Abstract image of a woman sitting on books and studying on a laptop

Firewall traversals

K
Kirti Ahirrao

This document discusses firewalls and firewall traversals. It begins by introducing firewalls and their purpose of securing networks while restricting harmful traffic. It then discusses various methods of traversing firewalls, including SSL/TLS tunneling and proxies. SSL/TLS tunneling involves creating an encrypted tunnel between a client and server through a proxy, while SSL proxies terminate encryption and recreate certificates to provide visibility of encrypted traffic. The document covers the workings and benefits of SSL proxies, as well as types of firewalls and issues they can present.

Education
1 of 16
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Firewall Traversals By Prof. Kirti Ahirrao
Index: 1. Introduction to Firewall 2. Firewall Traversals 3. Issues with the use of firewalls 4. Types of firewalls 5. SSL / TLS Tunnelling 6. SSL Proxy 7. Working of SSL Proxy 8. Benefits of SSL Proxy 9. SSL / TLS Proxy Servers Prof. Kirti Ahirrao 2
1. Introduction to Firewall: • A technology that provides secure pathways through a firewall and enables multiple data streams to pass through the firewall on the same port (e.g., audio and video data on the same port). • It refers to a strategy of bypassing firewalls which are commonly used to block access to certain sites and communication protocols. • Firewalls are an essential line of defense for personal computers and corporate networks, but many times they need to be bypassed. • It permits the outflow of authentic traffic while restricting the inflow of harmful transmissions. • It monitors both outcoming and incoming traffic and decides whether to block this flow based on a set of pre-determined rules. • A firewall can be hardware, software, or both. Prof. Kirti Ahirrao 3
2. Firewall Traversals: • It is a major barrier to dynamic, cross-domain Grid computing today is the existence of firewalls. • Firewalls provide limited value within a dynamic Grid environment. • However, it is also the case that firewalls are unlikely to disappear anytime soon. • Thus, the OGSA(Open Grid Service Architecture) security model must take them into account. • It provide mechanisms for cleanly traversing them without compromising local control of firewall policy. Prof. Kirti Ahirrao 4
2. Firewall Traversals(contd.) • Firewall Transversal is automatically provided when Transparent Firewalls are utilized. • However the issue remains for both versions of non-transparent firewalls. • The typical mechanism for allowing transversal (e.g. from outside a Security Domain to inside) is via a proxy service or a set of firewall supplied cookies. • There are several issues about sending/receiving such information in the clear. Therefore, encryption is desired. Prof. Kirti Ahirrao 5
3. Issues with use of firewalls 1. They are typically invasive and perform address translation without providing a useable audit record. 2. They can perform state-based inspection are not capable of analyzing the complex protocols that IntelliGrid Architecture is considering. 3. Firewalls are difficult to manage and must be monitored as part of the SMI process. Prof. Kirti Ahirrao 6
4. Types of firewalls: 1. Transparent: It perform OSI layer 2 or 3 bridging and do not typically provide state inspection. However, they do not obscure addressing information and tend to be the fastest type of firewall. Since these are transparent, these types are the easiest to transverse when properly configured. 2. Non-Transparent: These firewalls typically performing packet filtering and proxy service (e.g. address translation). 3. Non-Transparent with Stateful Inspection: Same capability as non- transparent but has the additional ability to examine the contents of each packet. This is typically the lowest performance type of firewall when performance is measured regarding packet throughput. Prof. Kirti Ahirrao 7
