamic packet filter.
The decisions to accept/deny the traffic is based examining
Source address
Destination address
Application or protocol
The circuit level gateway will determine if the session is legitimate using the
SYC flags, ACK flags and sequence numbers involved in TCP handshaking
between the trusted client and untrusted host and if the connection is
legitimate, it will use the packet filter rules to check if the packet can be
passed.
3.3.1 Advantages
3.3.2 Disadvantages
3.4.2 Advantages
3.4.3 Disadvantages
DPI base their accept/deny decision using several technologies which include
So when a packet arrives they typically compare the packet against vendor
suppiled definiton and also check for protocol anomolies. Regular vendor
updates are required to prevent latest attacks bypassing overpowering the
firewall.
Works Cited
1. Brainbell.
<http://www.brainbell.com/tutorials/Networking/Application_Gateway_Firewalls.html
>.
4. Vamosi, Robert. Outward bound with Vista's new firewall. 06 June 2006.
<http://reviews.cnet.com/4520-3513_7-6536942-1.html>.