SlideShare una empresa de Scribd logo

Firewall configuration

Descargar como DOCX, PDF
N
Nutan Kumar Panda

It is for the new users those don't have much knowledge regarding IT Security. Here i focus on Windows In built firewall, Comodo, Zone Alarm and Out Post pro configuration basics.

Tecnología
1 de 34
qwertyuiopasdfghjklzxcvbnmqw ertyuiopasdfghjklzxcvbnmqwert yuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopa Firewall Configuration sdfghjklzxcvbnmqwertyuiopasdf Project By: Nutan Kumar Panda ghjklzxcvbnmqwertyuiopasdfghj ATL Bhubaneswar klzxcvbnmqwertyuiopasdfghjklz xcvbnmqwertyuiopasdfghjklzxcv bnmqwertyuiopasdfghjklzxcvbn mqwertyuiopasdfghjklzxcvbnmq wertyuiopasdfghjklzxcvbnmqwe rtyuiopasdfghjklzxcvbnmqwerty uiopasdfghjklzxcvbnmqwertyuio pasdfghjklzxcvbnmqwertyuiopas dfghjklzxcvbnmqwertyuiopasdfg hjklzxcvbnmqwertyuiopasdfghjk
1 Introduction Our project “Study Different Firewalls” is related to study the functioning of different firewalls available to us and find out each others pros and cons. We have selected few firewalls like Windows Firewall, Zone Alarm Firewall,Comodo Firewall etc for our project. In our project we are concerned only about the software firewalls. Objective Microsoft Windows provides a variety of methods by which security software can perform network traffic filtering and other security-related tasks. However, these same capabilities can be used by malicious software, also known as malware, to tap into the operating system’s network architecture in order to circumvent security software, open backdoors, and steal information. A number of articles have been published that discuss and compare the features of different software firewalls, but there are few resources that explore the filtering techniques that these firewalls use. Understanding these filtering techniques is not only useful for choosing a software firewall and troubleshooting problems with it, but it also helps to understand, detect, and prevent the malware threats that exploit inherent weaknesses in them.
2 Scope The Internet, like any other society, is plagued with the kind of jerks who enjoy the electronic equivalent of writing on other people's walls with spray-paint, tearing their mailboxes off, or just sitting in the street blowing their car horns. Some people try to get real work done over the Internet, and others have sensitive or proprietary data they must protect. Usually, a firewall's purpose is to keep the jerks out of your network while still letting you get your job done. Many traditional-style corporations and data centers have computing security policies and practices that must be followed. In a case where a company's policies dictate how data must be protected, a firewall is very important, since it is the embodiment of the corporate policy. Frequently, the hardest part of hooking to the Internet, if you're a large company, is not justifying the expense or effort, but convincing management that it's safe to do so. A firewall provides not only real security--it often plays an important role as a security blanket for management. Some firewalls permit only email traffic through them, thereby protecting the network against any attacks other than attacks against the email service. Other firewalls provide less strict protections, and block services that are known to be problems. Generally, firewalls are configured to protect against unauthenticated interactive logins from the ``outside'' world. This, more than anything, helps prevent vandals from logging into machines on your network. More elaborate firewalls block traffic from the outside to the inside, but permit users on the inside to communicate freely with the outside. The firewall can protect you against any type of network- borne attack if you unplug it.
3 What is a Firewall? The Internet is a network of computer networks. It has evolved from the interconnection of networks around the globe. Interconnection is a good thing; it allows the free exchange of information via the Web, e-mail and file transfer. But it also carries a price, namely the risk that your Internet connection may be used by “hackers” (or as some would rather call them “crackers”) to gain unauthorized access to your local network. Availability of computing facilities can also be targeted by Denial of Service (DoS) attacks. A firewall is a system that implements and enforces an access control (or security) policy between two networks; it usually guards an internal private network from an external public one, isolating an intranet from the Internet. Essentially a firewall connects two or more networks but only allows specified forms of traffic to flow between them. The firewall is a means by which a security policy can be enforced.