5.SSL Tunneling Prof. Kirti Ahirrao 8
5. SSL / TLS Tunneling: • SSL Tunneling involves a client that requires an SSL connection to a backend service or secure server via a proxy server. • This proxy server opens the connection between the client and the backend service and copies the data to both sides without any direct interference in the SSL connection. Prof. Kirti Ahirrao 9
5. SSL / TLS Tunneling(contd.): • A tunneling request CONNECT is made by the client on port 443 for HTTPS. This request is sent to the proxy server automatically for the HTTPS request. • The CONNECT request is used by the RFC 2616 to establish a tunnel. • The proxy server receives the tunneling request on the port 8080. Then it connects the secure destination server to the port that is requested by the client. • The proxy server sends back a 200 OK response to the client to confirm that an SSL connection is created. • A TLS handshake occurs effectively between the client and the server as the proxy server plays no part in it. • After the TLS handshake, the encrypted data is passed from the client to the server via the proxy server and vice versa. This data is only decrypted at the client or the server and never the proxy server. • When the closure of the connection is requested by the client or the server, the connections at ports 443 and 8080 are closed by the proxy server and normal operations resume. Prof. Kirti Ahirrao 10
6. SSL Proxy • The SSL proxies control Secure Sockets Layer – SSL traffic -to ensure secure transmission of data between a client and a server. • The SSL proxy is transparent, which means it performs SSL encryption and decryption between the client and the server. • The SSL proxy also reproduces server certificates so the server can make a secure (SSL) or unsecure (HTTP) connection to a web server. Prof. Kirti Ahirrao 11
7. Working of SSL Proxy: 1. It acts as a client for the server by determining the keys to encrypt and decrypt. 2. It acts as a server for the client by first authenticating the original server certificate and issuing a new certificate along with a replacement key. 3. Decryption and encryption take place in each direction (client and server), and the keys are different for both encryption and decryption. 4. Hands off HTTPS traffic to the HTTP proxy for protocol optimization and other acceleration techniques. Prof. Kirti Ahirrao 12
8. Benefits of SSL Proxy: 1. Decrypts SSL traffic to obtain granular application information. 2. Enforces use of strong protocols and algorithms by the client and the server. 3. Provides visibility and protection against threats embedded in SSL encrypted traffic. 4. Controls what needs to be decrypted by using SSL Proxy. Prof. Kirti Ahirrao 13
SSL / TLS Proxy Servers: Prof. Kirti Ahirrao 14
9. SSL / TLS Proxy Servers: • A proxy server is an intermediary between a user’s computer and the Internet. • A user first connects to a proxy server when requesting web pages, videos or any data online. • The proxy server then retrieves data that have been previously cached. If an entirely new request, the proxy server gets data from the original source and caches it for future use. • A Secure Sockets Layer (SSL) proxy server ensures secure transmission of data with encryption technology. • Security in an SSL connection relies on proxy SSL certificates and private-public key exchange pairs. • SSL offload and SSL inspection features require the servers to share their secret keys to be able to decrypt the SSL traffic. Prof. Kirti Ahirrao 15
References: • https://blog.vpncity.com/what-is-easy-firewall-traversal/ • http://xanthus- consulting.com/IntelliGrid_Architecture/New_Technologies/Tech_Firewall_Traversal.htm • https://avinetworks.com/glossary/ssl- proxy/#:~:text=SSL%20proxy%20SSL%20proxy%20is,connections%20and%20becoming%20mo re%20prominent. • https://en.wikipedia.org/wiki/TLS_termination_proxy • https://www.geeksforgeeks.org/what-is-ssl-tunneling/ Prof. Kirti Ahirrao 16

