SlideShare a Scribd company logo

Lecture 5

E
Education

Spoofing involves masquerading as another entity on a network to gain unauthorized access. Common spoofing attacks include masquerading as another system, hijacking an existing user session, and man-in-the-middle attacks where a third party intercepts communications. Intrusion detection systems monitor network activity for unusual behavior or policy violations and can help detect spoofing and other attacks. Firewalls filter network traffic to protect systems and enforce security policies, blocking unauthorized access while allowing legitimate communications.

Engineering
1 of 24
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
SPOOFING
Computer Network Security 2 Spoofing Guessing or otherwise obtaining the network authentication credentials of an entity (a user, an account, a process, a node, a device) permits an attacker to create a full communication under the entity’s identity. Examples of spoofing are masquerading, session hijacking, and man-in-the-middle attacks.
Computer Network Security 3 Masquerade In a masquerade one host pretends to be another. A common example is URL confusion. e.g. coca- cola.com vs cocacola.com; xyz.net vs xyz.com Domain names can easily be confused, or someone can easily mistype certain names. In another version of a masquerade, the attacker exploits a flaw in the victim’s web server and is able to overwrite the victim’s web pages. Collect user information and perhaps pass it on to the original
Computer Network Security 4 Session hijacking Session hijacking is intercepting and carrying on a session begun by another entity. Suppose two entities have entered into a session but then a third entity intercepts the traffic and carries on the session in the name of the other. A different type of example involves an interactive session, e.g. If a system administrator logs in remotely to a privileged account, a session hijack utility could intrude in the communication and pass commands as if they came from the administrator.
Computer Network Security 5 Man-in-the-Middle Attack A man-in-the-middle attack is a similar form of attack, in which one entity intrudes between two others. The difference between man-in-the-middle and hijacking is that a man-in-the-middle usually participates from the start of the session, whereas a session hijacking occurs after a session has been established. The difference is largely semantic and not too significant.
Computer Network Security 6 Man-in-the-Middle Attack Man-in-the-middle attacks are frequently described in protocols. To see how, suppose you want to exchange encrypted information with your friend. You contact the key server and ask for a secret key with which to communicate with your friend. The key server responds by sending a key to you and your friend. One man-in-the-middle attack assumes someone can see and enter into all parts of this protocol. A malicious middleman intercepts the response key and can then eavesdrop on, or even decrypt, modify, and re- encrypt any subsequent communications between you and your friend.
Intrusion Detection Systems (IDS)
Computer Network Security 8 Intrusion Detection Systems (IDS) An IDS is like an alarm system for your network. The network is protected, but without the IDS (alarm), you would never know whether an attacker was trying to gain entry. The goal of Intrusion detection is to monitor network assets to detect unusual behaviour, inappropriate activity, and attacks, or stop the attack (intrusion) and even provide information to prosecute the attacker. IDSs function on three premises: Where to watch What to watch for What to do
Computer Network Security 9 Intrusion Detection Systems (IDS) The first premises “where to watch” tells the IDS the logical location it will be monitoring for something to happen. The Second premises “what to watch for” tells the IDS conditions for which it is supposed to be looking for to raise an alarm or some kind of action. The Third premises “what to do” is the action the IDS has been told to take when a situation meets certain parameters. Real world examples of an IDS in action. 1. you install an IDs to watch the internet connection and those trying to get into your network through your firewall.
Computer Network Security 10 Intrusion Detection Systems (IDS) 2. You tell the IDS what types of hacks and attacks to look for based on their packet and connection type and what activities these might generate. 3. You tell the IDS to page you and send you an e-mail when one of these attacks occurs. There are some flaws in the whole IDS operating principle. First, the IDS can watch only one interface at a time. Secondly, the IDS watches only for conditions that you tell it about. Finally, an IDS can actually become an ally to hackers.
Computer Network Security 11 Intrusion Detection Systems (IDS) IDS can be deployed in a variety of locations within a network to further increase in organization’s security and protection. In general, two basic forms of IDS are used today. Network intrusion detection system (NIDS). Host intrusion detection system (HIDS).
Computer Network Security 12 Network Intrusion Detection Systems (NIDS) NIDS reside directly on the n/w and watches all the traffic that traverses the n/w. NIDS are effective at both watching for inbound/outbound traffic flows and traffic between hosts on or between local n/w segments. NIDS are typically deployed in front of and behind firewalls and VPN gateways to measure the effectiveness of those security devices and interact with them to add more depth to the networks security.
