Beruflich Dokumente
Kultur Dokumente
PRESENTED BY:
HIDAYATULLAH KHOMAINI
Hiday00786@yahoo.co.in
MALINENI LAKSHMAIAH ENGINEERING COLLEGE
SINGARAYA KONDA
&
VIDYA PRATIMA
s030558prathima@yahoo.com
St.ANN’S ENGINEERING COLLEGE, CHIRALA
ABSTRACT
wall is a system that allows network administrators to set an access control policy for the
network. It can be used to permit limit or block the traffic between the network and the Internet.
It can be configured to enter only e-mail to enter the network. It can also authenticate remote
logons to the network, preventing unauthorized users from entering the network. Its auditing
capabilities include a) web pages accessed, b) attempts to log into the network and 3) usage
statistics. These data help network administrators manage the network, monitor inappropriate
users and detect attacks.
Network security refers to the proper safeguarding of everything associated with the
network, including data, media and equipment. It involves administrative functions, such as
threat assessment and technical tools and facilities such as cryptographic products such as
firewalls. It also involves making certain that only people who are authorized to see these
resources use in accordance with a prescribed policy and network resources.
INTRODUCTION
The Internet has made large amount of information available to the average computer user at
home, in business and education. For many people, having access to this information is no longer
just an advantage is essential. By connecting a private network to the Internet can expose critical
or confidential data to malicious attack from anywhere in the world. The intruders could gain
access to your sites private information or interfere with the use of your own systems. Users who
connect their computers to the Internet must be aware of these dangers, their implications and
how to protect the data and their critical systems.
Therefore security of the network is the main criteria here and firewalls provide this security.
The Internet firewalls keep the flames of Internet hell out of your network or, to keep the
members of your LAN pure by denying them access the all the evil Internet temptation.
All the enterprises with computer networks have security concerns with their data
whether or not their network is connected to the Internet. Attempts to corrupt or steal enterprises
data is referred to as an attack. A typical attack is when a hacker breaks in to an enterprises
network through their web server and either steals valuable data, modifies data or inserts a virus
in to a network. Another form of an attack is when a disgruntled employee steals data for a
financial gain or to injure the enterprise.
Going through the whole process of developing a security policy is not enough. Threats
change, vulnerabilities change, business requirement change and the available counter measures
change. All of these must be periodically and routinely re-evaluated to achieve a network
security policy that is feasible, practical and enforceable and at the same time it protects the
network.
TYPES OF FIREWALLS
Firewalls fall into different categories. They are mainly
Packet filtering firewalls
These firewalls work at the network layer of the OSI model, or IP layer of TCP/IP.
They are usually a part of the router. A router is a device that receives the packet from one
network and forwards them to other network. In a packet filtering firewall, each packet is
compared to a set of criteria before it is forwarded. Depending on the packet and the
criteria, firewall can drop the packet, forward it or send a message to the originator. Rules
can include source and destination IP addresses, source and destination port number and
type of the protocol embedded in that packet. These firewalls often contain an ACL (access
control list) to restrict who gains the access to which the computers and the networks.
5. Application Disallowed
Allowed
4. Transport control Traffic is filtered based on
Protocol (TCP) Specific rules including source
3. Internet protocol And destination IP addresses, packet
(IP) type, port number etc. unknown
2. Data link traffic is allowed only up to level3 of the
network stack.
1. Physical
1. Physical
Application gateways:
These are the software firewalls. These are often used by the companies
specifically to monitor and log the employee activity and by private citizens to protect a
home computer from hackers, spy ware to set the parental controls for children.
Application gateways are also called proxies are similar to circuit level gateways expect
that they are application specific. Hey can filter the packets at the application layer of
OSI or TCP/IP model. Incoming or outgoing packets can’t access services for which
there is no proxy. In plain terms, an application level gateway is configured to be a web
proxy will not allow all ftp, golpher, telnet or other traffic through. Because they examine
packets at the application layer, they contain filter application specific commands such as
http, post, get etc.
It works like a proxy. A proxy is a process that sits between a client and a server. For a
client proxy look like a server and for the server proxy look like a client. Example Application
layer firewall in the above figure an application firewall called “dual homed gateway” is
represented. A dual homed gateway is highly secured host that runs proxy software. It has two
interfaces one on each network and blocks all traffic passing through it.
They combine the aspects of other three types of firewalls. This firewall keeps
track of all packets associated with a specific communication session. A typical communication
session between two computers will consists a several thousand packets, each of which is
identified by a unique source and destination address and a sequence number that allows all the
packets to be assembled in to the correct data files at destination computer. Each packet of data is
checked to ensure that it belongs to proper sessions. Any packets that are not part of an existing
session are rejected. In addition to checking and validating the communication session ensuring
that all packets belong to the proper session, these are the further screens the packets at the
application layer also.
Filtering at the software application port level provides an additional layer of control for
the network administrator to ensure that only authorized transactions are allowed through the
firewall. These firewalls close off ports until connection to the specified port is requested.
5. Application
Disallowed Allowed
1. Physical
SECURITY IN NETWORKS
Concentration of security
Information hiding
Application gateways
Extended logging
Centralized and simplified network service management
The most obvious being that certain types of network access may be hampered or even
blocked for some hosts, including telnet, FTP, X windows, NFS, NIS etc. however
these disadvantages are not unique to firewalls; network access could be restricted at
the host level as well, depending on a sites security policy.
A second disadvantage with a firewall system is that it concentrates security in one spot
as opposed to distributing it among systems, thus a compromise3 of the firewall could
be disastrous to the less protected systems on the subnet. The weakness can be
countered, however the argument that lapses and weaknesses the security are more
likely to be found, as the number of systems in the subnet is increase, there by
multiplying the ways in which subnets can be exploited.
Another disadvantage is that relatively few vendors have offered firewall systems
until very recently. Most firewalls have been somewhat “hand-built” by site
administrators, however the time and effort that could go constructing a firewall may
outweigh the cost
CONCLUSION
In conclusion, the Internet has become a dangerous place. Thirteen-year-old kids on dial-
up accounts can crash a site supported by two T-1 connections by using hundreds of Zombies
(PC’s hacked and uploaded with the Trojan) to flood with UDP and ICMP traffic. This is simply
a malicious attack meant to consume all of the bandwidth of the connection to the Internet.
Yahoo was recently crashed by what is called a “smurf” attack, pings requests are sent to several
Internet broadcast addresses with a spoofed return address aimed at the victim (yahoo in this
case). The resulting storm of packets consumes all bandwidth and disconnects or makes the site
unusable for the normal traffic. Hackers attack networks to destroy and/or steal the information.
They attack PC’s so they can use them in zombie attacks, to hide their identity when trying to
gain illegal entry to secure networks, or for nothing more than malicious purposes. While on the
internet my firewall typically gets 1 to 3 hits an hour, primarily port scanners looking for a
specific Trojan or a vulnerability to exploit. No one should be on the Internet without a firewall.
All networks are protected by firewalls. However, it is always a trade-off. The whole point of the
Internet is communication and exchange of information. The question how much do we restrict
access without losing all the advantages of speed and openness.
BIBLIOGRAPHY
www.google.com
www.sun.com
www.astaro.com
www.networkworld.com