4 Types of Firewall There have historically been two main types of firewall; application layer and network layer: 1. Application layer firewalls implement a proxy server for each service required. A proxy is a server that enables connections between a client and server, such that the client talks to the proxy, and the proxy to the server on behalf of the client. They prevent traffic from passing directly between networks, and as the proxies are often implemented for a specific protocol they are able to perform sophisticated logging and auditing of the data passing through them. A disadvantage of application layer firewalls is that a proxy must exist for each protocol that you wish to pass through the firewall; if one does not exist then that protocol cannot be used. Some protocols, such as SMTP for e-mail, are natural proxies. Others, such as FTP for file transfer, are not.
5 2. Network layer firewalls make decisions on whether to allow or disallow individual Internet Protocol (IP) packets to pass between the networks. IP is the protocol by which almost all data is routed around the Internet. IP connections rely on a unique source and destination IP address for the communicating hosts. TCP layer port numbers (the “application layer endpoints”) are also readily available to a network layer firewall. For example, port 25 is the agreed port number for SMTP e-mail transfer. The firewall can make filtering decisions based on the IP and port number values. This type of firewall can be very flexible. However the added complexity increases the risk of security holes through misconfiguration. In Figure , a network layer firewall called a ``screened host firewall'' is represented. In a screened host firewall, access to and from a single host is controlled by means of a router operating at a network layer. The single host is a bastion host; a highly-defended and secured strong-point that can resist attack.
6 Modes of operation There are two very distinct and different modes for network firewalls to operate in. 1.Default allow firewalls allow all traffic in and out of a site. Some specified services may be blocked on the firewall, but all others can freely pass through. 2.Default deny firewalls block all traffic in or out of a site (though commonly they only block inbound, rather than outbound, traffic). Only named services are allowed to pass through the firewall. All firewall systems which were tested were found to be susceptible to packet spoofing which tricks the server into thinking packets have come from a trusted host, or into using its intrusion-detection counter measures to cut connectivity to legitimate sites. Detection mainly via sending packets (requests) and collecting responses from client machines about packets and thereby getting a detail report about the port to which the packet was send across the Network. When one machine sends its request, the request is encapsulated in an 'IP packet'. The 'IP packet' consists of two parts, i.e. header and data part. The header part consists of all information of data i.e. the 'Source IP Address' and 'Destination IP Addresses', the send time and checksums. This can be used for analyzing data integrity. The 'TCP-IP Protocol Suit' is responsible for converting low-level Network Frames into Packets and Segments. TCP is an independent, general-purpose protocol. Since TCP makes very few assumptions about the underlying network, it is possible to use it over a single network like an Ethernet as well as over a complex Internet, It is a communication protocol.
7 A connection consists of virtual circuit between two application programs. TCP defines an end point to be a pair of integers (host, port). It defines various protocols they are TCP, UDP, ICMP, IGMP TCP TCP is a connection oriented reliable protocol. For sniffing purpose like sniffing the details of a packet based on 'TCP' protocol. It would list out the following details of the packet. Source IP, Destination IP, Source Port, Destination Port, Sequence, Acknowledgement UDP For sniffing purpose like sniffing the details of a packet based on 'UDP' protocol. UDP is a connectionless unreliable protocol. It would list out the following details of the packet. Source IP, Destination IP, Source Port, Destination Port, length ICMP For sniffing purpose like sniffing the details of a packet based on 'ICMP' protocol. It would list out the following details of the packet. Source IP, Destination IP, Source Port, Destination Port IGMP For sniffing purpose like sniffing the details of a packet based on 'ICMP' protocol. It would list out the following details of the packet.Source IP, Destination IP, Source Port, Destination Port. Firewall policies must be realistic and reflect the level of security in the entire network .For a firewall to work, it must be a part of a consistent overall
8 organizational security architecture. A firewall cannot replace security- consciousness on the part of your users. Firewall is a software/hardware which functions in a networked environment to prevent unauthorized access. Its goal is to provide controlled connectivity between internet and internal network. This is acquired by enforcing a security policy .A firewall is that it implements an access control policy .A firewall is a system or group of systems that enforces an access control policy between two or more networks . For firewalls where the emphasis is on security instead of connectivity, you should consider blocking everything by default, and only specifically allowing what services you need on a case-by-case basis. If you block everything, except a specific set of services, then you've already made your job much easier. Instead of having to worry about every security problem with everything product and service around, you only need to worry about every security problem with a specific set of services and products.