Computer Network Security 13 Host Intrusion Detection Systems (HIDS) HIDS are specialized software application that are installed on a computer (typically a user) to watch all inbound and outbound communication traffic to and from that server and to monitor the file system for changes. HIDS are extremely effective on mission-critical, internet-accessible application server, such as web server or e-mail servers, because they can watch the application at source to protect them.
Computer Network Security 14 Intrusion Detection Systems (IDS) Both types of sensors offer different techniques for detecting and deferring malicious activity. Both should be deployed to provide the most effective enhancement to a layered defence strategy.
FIREWALLS
Computer Network Security 16 What is a Firewall? A firewall is a security device that sits on the edge of your Internet connection and functions as an Internet Border Security Officer. It constantly looks at all the traffic entering and exiting your connection, waiting for traffic it can block or reject in response to an established rule. The firewall is law and protection in a lawless global web. Firewalls can protect both individual computer and corporate networks from hostile intrusions from the internet.
Computer Network Security 17 Why Do I Need a Firewall? It is no secret: hackers are out there, and they are out to get us. Often, we do not know who they are, but we do know where they are and where we do not want them to be (in our n/w). Like pirates of old roamed the seas, hackers roam the wide expanses of the internet. You do not want them to enter your n/w and roam among the computers that connect to it. You know that you must protect your n/w from these attackers, and one of the most efficient methods of protecting your n/w is to install a firewall.
Computer Network Security 18 Why Do I Need a Firewall? By default, any good firewall prevent n/w traffic from passing between the internet and your internal n/w. this does not mean that the firewall will stop all traffic-that defeats the purpose of being on the internet. It does mean that the firewall is configured to allow only web browsing (HTTP/port 80) to access it from the internet. Technically, a firewall is a specialized version of a router. Apart from the basic routing functions and rules, a router can be configured to perform the firewall functionality, with the help of additional software resources.
Computer Network Security 19 Common rules and features Block incoming n/w traffic based on source or destination- blocking unwanted incoming traffic is the most common features of a firewall and is the main reason for a firewall. Block outgoing n/w traffic based on source or destination- many firewalls can also screen n/w traffic from your internal n/w to the internet. E.g. prevent your employee from accessing inappropriate websites. Block n/w traffic based on content- More advanced firewall can screen n/w traffic for unacceptable content. E.g. a firewall that is integrated with a virus scanner can prevent files that contain viruses from entering your n/w.
Computer Network Security 20 Common rules and features Make internal resources available- Although the primary purpose of a firewall is to prevent unwanted n/w traffic from passing through it, you can configure many firewalls to allow selective access to internal resources, such as a public web server, while still preventing other access from the internet to your internal n/w. Allow connections to internal n/w- A Common method for employee to connect to a n/w is using virtual private n/w (VPNs). VPNs allow to secure connections from the internet to a corporate networks. E.g. telesales and travelling people can use a VPN to connect to corporate n/w
Computer Network Security 21 Common rules and features Make internal resources available-When screening n/w traffic to and from the internet, it is also important to know what your firewall is doing, who tried to break into your n/w, and who tried to access inappropriate material on the internet.
Computer Network Security 22 Implementing a Firewall The choice of available firewalls is almost mind-boggling theses days; they come in every shape, size and parameter. The type of firewall you install depends on exact requirement for protection and management, as well as the size of your n/w or what is to be protected by the firewall. Firewalls usually fall into one of the following categories
Computer Network Security 23 Implementing a Firewall Persona firewall- is usually a piece of software that is installed on a single PC to protect only the PC. These type of firewalls are usually deployed on home PCs with broadband connections or remote employees. All-in-one-firewall- These kinds of firewalls are widely used by broadband (cable or DSL) subscribers who have the benefit of a single device that offers the following features and functionality: router, Ethernet switches, WAP and a firewall. Small-to-medium office firewalls- These firewalls, such as the Cisco PIX 501 or 506, are designed to provide security and protection for small offices. Enterprise firewalls- These firewalls, such as the Cisco PIX 515, are designed for larger organization with thousands of users.
Computer Network Security 24 ANY QUESTIONS ?

