What is Firewall -Introduction to Firewalls

What is Firewall -Introduction to
Firewalls :-
______________________________________
_______
_________
-->Introduction to firewalls :-
---------------------------------------
When you use internet in your
college/school/
offfice , You may not be access
some websites,
right? Do you know how they
block those
websites? They use firewalls for
block websites.
Firewall prevent the system from
hackers attack.
Lets us what is firewall.
-->What is Firewall? :-
---------------------------------------
Firewall is working like a security
guard standing
outside the office. Usually, What
the security guard
do? He will allow those who has
identity card and
block those who has not the
identity card. Right?
Likewise, The firewall will block
unauthorized
access to the system.
Firewall may be a software or
hardware. It will
work based on the set of rules
defined by the
administrator. Using Firewall
administrator can
block certain website from being
accessed.
All traffic from inside and outside
of the network
must pass through the firewall.
Only authorized trafic will be
allowed to pass
(based on the set of rules)
-->Types of Fire Walls :-
---------------------------------------
Packet Filtering
Appliction level gate way
Circuit level gate way.
Packet Filtering (Network Layer)
--------------------------------------
A packet filtering router applies a
set of rules to
each incoming IP packet and then
forwards or
discards the packets. Router is
configured such
that it can filter incoming and
outgoing packets.
The packets will filtered based on
the source and
destination IP address.
IP spoofing attack is possible in
this packet
filtering. IP spoofing can be
achieved by changing
the source IP address of packets.
Stateful Inspection Firewalls.
A stateful inspection packet filters
tightens the rules
of TCP traffic by creating a state
table of out
bound TCP connection. If the
packet matches with
existing connection based on the
state table, it will
be allowed. If it does not match,
It will be evaluted
according to the rule set for new
connections.
Applictaion Level Gateway
--------------------------------
Application level gateway is also
known as proxy
server. The user communicate
with the gateway
using application layer of TCP/IP
stack. The
gateway asks the user for the
name of the remote
host to be connected. When the
user enters valid
user ID, gateway will give access
to the remote
application. This will block the
malicious activity
and correct the application
behavior. This will
ensure the safety of company.
More secure than packet filtering.
Easy to log and
audit all incoming traffic at the
application level.
Application-level filtering may
include protection
against spam and viruses as well,
and be able to
block undesirable Web sites
based on content
rather than just their IP address
Circuit Level Gateway
------------------------------
The circuit level gateway works at
session layer of
OSI model. Monitor TCP
handshaking between
packets to make sure a session is
legitimate.
Traffic is filtered based on the
session rules.
Circuit-level firewalls hide the
network itself from
the outside, which is useful for
denying access to
intruders. But they don't filter
individual packets.
This firewall is used when the
administrator trusts
internal users.
-->Why Firewall?
----------------------
Firewall block unauthorized users,
prohibits
vulnerable services from entering
or leaving the
network.
Protection from IP spoofing and
routing attacks.
Protection against Remote login,
Trojan backdoors,
Session hijacking, cookie
stealing,etc.
-->Limitation of Firewalls
-------------------------------
The fiewall cannot protect against
attacks that by
pass the firewall. The firewall
does not protect
against internal threats.
The firewall cannot protect
against the transfer of
virus infected progams (or) files.
It would be
impossible for the firewall to scan
all incoming
files, emails for viruses.