Internet Firewalls

BY T. NAVEEN KUMAR (07J21A04A7)

INTRODUCTION
A firewall is a hardware device or a software program running on the secure host computer that sits between the two entities and controls access between them. A computer networking firewall implements a security policy either: a. in respect of network traffic traversing a router or gateway operating between 2 networks, or b. on a host computer in respect of network traffic between one or more of that host computer's network connections and the host computer itself

BLOCK DIAGRAM

NEED OF FIREWALLS

Protection from vulnerable Services. Controlled access to Site Systems. Concentrated Security. Enhanced Privacy. Logging and Satistics on Network Use, Misuse. Policy Enforcement.

TYPES OF FIRE WALLS

Packet filtering firewalls : A router is a device that receives

packets from one network and forwards them to another network.

Circuit level gateways : These firewalls work at the session

layer of the OSI model, or TCP/IP layer of the TCP/IP.

Application gateways : These are the software firewalls.

Application gateways also called proxies are similar to circuit level gateways expect that they are application specific.

Stateful multilayer inspection firewall : This firewall keeps

track of all packets associated with a specific communication session.

ADVANTAGES

Concentration of security. Protocol filtering. Information hiding. Centralized and simplified network services management. Extended logging

DISADVANTAGES

Concentrates security in one spot as opposed to distributing it among systems. High cost. Firewalls can't protect very well against things like viruses.

CONCLUCIONS

The Internet has become a dangerous place. Thirteen-year-old kids on dial-up accounts can crash a site supported by two T-1 connections by using hundreds of zombies to flood with UDP and ICMP traffic

While on the internet my firewall typically gets 1 to 3 hits an hour, primarily port scanners looking for a specific Trojan or a vulnerability to exploit.
No one should be on the Internet without a firewall. All networks are protected by firewalls. However, it is always a trade-off.

FUTURE SCOPE

We now have not just firewalls but intrusion detection devices, which do far more complex things to the traffic they see in an attempt to prevent the network being attacked. Many of todays firewalls dont just filter packets but also do clever stuff like checking whether incoming Java applets contain dangerous code ,or decoding email messages and passing their attachments to an Avpackage for analysis.

REFERENCES

BIND 9 Administrator Reference Manual Chapter 1. Introduction. Cisco PIX Firewall and VPN Configuration Guide. DNS and BIND 4th Edition. Electronic for you Mazine.( June 2010).

THANK YOU