More Related Content

DOCX
Network and web security
Nitesh Saitwal
 
PPTX
Impact to it security of incorrect configuration of firewall policies and thi...
usman butt
 
PPTX
Network security and firewalls
Murali Mohan
 
PPT
Network security
Vikas Jagtap
 
PDF
Introduction to Cyber security module - III
TAMBEMAHENDRA1
 
PPTX
Introduction to Intrusion detection and prevention system for network
Eng. Mohammed Ahmed Siddiqui
 
PPT
Network and security concepts
sonuagain
 
PPTX
Computer security 7.pptx
Khappiyo
 
Network and web security
Nitesh Saitwal
 
Impact to it security of incorrect configuration of firewall policies and thi...
usman butt
 
Network security and firewalls
Murali Mohan
 
Network security
Vikas Jagtap
 
Introduction to Cyber security module - III
TAMBEMAHENDRA1
 
Introduction to Intrusion detection and prevention system for network
Eng. Mohammed Ahmed Siddiqui
 
Network and security concepts
sonuagain
 
Computer security 7.pptx
Khappiyo
 

What's hot (20)

PPT
Network Security
Raymond Jose
 
PPT
Network-Based Intrusion Detection System
johnb0118
 
PDF
Intrusion Detection and Prevention System in an Enterprise Network
Okehie Collins
 
PPTX
Wireless security report
Marynol Cahinde
 
PPT
Network security
Ali Kamil
 
PDF
The use of honeynet to detect exploited systems (basic version)
amar koppal
 
PPTX
Information Security Fundamentals - New Horizons Bulgaria
New Horizons Bulgaria
 
PPTX
Intrusion prevention systems
samis
 
PPT
Network security and protocols
Online
 
DOCX
Intrusion Detection System
Devil's Cafe
 
PPT
Intrusion Detection Systems and Intrusion Prevention Systems
Cleverence Kombe
 
PDF
Wireless Security Needs For Enterprises
shrutisreddy
 
PPTX
Five Major Types of Intrusion Detection System (IDS)
david rom
 
PPTX
Intrusion detection system
Sweta Sharma
 
PPTX
Network security
mustafa aadel
 
PPTX
Network security - Defense in Depth
Dilum Bandara
 
PDF
4 (data security in local network using)
JIEMS Akkalkuwa
 
PPTX
Double guard
Divya Gowda
 
PPTX
Network Security ppt
SAIKAT BISWAS
 
PPT
Chapter1 intro network_security_sunorganised
Bule Hora University
 
Network Security
Raymond Jose
 
Network-Based Intrusion Detection System
johnb0118
 
Intrusion Detection and Prevention System in an Enterprise Network
Okehie Collins
 
Wireless security report
Marynol Cahinde
 
Network security
Ali Kamil
 
The use of honeynet to detect exploited systems (basic version)
amar koppal
 
Information Security Fundamentals - New Horizons Bulgaria
New Horizons Bulgaria
 
Intrusion prevention systems
samis
 
Network security and protocols
Online
 
Intrusion Detection System
Devil's Cafe
 
Intrusion Detection Systems and Intrusion Prevention Systems
Cleverence Kombe
 
Wireless Security Needs For Enterprises
shrutisreddy
 
Five Major Types of Intrusion Detection System (IDS)
david rom
 
Intrusion detection system
Sweta Sharma
 
Network security
mustafa aadel
 
Network security - Defense in Depth
Dilum Bandara
 
4 (data security in local network using)
JIEMS Akkalkuwa
 
Double guard
Divya Gowda
 
Network Security ppt
SAIKAT BISWAS
 
Chapter1 intro network_security_sunorganised
Bule Hora University
 
Ad

Similar to Lecture 5 (20)