More Related Content

PPT
SSL & TLS Architecture short
Avirot Mitamura
 
PPTX
TLS v1.3
Siddhartha Rao
 
PDF
Information System Security
Elijah Konzo
 
PPT
Secure Socket Layer
Naveen Kumar
 
PPTX
SSL overview
Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
PDF
Transport Layer Security
Ibrahiem Mohammed
 
PPTX
Ssl and tls
Rana assad ali
 
PDF
Web Security
Dr.Florence Dayana
 
SSL & TLS Architecture short
Avirot Mitamura
 
TLS v1.3
Siddhartha Rao
 
Information System Security
Elijah Konzo
 
Secure Socket Layer
Naveen Kumar
 
SSL overview
Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
Transport Layer Security
Ibrahiem Mohammed
 
Ssl and tls
Rana assad ali
 
Web Security
Dr.Florence Dayana
 

What's hot (19)

PDF
SSL Secure socket layer
Ahmed Elnaggar
 
PPTX
TLS - Transport Layer Security
ByronKimani
 
PPSX
authentication and access control(http://4knet.ir)
Azad Kaki
 
PPTX
PKI & SSL
RitaThakkar1
 
PPTX
SSL
Badrul Alam bulon
 
PDF
15 intro to ssl certificate & pki concept
Mostafa El Lathy
 
PPSX
Secure socket layer
Nishant Pahad
 
PPTX
Secure Socket Layer
Institut Teknologi Sepuluh Nopember Surabaya
 
PPT
Barriers to TOR Research at UC Berkeley
joebeone
 
PPTX
web security
Chirag Patel
 
PPTX
Bao cao vpn
tuaninfo88
 
PPTX
Secure Socket Layer
Pina Parmar
 
PPT
Secure Socket Layer (SSL)
amanchaurasia
 
PPTX
Transport Layer Security (TLS)
Arun Shukla
 
PPTX
Transport layer security (tls)
Kalpesh Kalekar
 
DOCX
What is TLS/SSL?
Shehzad Imran
 
PPTX
Heartbleed Bug: A case study
Adri Jovin
 
PPTX
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
Monodip Singha Roy
 
PPTX
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
CheapSSLsecurity
 
SSL Secure socket layer
Ahmed Elnaggar
 
TLS - Transport Layer Security
ByronKimani
 
authentication and access control(http://4knet.ir)
Azad Kaki
 
PKI & SSL
RitaThakkar1
 
SSL
Badrul Alam bulon
 
15 intro to ssl certificate & pki concept
Mostafa El Lathy
 
Secure socket layer
Nishant Pahad
 
Secure Socket Layer
Institut Teknologi Sepuluh Nopember Surabaya
 
Barriers to TOR Research at UC Berkeley
joebeone
 
web security
Chirag Patel
 
Bao cao vpn
tuaninfo88
 
Secure Socket Layer
Pina Parmar
 
Secure Socket Layer (SSL)
amanchaurasia
 
Transport Layer Security (TLS)
Arun Shukla
 
Transport layer security (tls)
Kalpesh Kalekar
 
What is TLS/SSL?
Shehzad Imran
 
Heartbleed Bug: A case study
Adri Jovin
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
Monodip Singha Roy
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
CheapSSLsecurity
 
Ad

Similar to Firewall traversals (20)

DOCX
Transport Layer Security
Sanjeev Kumar Jaiswal
 
PDF
BAIT1103 Chapter 4
limsh
 
PDF
Https interception proxies
geeksec80
 
PDF
Proxy Server
Netwax Lab
 
PPT
Proxy servers
Kumar
 
PDF
SSLtalk
Matthew Aylard
 
PPTX
Internet security
Tapan Khilar
 
PDF
F5 TLS & SSL Practices
Brian A. McHenry
 
PPT
CTO-CybersecurityForum-2010-RonWilliams
segughana
 
PPT
Chapter_Five[1].ppt
BachaSirata
 
PDF
VULNERABILITIES OF THE SSL/TLS PROTOCOL
cscpconf
 
PDF
Vulnerabilities of the SSL/TLS Protocol
csandit
 
PPT
Web security.ppt and Information Security introduction and management.pptx
daudevarist18
 
PDF
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
 
PPTX
Firewalls and proxies are both use for security
Ayan974999
 
PPTX
Proxy Server: A Comprehensive Guide
HTS Hosting
 
PPT
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Sylvain Maret
 
PDF
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
PDF
Details about the SSL Certificate
CheapSSLUSA
 
PDF
SSL/TLS Handshake
Arpit Agarwal
 
Transport Layer Security
Sanjeev Kumar Jaiswal
 
BAIT1103 Chapter 4
limsh
 
Https interception proxies
geeksec80
 
Proxy Server
Netwax Lab
 
Proxy servers
Kumar
 
SSLtalk
Matthew Aylard
 
Internet security
Tapan Khilar
 
F5 TLS & SSL Practices
Brian A. McHenry
 
CTO-CybersecurityForum-2010-RonWilliams
segughana
 
Chapter_Five[1].ppt
BachaSirata
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
cscpconf
 
Vulnerabilities of the SSL/TLS Protocol
csandit
 
Web security.ppt and Information Security introduction and management.pptx
daudevarist18
 
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
 
Firewalls and proxies are both use for security
Ayan974999
 
Proxy Server: A Comprehensive Guide
HTS Hosting
 
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Sylvain Maret
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
Details about the SSL Certificate
CheapSSLUSA
 
SSL/TLS Handshake
Arpit Agarwal
 
Ad

More from Kirti Ahirrao (6)

PPTX
BusTopolgy.pptx
Kirti Ahirrao
 
PDF
Attack on Sony
Kirti Ahirrao
 
PDF
Application layer security protocol
Kirti Ahirrao
 
PDF
Internet layer security protocol & IPsec
Kirti Ahirrao
 
PDF
Network access layer security protocol
Kirti Ahirrao
 
PDF
Chapter 1 introduction(web security)
Kirti Ahirrao
 
BusTopolgy.pptx
Kirti Ahirrao
 
Attack on Sony
Kirti Ahirrao
 
Application layer security protocol
Kirti Ahirrao
 
Internet layer security protocol & IPsec
Kirti Ahirrao
 
Network access layer security protocol
Kirti Ahirrao
 
Chapter 1 introduction(web security)
Kirti Ahirrao
 

Recently uploaded (20)

PDF
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
PDF
What if we spent less time fighting change, and more time building what’s rig...
Derek Wenmoth
 
PDF
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
PDF
Empowerment Technology for Senior High School Guide
solthereseamericandr
 
