Scribd Logo
Carica

Benvenuto in Scribd!

  • Proxy Servers

    Caricato da

    api-3706009
    514 visualizzazioni35 pagine
    Proxy is hardware / software Indirect access to other networks e.g Internet Organization, universities, companies use proxy systems proxy act as gateway / proxy act as Cache Server / Firewall Proxy share a connection to others Firewall Firewall protects the resources of a private network from users from other networks.

    Descrizione originale:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formati disponibili

    PPT, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Proxy is hardware / software Indirect access to other networks e.g Internet Organization, universities, companies use proxy systems proxy act as gateway / proxy act as Cache Server / Firewall Proxy share a connection to others Firewall Firewall protects the resources of a private network from users from other networks.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PPT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    514 visualizzazioni35 pagine

    Proxy Servers

    Caricato da

    api-3706009
    Proxy is hardware / software Indirect access to other networks e.g Internet Organization, universities, companies use proxy systems proxy act as gateway / proxy act as Cache Server / Firewall Proxy share a connection to others Firewall Firewall protects the resources of a private network from users from other networks.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PPT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 35

    Proxy Servers

    &

    Firewalls
    Topics
     What is proxy/firewall ?
     Main purpose of using proxies/firewalls
     How a firewall works ?
     How a proxy works ?
     Firewall types
     Proxy types
     Popular hardware & software proxies/firewalls
    What is proxy & firewall ?
    Proxy Firewall

    Proxy is hardware / software Firewall is hardware / software

    Indirect access to other networks protects the resources of a


    e.g INTERNET private network from users from
    other networks

    Organization , universities , Organization , universities ,


    companies use proxy systems companies use firewall systems

    Proxy act as gateway Firewall can act as gateway

    Proxy act as Cache Firewall can act as proxy


    Server/Firewall
    Proxy share a connection to Firewall filter Incoming &
    others Outgoing information

    LAN INTERNET
    Main purpose of using
    proxies
     Improve Performance
    – Act as Cache server
    – Bandwidth control
     Filter Requests
    – Prevent access to some web sites!!!
    – Prevent access to some protocols
    – Time division
     Surfing Anonymously
    – Browsing the WWW without any identification!!!
    Improve Performance
     Caching
    – Reduce latency Caching can greatly speed up Internet access. If one or more
    Internet sites are frequently requested, they are kept in the
    – Reduce Network Traffic proxy's cache, so that when a user requests them, they are
    delivered directly from the proxy's cache instead of from the
    original Internet site.

    Caches diminish the need for network bandwidth, typically by


    35% or more, by reducing the traffic from browsers to content
    servers.
     Bandwidth control
    – Policy-based Bandwidth Limits
    – Deny by content type
    – Content positioning

    INTERNET
    512 Kbps
    1 Mbps
    128 Kbps

    64 Kbps
    Filter Requests
     Prevent access to some web sites!!!
    – Categories web sites
     Adult/Sexually Explicit
     Advertisements & Pop-Ups
     Chat
     Gambling
     Games
     Hacking
     Peer-to-Peer
     ……
    – Check by content type
     .Exe / .Com
     .Mid / .MP3 / .Wav
     .Avi / .Mpeg / .Rm
    Main purpose of using
    firewalls
     Packet filtering
    – Analyzing packets
     Stateful inspection
    – Compare key part of each packet not whole with security
    policies
     Proxy service
    – Provide access to other networks e.g INTERNET
    What firewall protects us
    from
     Remote login
     Application backdoors
     SMTP session hijacking
     Operating system bugs
     Denial of service
     E-mail bombs
     Viruses
     SPAMs
     Trojans
     ICMP bombing
     FTP brute force
     Phishing
     ….
    What do you need for
    proxy installation?

     Proxy Software
     Ms ISA Server , Squid , WinRoute , …
     Server
     At least 2 network cards
     DIRECT INTERNET connection (Public IP Address)
     Switch/Hub (elective)
     Private IP Address
     10.0.0.1/8 – 172.16.0.1/16 – 192.168.0.1/24
    How a firewall works ?
    Sniffing Mode
    1) An attacker tries to compromise a service on the protected
    network.
    2) The Firewall identifies the attempt.

    Reset


    Harden

    Alert

    The FIREWALL can now:


    LOG • Log the attempt
    • Alert the admin
    • Harden the firewall
    • Or reset a TCP/IP connection
    How a proxy works ?

     See the next Demo

    INTERNET

    LAN



    Source IP
    LAN 172.16.0.2
    www.yahoo.com
    Dest IP
    IP : 172.16.0.2 209.191.93.52
    Gw : 172.16.0.1

    IP : 172.16.0.1

    Proxy Server
    INTERNET
    IP : 217.219.66.2
    Gw : 217.219.66.1
    LAN IP : 172.16.0.2
    Gw : 172.16.0.1

    Source IP
    172.16.0.2
    www.yahoo.com Change Source IP Address
    Source IP
    Dest IP
    209.191.93.52 217.219.66.2
    www.yahoo.com
    Dest IP
    209.191.93.52
    IP : 172.16.0.1

    Proxy Server
    INTERNET
    IP : 217.219.66.2
    Gw : 217.219.66.1
    LAN IP : 172.16.0.2
    Gw : 172.16.0.1

    IP : 172.16.0.1

    Proxy Server
    INTERNET
    Source IP
    IP : 217.219.66.2
    209.191.93.52
    Gw : 217.219.66.1
    Dest IP
    217.219.66.2

    Change Source IP Address


    & Destination IP Address
    LAN IP : 172.16.0.2
    Gw : 172.16.0.1

    Source IP
    209.191.93.52
    Dest IP Source IP
    172.16.0.2 Change Dest. IP Address
    209.191.93.52
    Dest IP
    217.219.66.2
    IP : 172.16.0.1

    Proxy Server
    INTERNET
    IP : 217.219.66.2
    Gw : 217.219.66.1
    LAN

    IP : 172.16.0.2
    Gw : 172.16.0.1

    Source IP
    209.191.93.52
    Dest IP
    172.16.0.2

    IP : 172.16.0.1

    Proxy Server
    INTERNET
    IP : 217.219.66.2
    Gw : 217.219.66.1
    Proxy types
     Web proxies
     SSL proxies
     Transparent proxies
     Open proxies
     Reverse proxies
     Anonymous proxy

    Proxy setting in IE
    Popular hardware/software
    proxies
    Software Proxy Hardware Proxy
    Ms. ISA Server Cisco PIX
    Squid Blue Coat
    Kerio WinRoute Cyberoam
    1st Up Net Server Alacer
    CCProxy
    CProxy
    Windows ICS
    WinGate
    Popular hardware/software
    firewalls
    Software Firewall Hardware Firewall
    Ms. ISA Server Cisco PIX
    Norton Internet Security Blue Coat
    Mcafee Internet Security Cyberoam
    ZoneAlarm Check Point
    Kerio NetScreen
    BlackICE D-link SECURESPOT
    Outpost WatchGuard
    References :

     www.cisco.com
     www.isaserver.org
     www.wikipedia.com
     www.cert.org
     www.isc.sans.org
     www.zonelabs.com
     www.symantec.com
     www.mshdiau.ac.ir
     Communication & Information Technology Department of
    Mashhad University - IRAN

    Thank You,

    Potrebbero piacerti anche