PPTX
Lecture 1-2.pptx
RechieJohnRelator
 
PPTX
Security Operation Center Fundamental
Amir Hossein Zargaran
 
PDF
Top 25 SOC Analyst interview questions.pdf
infosec train
 
PPTX
Network and system administration Chapter 5.pptx
gadisaadamu101
 
PDF
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...
researchinventy
 
PDF
CNIT 140: Perimeter Security
Sam Bowne
 
PDF
Top 20 cyber security interview questions and answers in 2023.pdf
AnanthReddy38
 
PPT
Chapter 4.ppt
girmawodajo
 
PPT
Intrusion Detection System
Mohit Belwal
 
PPT
Firewall presentation m. emin özgünsür
emin_oz
 
PPTX
Securing E-commerce networks in MIS and E-Commerce
hidivin652
 
PDF
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
Belayet Hossain
 
PDF
Module 19 (evading ids, firewalls and honeypots)
Wail Hassan
 
PPTX
cybersecurity
maha797959
 
PDF
Welcome to International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
PPTX
Common Types of Cyber Attacks & How to Prevent Them.pptx
KalponikPrem
 
PPT
New internet security
university of mumbai
 
PPT
NewIinternet security
university of mumbai
 
PPTX
Computer security and privacy
Haider Ali Malik
 
PDF
Kudler Fine Foods IT Security Report And Presentation –...
Lana Sorrels
 
Lecture 1-2.pptx
RechieJohnRelator
 
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Top 25 SOC Analyst interview questions.pdf
infosec train
 
Network and system administration Chapter 5.pptx
gadisaadamu101
 
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...
researchinventy
 
CNIT 140: Perimeter Security
Sam Bowne
 
Top 20 cyber security interview questions and answers in 2023.pdf
AnanthReddy38
 
Chapter 4.ppt
girmawodajo
 
Intrusion Detection System
Mohit Belwal
 
Firewall presentation m. emin özgünsür
emin_oz
 
Securing E-commerce networks in MIS and E-Commerce
hidivin652
 
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
Belayet Hossain
 
Module 19 (evading ids, firewalls and honeypots)
Wail Hassan
 
cybersecurity
maha797959
 
Welcome to International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Common Types of Cyber Attacks & How to Prevent Them.pptx
KalponikPrem
 
New internet security
university of mumbai
 
NewIinternet security
university of mumbai
 
Computer security and privacy
Haider Ali Malik
 
Kudler Fine Foods IT Security Report And Presentation –...
Lana Sorrels
 
Ad

More from Education (12)

PDF
A friendly introduction to differential equations
Education
 
PDF
High-order Assembly Language/Shuttle (HAL/S)
Education
 
PDF
assembly language programming and organization of IBM PC" by YTHA YU
Education
 
PDF
Program security chapter 3
Education
 
PDF
Network security chapter 1,2
Education
 
PPT
Lecture 7
Education
 
PPT
Lecture 6
Education
 
PPT
Lecture 4
Education
 
PPT
Lecture 3
Education
 
PPT
Lecture 2
Education
 
PPT
Lecture 1
Education
 
PDF
Data warehousing labs maunal
Education
 
A friendly introduction to differential equations
Education
 
High-order Assembly Language/Shuttle (HAL/S)
Education
 
assembly language programming and organization of IBM PC" by YTHA YU
Education
 
Program security chapter 3
Education
 
Network security chapter 1,2
Education
 
Lecture 7
Education
 
Lecture 6
Education
 
Lecture 4
Education
 
Lecture 3
Education
 
Lecture 2
Education
 
Lecture 1
Education
 
Data warehousing labs maunal
Education
 

Recently uploaded (20)

PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
PDF
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
PPTX
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 
PDF
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
PDF
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
PDF
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
PPTX
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
PDF
Well-logging-methods_new................
ZafriFarid
 
PPTX
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
DOCX
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
PPTX
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
PPTX
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
PDF
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
PPTX
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PDF
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
PPT
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
PPTX
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
PPTX
web development for engineering and engineering
keshriji700
 
PPTX
Strings in CPP - Strings in C++ are sequences of characters used to store and...
sangeethamtech26
 
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
Well-logging-methods_new................
ZafriFarid
 
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
web development for engineering and engineering
keshriji700
 
Strings in CPP - Strings in C++ are sequences of characters used to store and...
sangeethamtech26
 

