Firewalls

-
Firewalls

A computer firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality.
An Internet firewall examines all traffic route dbetween your network and the Internet to see if it meets a certain criteria.
If it does, it is routed between the networks, otherwise it is stopped.
Firewalls can filter packets based on their source, destination addresses and port numbers.
This is known as address filtering.
Firewalls can alsofilter specific types of network traffic.This is also known as protocol filtering because the decision to forward or reject traffic is dependant upon the protocol used.e.g.,HTTP,Telnet or FTP.
Firewalls can also filter traffic by packet attribute or state.

Different types of firewall

Firewalls fall into four broad categories:
  • Packet filters
  • Circuit-level gateways
  • Application-level gateways
  • Stateful multi-layer inspection firewalls

Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP.
They are usually part of a router firewall. A router is a device that receives packets from one network and forwards them to another.
In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded.
Circuit level gateways work at the session layerof the OSI kmodel, or the TCP layer of TCP/IP .They monityor TCP handshaking betweeen packets to determine whether a requested session is legitimate Application level gateways, also called proxies, are similar to circuit level gateways except that they are ap-plication-specific.They can filter packets athe application layer of teh OSI kodel\ Stateful multilayer inspection firewalls combine the aspects of the other three types of firewalls.
They filter packets at the network layer, determine whether session packets are legitimate and evaluate packets at the application layer.

What a firewall protects you from:

  • Remote login =>
    • When someone is able to connect to your computerand control it in some form
    • This can mean that the hacker can view or access your files
  • Application backdoors =>
    • Some programs have special features that allow for remote access
    • Others contains bugs that provide a backdoor, or hidden access, that provides some level of control of the program
  • SMTP session hijacking =>
    • By gaining access to a list fo e-mail addresses,a person can send unsolicited junk email to thousands of users
  • Operating System bugs =>
    • Like applications, some operatuing sytems have bavckdoors
    • Others provide remote access with insufficient security controls or have bugs that can experienced hacker can take advantage of.
  • Denial of Service =>
    • By inundating a server with this unanswerable session requests, a hacker causes the server to slow toa crawl or eventually crash
  • Macros =>
    • To simplify complicated procedures, many applications allow you top create a svc5ipt of commands that the appliaction can run
    • This script is known as a macro
    • Hackers have taken advantage if this to create their own macros that, depending on the application, can destroy ypur data or crash your computer
  • Viruses =>
    • A virus is a small program that can copy itself to other computers
    • This way it can spread quickly from one system to the next
  • Spam =>
    • Quite often it contains links to websites
    • Be careful of clicking on this because you may accidentally accept a cpokie that provides a backdoor ypour computer

Types of Firewall Architectures

Single-Box Architecture

The single firewall architecture is the simplest type of firewall architecture.This type of architecture has a single object that acts as a firewall

Screening Router Architecture

The screening router architecture is a low cost firewall system. It is basically comprised of an internal network of computers, separated from an external network such as the Internet through a screening router. The screening router acts as firewall and engages in a screening process known as packet filtering. Advantages of a dual homed host include a very high level of control with regard to paxcket filtering.

Screened host architecture

Screened host architecture provides services from a host that is attached to only the internal network, using a separate router. The host resting on the internal network is called a bastion host.A bastion host is a highly secured computer that provides protection to an internal network from outside intrusion because of exposure to Internet.
The bastion host is the only system on the internal network that hosts on the Internet can open connections to. Any external network will have to connect to the bastion host in order to connect to the internal network.

Screened subnet architecture:

It is a firewall architecture. The first router serves as an exterior router that is connected to the external network and the perimeter name. This router, otherwise, known as the access router (protects both the perimeter network and the internal network from the internet. The exterior routers blocks incoming packets from the internet that have forged source addresses. The exterior router also prevents "IP packets" containing inappropriate source addresses from within the network.
The second router or interior router is connected to the internal network and peripheral router. This router is also known as the choke router. Most of the packet filtering for the firewall.It also allows data to travel from the internal network to the Internet. Some of the services that are allowed to go outbound include "outgoing HTTP,telnet,FTP, and others".
The bastion host lies on the perimeter, isolated between the exterior and interior routers. To break into the internal with this type of architectre, an attacker would have to get past both routers. Even if the attacker somehow broke in to the bastion host, he would still have to guess past the interior router. There is no single vulnerable point that will compromise the internal network.

Multiple screened subnet architecture:

This tyoe of firewall architecture is simply a variation on the screened subnet architecture. Instead of having just one perimeter network to create the firewall. This architecture can contain two or more, An example of a multiple screened subnet is a split screened subnet.

Comments

Post a Comment

Popular posts from this blog

XPath for HTML markup

-
XPath Web Scraping Web Scraping is a technique to traverse the DOM (Document Object Model) of an HTML or an HTTP web page Web Scraping is achieved due to XPath XPath nodes: There are seven kinds of nodes Element - It represents any HTML 5 element. For example, <strong></strong> Attribute - It represents any one attribute of any HTML 5 element in the document object model Text - It represents the text between the opening HTML 5 tag and a closing HTML 5 tag Namespace - It represents the pseudo selector of an HTML 5 element Processing-Instructions Comment - It represents any HTML 5 comment It represents the topmost element of the tree is called the root element. For example, the root element for any HTNL 5 document is HTML The first XPath node is \ which Suppose, I have an HTML5 code snippet as follows: Gaurav Shirodkar Then to ...
Read more

Apache Hadoop | Running MapReduce Jobs

-
Image
Apache Hadoop | Running MapReduce Jobs After setting up your environment and running the HDFS and YARN daemons, we can start working on running MapReduce jobs on our local machine. We need to compile our code, produce a JAR file, move our inputs, and run a MapReduce job on Hadoop. Step 1 - Configure extra environment variables As a preface, it is best to setup some extra environment variables to make running jobs from the CLI quicker and easier. You can name these environment variables anything you want, but we will name them HADOOP_CP and HDFS_LOC to not potentially conlict with other environment variables. Open the Start Menu and type in 'environment' and press enter. A new window with System Properties should open up. Click the Environment Variables button near the bottom right. HADOOP_CP environment variable This is used to compile your Java files. The backticks (eg. `some command here`) do not work on Win...
Read more

Laravel | PHP | Basics | Part 2

-
Image
Learning Laravel through Screenshots Caching Laravel by default supports multiple cache stores like memcached , redis ,etc. To install redis as a cache store, you should use composer install predis/predis predis stands for PHP redis The default port number is 6379 Every Cache store requires a prefix which is stored in the ENV file or in the config/cache.php Following are the cache stores supported by laravel Blade Templates Blade is a templating engine for views in laravel. All the files which are of type blade.php are having the extension .blade.php They are stored in the resources/views directory YOu can create suub-folders in the reosurces/views directory like layouts for all the common UI components lke header , footer, sidebar , navbar, menubar, serach bar, etc. To include the parenet ...
Read more