Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
&
Firewalls
Topics
What is proxy/firewall ?
Main purpose of using proxies/firewalls
How a firewall works ?
How a proxy works ?
Firewall types
Proxy types
Popular hardware & software proxies/firewalls
What is proxy & firewall ?
Proxy Firewall
LAN INTERNET
Main purpose of using
proxies
Improve Performance
– Act as Cache server
– Bandwidth control
Filter Requests
– Prevent access to some web sites!!!
– Prevent access to some protocols
– Time division
Surfing Anonymously
– Browsing the WWW without any identification!!!
Improve Performance
Caching
– Reduce latency Caching can greatly speed up Internet access. If one or more
Internet sites are frequently requested, they are kept in the
– Reduce Network Traffic proxy's cache, so that when a user requests them, they are
delivered directly from the proxy's cache instead of from the
original Internet site.
INTERNET
512 Kbps
1 Mbps
128 Kbps
64 Kbps
Filter Requests
Prevent access to some web sites!!!
– Categories web sites
Adult/Sexually Explicit
Advertisements & Pop-Ups
Chat
Gambling
Games
Hacking
Peer-to-Peer
……
– Check by content type
.Exe / .Com
.Mid / .MP3 / .Wav
.Avi / .Mpeg / .Rm
Main purpose of using
firewalls
Packet filtering
– Analyzing packets
Stateful inspection
– Compare key part of each packet not whole with security
policies
Proxy service
– Provide access to other networks e.g INTERNET
What firewall protects us
from
Remote login
Application backdoors
SMTP session hijacking
Operating system bugs
Denial of service
E-mail bombs
Viruses
SPAMs
Trojans
ICMP bombing
FTP brute force
Phishing
….
What do you need for
proxy installation?
Proxy Software
Ms ISA Server , Squid , WinRoute , …
Server
At least 2 network cards
DIRECT INTERNET connection (Public IP Address)
Switch/Hub (elective)
Private IP Address
10.0.0.1/8 – 172.16.0.1/16 – 192.168.0.1/24
How a firewall works ?
Sniffing Mode
1) An attacker tries to compromise a service on the protected
network.
2) The Firewall identifies the attempt.
Reset
Harden
Alert
INTERNET
LAN
Source IP
LAN 172.16.0.2
www.yahoo.com
Dest IP
IP : 172.16.0.2 209.191.93.52
Gw : 172.16.0.1
IP : 172.16.0.1
Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
LAN IP : 172.16.0.2
Gw : 172.16.0.1
Source IP
172.16.0.2
www.yahoo.com Change Source IP Address
Source IP
Dest IP
209.191.93.52 217.219.66.2
www.yahoo.com
Dest IP
209.191.93.52
IP : 172.16.0.1
Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
LAN IP : 172.16.0.2
Gw : 172.16.0.1
IP : 172.16.0.1
Proxy Server
INTERNET
Source IP
IP : 217.219.66.2
209.191.93.52
Gw : 217.219.66.1
Dest IP
217.219.66.2
Source IP
209.191.93.52
Dest IP Source IP
172.16.0.2 Change Dest. IP Address
209.191.93.52
Dest IP
217.219.66.2
IP : 172.16.0.1
Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
LAN
IP : 172.16.0.2
Gw : 172.16.0.1
Source IP
209.191.93.52
Dest IP
172.16.0.2
IP : 172.16.0.1
Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
Proxy types
Web proxies
SSL proxies
Transparent proxies
Open proxies
Reverse proxies
Anonymous proxy
Proxy setting in IE
Popular hardware/software
proxies
Software Proxy Hardware Proxy
Ms. ISA Server Cisco PIX
Squid Blue Coat
Kerio WinRoute Cyberoam
1st Up Net Server Alacer
CCProxy
CProxy
Windows ICS
WinGate
Popular hardware/software
firewalls
Software Firewall Hardware Firewall
Ms. ISA Server Cisco PIX
Norton Internet Security Blue Coat
Mcafee Internet Security Cyberoam
ZoneAlarm Check Point
Kerio NetScreen
BlackICE D-link SECURESPOT
Outpost WatchGuard
References :
www.cisco.com
www.isaserver.org
www.wikipedia.com
www.cert.org
www.isc.sans.org
www.zonelabs.com
www.symantec.com
www.mshdiau.ac.ir
Communication & Information Technology Department of
Mashhad University - IRAN
Thank You,