Lecture 5

  • 2. Computer Network Security 2 Spoofing Guessing or otherwise obtaining the network authentication credentials of an entity (a user, an account, a process, a node, a device) permits an attacker to create a full communication under the entity’s identity. Examples of spoofing are masquerading, session hijacking, and man-in-the-middle attacks.
  • 3. Computer Network Security 3 Masquerade In a masquerade one host pretends to be another. A common example is URL confusion. e.g. coca- cola.com vs cocacola.com; xyz.net vs xyz.com Domain names can easily be confused, or someone can easily mistype certain names. In another version of a masquerade, the attacker exploits a flaw in the victim’s web server and is able to overwrite the victim’s web pages. Collect user information and perhaps pass it on to the original
  • 4. Computer Network Security 4 Session hijacking Session hijacking is intercepting and carrying on a session begun by another entity. Suppose two entities have entered into a session but then a third entity intercepts the traffic and carries on the session in the name of the other. A different type of example involves an interactive session, e.g. If a system administrator logs in remotely to a privileged account, a session hijack utility could intrude in the communication and pass commands as if they came from the administrator.
  • 5. Computer Network Security 5 Man-in-the-Middle Attack A man-in-the-middle attack is a similar form of attack, in which one entity intrudes between two others. The difference between man-in-the-middle and hijacking is that a man-in-the-middle usually participates from the start of the session, whereas a session hijacking occurs after a session has been established. The difference is largely semantic and not too significant.
  • 6. Computer Network Security 6 Man-in-the-Middle Attack Man-in-the-middle attacks are frequently described in protocols. To see how, suppose you want to exchange encrypted information with your friend. You contact the key server and ask for a secret key with which to communicate with your friend. The key server responds by sending a key to you and your friend. One man-in-the-middle attack assumes someone can see and enter into all parts of this protocol. A malicious middleman intercepts the response key and can then eavesdrop on, or even decrypt, modify, and re- encrypt any subsequent communications between you and your friend.
  • 8. Computer Network Security 8 Intrusion Detection Systems (IDS) An IDS is like an alarm system for your network. The network is protected, but without the IDS (alarm), you would never know whether an attacker was trying to gain entry. The goal of Intrusion detection is to monitor network assets to detect unusual behaviour, inappropriate activity, and attacks, or stop the attack (intrusion) and even provide information to prosecute the attacker. IDSs function on three premises: Where to watch What to watch for What to do
  • 9. Computer Network Security 9 Intrusion Detection Systems (IDS) The first premises “where to watch” tells the IDS the logical location it will be monitoring for something to happen. The Second premises “what to watch for” tells the IDS conditions for which it is supposed to be looking for to raise an alarm or some kind of action. The Third premises “what to do” is the action the IDS has been told to take when a situation meets certain parameters. Real world examples of an IDS in action. 1. you install an IDs to watch the internet connection and those trying to get into your network through your firewall.
  • 10. Computer Network Security 10 Intrusion Detection Systems (IDS) 2. You tell the IDS what types of hacks and attacks to look for based on their packet and connection type and what activities these might generate. 3. You tell the IDS to page you and send you an e-mail when one of these attacks occurs. There are some flaws in the whole IDS operating principle. First, the IDS can watch only one interface at a time. Secondly, the IDS watches only for conditions that you tell it about. Finally, an IDS can actually become an ally to hackers.
  • 11. Computer Network Security 11 Intrusion Detection Systems (IDS) IDS can be deployed in a variety of locations within a network to further increase in organization’s security and protection. In general, two basic forms of IDS are used today. Network intrusion detection system (NIDS). Host intrusion detection system (HIDS).
  • 12. Computer Network Security 12 Network Intrusion Detection Systems (NIDS) NIDS reside directly on the n/w and watches all the traffic that traverses the n/w. NIDS are effective at both watching for inbound/outbound traffic flows and traffic between hosts on or between local n/w segments. NIDS are typically deployed in front of and behind firewalls and VPN gateways to measure the effectiveness of those security devices and interact with them to add more depth to the networks security.
