Security through Isolations | Computers and Networks | CECS 410, Study notes of Computer Science

Material Type: Notes; Class: Computers and Networks; Subject: Computer Engr & Computer Sci; University: California State University - Long Beach; Term: Fall 2007;

Typology: Study notes

Pre 2010

Uploaded on 08/18/2009

koofers-user-7s4
koofers-user-7s4 🇺🇸

7 documents

1 / 6

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CECS 410 Computers and Networks
Security Through Isolation: Firewalls
Isolation
Isolation has been a primary security tool for thousands of years.
Example: Castles with moats and drawbridges.
Security Issue: Who is controlling access to the drawbridge? Who decides
who gets in?
Dr. Tracy Bradley Maples (Fall 2007) 1
pf3
pf4
pf5

Partial preview of the text

Download Security through Isolations | Computers and Networks | CECS 410 and more Study notes Computer Science in PDF only on Docsity!

CECS 410 Computers and Networks

Security Through Isolation: Firewalls

Isolation

Isolation has been a primary security tool for thousands of years. Example: Castles with moats and drawbridges. Security Issue: Who is controlling access to the drawbridge? Who decides who gets in?

Isolation in Networks

One way to provide security is to isolate and organization’s internal network from the Internet, allowing some packets to pass while blocking others (like using a moat and drawbridge). This point of isolation in networks is called a firewall.

What can firewalls do for us?

 Prevent denial of service attacks. o For example: SYN flooding when an attacker establishes many bogus TCP connections and no resources left for “real” connections.  Prevent illegal modification/access of internal data. o For example: An attacker replaces the CIA’s homepage with something else.  Allow only authorized access to inside network (to a set of authenticated users/hosts).

administered

network

public

Internet

Packet Filtering Firewalls

Defn : A packet filter placed at the edge of an intranet to exclude unauthorized packets is called a firewall.  A firewall restricts external packets to just a few carefully controlled internal hosts.  Firewalls define a secure perimeter around a local network.  Proxies forward packets through firewall after authorization The router (or firewall) filters on a packet-by-packet basis, making a decision to forward/drop a packet based on:  Source IP address  Destination IP address  TCP/UDP source and destination port numbers  Message type (for example, ICMP messages)  TCP datagram fields (for example, SYN and ACK bits)  Other packet criteria

Application Gateways

Application gateways (or proxy servers ) can filter packets based on the high-level application layer data, as well as, the fields a firewall router can use. Example: You can select which internal users can telnet outside the network. Example: Restrict Telnets

  1. Require all telnet users to telnet through the application gateway.
  2. For authorized users, the gateway sets-up a telnet connection to destination host. The application gateway relays data between the two connections.
  3. The router filter is configured to block all telnet connections not originating from gateway. Application gateways (or proxy servers ) are commonly used for mail and web access. host-to-gateway telnet session gateway-to-remote host telnet session application gateway router and filter