What is Firewall -Introduction to
Firewalls
Introduction to firewalls
When you use internet in your
college/school/office , You may not be
access some websites, right? Do you
know how they block those websites?
They use firewalls for block websites.
Firewall prevent the system from
hackers attack. Lets us know what is
firewall.
What is Firewall?
Firewall is working like a security
guard standing outside the office.
Usually, What the security guard do?
He will allow those who has identity
card and block those who has not the
identity card. Right? Likewise, The
firewall will block unauthorized access
to the system.
Firewall may be a software or
hardware. It will work based on the set
of rules defined by the administrator.
Using Firewall administrator can block
certain website from being accessed.
All traffic from inside and outside of
the network must pass through the
firewall.
Only authorized traffic will be allowed
to pass (based on the set of rules)
Types of Fire Walls
Packet Filtering
Application level gate way
Circuit level gate way.
Packet Filtering (Network Layer)
A packet filtering router applies a set
of rules to each incoming IP packet and
then forwards or discards the packets.
Router is configured such that it can
filter incoming and outgoing packets.
The packets will filtered based on the
source and destination IP address.
IP spoofing attack is possible in this
packet filtering. IP spoofing can be
achieved by changing the source IP
address of packets.
Stateful Inspection Firewalls
A stateful inspection packet filters
tightens the rules of TCP traffic by
creating a state table of out bound TCP
connection. If the packet matches with
existing connection based on the state
table, it will be allowed. If it does not
match, It will be evaluated according to
the rule set for new connections.
Application Level Gateway
Application level gateway is also
known as proxy server. The user
communicate with the gateway using
application layer of TCP/IP stack. The
gateway asks the user for the name of
the remote host to be connected.
When the user enters valid user ID,
gateway will give access to the remote
application. This will block the
malicious activity and correct the
application behavior. This will ensure
the safety of company.
More secure than packet filtering. Easy
to log and audit all incoming traffic at
the application level. Application-level
filtering may include protection
against spam and viruses as well, and
be able to block undesirable Web sites
based on content rather than just
their IP address.
Circuit Level Gateway
The circuit level gateway works at
session layer of OSI model. Monitor
TCP handshaking between packets to
make sure a session is legitimate.
Traffic is filtered based on the session
rules. Circuit-level firewalls hide the
network itself from the outside, which
is useful for denying access to
intruders. But they don't filter
individual packets. This firewall is used
when the administrator trusts internal
users.
Why Firewall?
Firewall block unauthorized users,
prohibits vulnerable services from
entering or leaving the network.
Protection from IP spoofing and
routing attacks.
Protection against Remote login,
Trojan backdoor, Session hijacking,
cookie stealing,etc.
Limitation of Firewalls
The firewall cannot protect against
attacks that by pass the firewall.
The firewall does not protect against
internal threats
The firewall cannot protect against
the transfer of virus infected programs
(or) files. It would be impossible for the
firewall to scan all incoming files,
emails for viruses.
Bookmarks