  • 13. Computer Network Security 13 Host Intrusion Detection Systems (HIDS) HIDS are specialized software application that are installed on a computer (typically a user) to watch all inbound and outbound communication traffic to and from that server and to monitor the file system for changes. HIDS are extremely effective on mission-critical, internet-accessible application server, such as web server or e-mail servers, because they can watch the application at source to protect them.
  • 14. Computer Network Security 14 Intrusion Detection Systems (IDS) Both types of sensors offer different techniques for detecting and deferring malicious activity. Both should be deployed to provide the most effective enhancement to a layered defence strategy.
  • 16. Computer Network Security 16 What is a Firewall? A firewall is a security device that sits on the edge of your Internet connection and functions as an Internet Border Security Officer. It constantly looks at all the traffic entering and exiting your connection, waiting for traffic it can block or reject in response to an established rule. The firewall is law and protection in a lawless global web. Firewalls can protect both individual computer and corporate networks from hostile intrusions from the internet.
  • 17. Computer Network Security 17 Why Do I Need a Firewall? It is no secret: hackers are out there, and they are out to get us. Often, we do not know who they are, but we do know where they are and where we do not want them to be (in our n/w). Like pirates of old roamed the seas, hackers roam the wide expanses of the internet. You do not want them to enter your n/w and roam among the computers that connect to it. You know that you must protect your n/w from these attackers, and one of the most efficient methods of protecting your n/w is to install a firewall.
  • 18. Computer Network Security 18 Why Do I Need a Firewall? By default, any good firewall prevent n/w traffic from passing between the internet and your internal n/w. this does not mean that the firewall will stop all traffic-that defeats the purpose of being on the internet. It does mean that the firewall is configured to allow only web browsing (HTTP/port 80) to access it from the internet. Technically, a firewall is a specialized version of a router. Apart from the basic routing functions and rules, a router can be configured to perform the firewall functionality, with the help of additional software resources.
  • 19. Computer Network Security 19 Common rules and features Block incoming n/w traffic based on source or destination- blocking unwanted incoming traffic is the most common features of a firewall and is the main reason for a firewall. Block outgoing n/w traffic based on source or destination- many firewalls can also screen n/w traffic from your internal n/w to the internet. E.g. prevent your employee from accessing inappropriate websites. Block n/w traffic based on content- More advanced firewall can screen n/w traffic for unacceptable content. E.g. a firewall that is integrated with a virus scanner can prevent files that contain viruses from entering your n/w.
  • 20. Computer Network Security 20 Common rules and features Make internal resources available- Although the primary purpose of a firewall is to prevent unwanted n/w traffic from passing through it, you can configure many firewalls to allow selective access to internal resources, such as a public web server, while still preventing other access from the internet to your internal n/w. Allow connections to internal n/w- A Common method for employee to connect to a n/w is using virtual private n/w (VPNs). VPNs allow to secure connections from the internet to a corporate networks. E.g. telesales and travelling people can use a VPN to connect to corporate n/w
  • 21. Computer Network Security 21 Common rules and features Make internal resources available-When screening n/w traffic to and from the internet, it is also important to know what your firewall is doing, who tried to break into your n/w, and who tried to access inappropriate material on the internet.
  • 22. Computer Network Security 22 Implementing a Firewall The choice of available firewalls is almost mind-boggling theses days; they come in every shape, size and parameter. The type of firewall you install depends on exact requirement for protection and management, as well as the size of your n/w or what is to be protected by the firewall. Firewalls usually fall into one of the following categories
  • 23. Computer Network Security 23 Implementing a Firewall Persona firewall- is usually a piece of software that is installed on a single PC to protect only the PC. These type of firewalls are usually deployed on home PCs with broadband connections or remote employees. All-in-one-firewall- These kinds of firewalls are widely used by broadband (cable or DSL) subscribers who have the benefit of a single device that offers the following features and functionality: router, Ethernet switches, WAP and a firewall. Small-to-medium office firewalls- These firewalls, such as the Cisco PIX 501 or 506, are designed to provide security and protection for small offices. Enterprise firewalls- These firewalls, such as the Cisco PIX 515, are designed for larger organization with thousands of users.
  • 24. Computer Network Security 24 ANY QUESTIONS ?