PDF
IGGE1 Understanding the Self1234567891011
rhea22labucay
 
PPTX
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
PDF
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 2).pdf
CMEmpire
 
PDF
Trump Administration's workforce development strategy
Mebane Rash
 
PDF
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 1)
CMEmpire
 
DOC
Soft-furnishing-By-Architect-A.F.M.Mohiuddin-Akhand.doc
ArchitectAFMMohiuddi
 
PDF
AI-driven educational solutions for real-life interventions in the Philippine...
EleniIlkou
 
PPTX
Share_Module_2_Power_conflict_and_negotiation.pptx
Lavanyaj33
 
PDF
1.3 FINAL REVISED K-10 PE and Health CG 2023 Grades 4-10 (1).pdf
JohnJerryDalawampu
 
PDF
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
PPTX
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
 
PDF
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
PDF
احياء السادس العلمي - الفصل الثالث (التكاثر) منهج متميزين/كلية بغداد/موهوبين
S LS
 
PDF
HVAC Specification 2024 according to central public works department
amitrobanipl
 
PPTX
Chinmaya Tiranga Azadi Quiz (Class 7-8 )
Nitin Suresh
 
PDF
FOISHS ANNUAL IMPLEMENTATION PLAN 2025.pdf
EllenJoyCaniya2
 
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
What if we spent less time fighting change, and more time building what’s rig...
Derek Wenmoth
 
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
Empowerment Technology for Senior High School Guide
solthereseamericandr
 
IGGE1 Understanding the Self1234567891011
rhea22labucay
 
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 2).pdf
CMEmpire
 
Trump Administration's workforce development strategy
Mebane Rash
 
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 1)
CMEmpire
 
Soft-furnishing-By-Architect-A.F.M.Mohiuddin-Akhand.doc
ArchitectAFMMohiuddi
 
AI-driven educational solutions for real-life interventions in the Philippine...
EleniIlkou
 
Share_Module_2_Power_conflict_and_negotiation.pptx
Lavanyaj33
 
1.3 FINAL REVISED K-10 PE and Health CG 2023 Grades 4-10 (1).pdf
JohnJerryDalawampu
 
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
 
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
احياء السادس العلمي - الفصل الثالث (التكاثر) منهج متميزين/كلية بغداد/موهوبين
S LS
 
HVAC Specification 2024 according to central public works department
amitrobanipl
 
Chinmaya Tiranga Azadi Quiz (Class 7-8 )
Nitin Suresh
 
FOISHS ANNUAL IMPLEMENTATION PLAN 2025.pdf
EllenJoyCaniya2
 

Firewall traversals

  • 2. Index: 1. Introduction to Firewall 2. Firewall Traversals 3. Issues with the use of firewalls 4. Types of firewalls 5. SSL / TLS Tunnelling 6. SSL Proxy 7. Working of SSL Proxy 8. Benefits of SSL Proxy 9. SSL / TLS Proxy Servers Prof. Kirti Ahirrao 2
  • 3. 1. Introduction to Firewall: • A technology that provides secure pathways through a firewall and enables multiple data streams to pass through the firewall on the same port (e.g., audio and video data on the same port). • It refers to a strategy of bypassing firewalls which are commonly used to block access to certain sites and communication protocols. • Firewalls are an essential line of defense for personal computers and corporate networks, but many times they need to be bypassed. • It permits the outflow of authentic traffic while restricting the inflow of harmful transmissions. • It monitors both outcoming and incoming traffic and decides whether to block this flow based on a set of pre-determined rules. • A firewall can be hardware, software, or both. Prof. Kirti Ahirrao 3
  • 4. 2. Firewall Traversals: • It is a major barrier to dynamic, cross-domain Grid computing today is the existence of firewalls. • Firewalls provide limited value within a dynamic Grid environment. • However, it is also the case that firewalls are unlikely to disappear anytime soon. • Thus, the OGSA(Open Grid Service Architecture) security model must take them into account. • It provide mechanisms for cleanly traversing them without compromising local control of firewall policy. Prof. Kirti Ahirrao 4
  • 5. 2. Firewall Traversals(contd.) • Firewall Transversal is automatically provided when Transparent Firewalls are utilized. • However the issue remains for both versions of non-transparent firewalls. • The typical mechanism for allowing transversal (e.g. from outside a Security Domain to inside) is via a proxy service or a set of firewall supplied cookies. • There are several issues about sending/receiving such information in the clear. Therefore, encryption is desired. Prof. Kirti Ahirrao 5
  • 6. 3. Issues with use of firewalls 1. They are typically invasive and perform address translation without providing a useable audit record. 2. They can perform state-based inspection are not capable of analyzing the complex protocols that IntelliGrid Architecture is considering. 3. Firewalls are difficult to manage and must be monitored as part of the SMI process. Prof. Kirti Ahirrao 6
  • 7. 4. Types of firewalls: 1. Transparent: It perform OSI layer 2 or 3 bridging and do not typically provide state inspection. However, they do not obscure addressing information and tend to be the fastest type of firewall. Since these are transparent, these types are the easiest to transverse when properly configured. 2. Non-Transparent: These firewalls typically performing packet filtering and proxy service (e.g. address translation). 3. Non-Transparent with Stateful Inspection: Same capability as non- transparent but has the additional ability to examine the contents of each packet. This is typically the lowest performance type of firewall when performance is measured regarding packet throughput. Prof. Kirti Ahirrao 7
  • 9. 5. SSL / TLS Tunneling: • SSL Tunneling involves a client that requires an SSL connection to a backend service or secure server via a proxy server. • This proxy server opens the connection between the client and the backend service and copies the data to both sides without any direct interference in the SSL connection. Prof. Kirti Ahirrao 9
  • 10. 5. SSL / TLS Tunneling(contd.): • A tunneling request CONNECT is made by the client on port 443 for HTTPS. This request is sent to the proxy server automatically for the HTTPS request. • The CONNECT request is used by the RFC 2616 to establish a tunnel. • The proxy server receives the tunneling request on the port 8080. Then it connects the secure destination server to the port that is requested by the client. • The proxy server sends back a 200 OK response to the client to confirm that an SSL connection is created. • A TLS handshake occurs effectively between the client and the server as the proxy server plays no part in it. • After the TLS handshake, the encrypted data is passed from the client to the server via the proxy server and vice versa. This data is only decrypted at the client or the server and never the proxy server. • When the closure of the connection is requested by the client or the server, the connections at ports 443 and 8080 are closed by the proxy server and normal operations resume. Prof. Kirti Ahirrao 10
  • 11. 6. SSL Proxy • The SSL proxies control Secure Sockets Layer – SSL traffic -to ensure secure transmission of data between a client and a server. • The SSL proxy is transparent, which means it performs SSL encryption and decryption between the client and the server. • The SSL proxy also reproduces server certificates so the server can make a secure (SSL) or unsecure (HTTP) connection to a web server. Prof. Kirti Ahirrao 11
  • 12. 7. Working of SSL Proxy: 1. It acts as a client for the server by determining the keys to encrypt and decrypt. 2. It acts as a server for the client by first authenticating the original server certificate and issuing a new certificate along with a replacement key. 3. Decryption and encryption take place in each direction (client and server), and the keys are different for both encryption and decryption. 4. Hands off HTTPS traffic to the HTTP proxy for protocol optimization and other acceleration techniques. Prof. Kirti Ahirrao 12
  • 13. 8. Benefits of SSL Proxy: 1. Decrypts SSL traffic to obtain granular application information. 2. Enforces use of strong protocols and algorithms by the client and the server. 3. Provides visibility and protection against threats embedded in SSL encrypted traffic. 4. Controls what needs to be decrypted by using SSL Proxy. Prof. Kirti Ahirrao 13
  • 14. SSL / TLS Proxy Servers: Prof. Kirti Ahirrao 14
  • 15. 9. SSL / TLS Proxy Servers: • A proxy server is an intermediary between a user’s computer and the Internet. • A user first connects to a proxy server when requesting web pages, videos or any data online. • The proxy server then retrieves data that have been previously cached. If an entirely new request, the proxy server gets data from the original source and caches it for future use. • A Secure Sockets Layer (SSL) proxy server ensures secure transmission of data with encryption technology. • Security in an SSL connection relies on proxy SSL certificates and private-public key exchange pairs. • SSL offload and SSL inspection features require the servers to share their secret keys to be able to decrypt the SSL traffic. Prof. Kirti Ahirrao 15
  • 16. References: • https://blog.vpncity.com/what-is-easy-firewall-traversal/ • http://xanthus- consulting.com/IntelliGrid_Architecture/New_Technologies/Tech_Firewall_Traversal.htm • https://avinetworks.com/glossary/ssl- proxy/#:~:text=SSL%20proxy%20SSL%20proxy%20is,connections%20and%20becoming%20mo re%20prominent. • https://en.wikipedia.org/wiki/TLS_termination_proxy • https://www.geeksforgeeks.org/what-is-ssl-tunneling/ Prof. Kirti Ahirrao 16