9 Popular hardware & software firewalls Software Firewall Hardware Firewall Windows Firewall Cisco PIX ZoneAlarm Fortiguard Comodo Firewall Cyberoam Norton Internet Security Check Point Outpost NetScreen BlackICE NetD Macfee Internet Security WatchGuard
10 Windows Firewall Windows Firewall is a software component of Microsoft Windows that provides firewalling and packet filtering functions. It was first included in Windows XP and Windows Server 2003. Windows Firewall, previously known as Internet Connection Firewall or ICF, is a protective boundary that monitors and restricts information that travels between your computer and a network or the Internet. This provides a line of defense against someone who might try to access your computer from outside the Windows Firewall without your permission. Windows Firewall was first introduced as part of Windows XP Service Pack 2. Every type of network connection, whether it is wired, wireless, VPN, or even FireWire, has the firewall enabled by default, with some built-in exceptions to allow connections from machines on the local network. It also fixed a problem whereby the firewall policies would not be enabled on a network connection until several seconds after the connection itself was created, thereby creating a window of vulnerability. XP's Windows Firewall cannot block outbound connections; it is only capable of blocking inbound ones. Windows Firewall is turned on by default. However, some computer manufacturers and network administrators might turn it off.To open Windows Firewall 1. Click Start and then click Control Panel. 2. In the control panel, click Windows Security Center. 3. Click Windows Firewall.
11 Windows Firewall should be always turned on.
12 How Windows Firewall Works When someone on the Internet or on a network tries to connect to your computer, we call that attempt an "unsolicited request." When your computer gets an unsolicited request, Windows Firewall blocks the connection. If you run a program such as an instant messaging program or a multiplayer network game that needs to receive information from the Internet or a network, the firewall asks if you want to block or unblock (allow) the connection. You should see a window like the one below. If you choose to unblock the connection, Windows Firewall creates an exception so that the firewall won't bother you when that program needs to receive information in the future. The Exceptions tab includes a list of programs and services that you can select or deselect to allow or remove access to the network. You can also add or delete ports (both TCP and UDP). When adding programs or ports, you also have the following options to limit the scope of access: Any Computer (Including Those On The Internet), My Network (Subnet) Only, or Custom List, which allows you to choose a mix of IP addresses and subnets. On the Advanced tab, you can choose which connections the firewall will apply to, and you can specify logging features. You can also control, with some granularity, how the firewall handles Internet Control Message Protocol (ICMP) packets.
13 Finally, if you get completely lost and make changes that prevent the computer from connecting to the Internet, you can click the Restore Defaults button. This removes all of your changes, returning Windows Firewall to the Microsoft default state.
14 What Windows Firewall Does and Does Not Do It does It does not Help block computer viruses and Detect or disable computer viruses and worms if they worms from reaching your computer. are already on your computer. For that reason, you should also install antivirus software and keep it updated to help prevent viruses, worms, and other security threats from damaging your computer or using your computer to spread viruses to others. Ask for your permission to block or Stop you from opening e-mail with dangerous unblock certain connection requests. attachments. Don't open e-mail attachments from senders that you don't know. Even if you know and trust the source of the e-mail you should still be cautious. If someone you know sends you an e-mail attachment, look at the subject line carefully before opening it. If the subject line is gibberish or does not make any sense to you, check with the sender before opening it. Create a record (a security log), if Block spam or unsolicited e-mail from appearing in your you want one, that records successful inbox. However, some e-mail programs can help you do and unsuccessful attempts to connect this. to your computer. This can be useful as a troubleshooting tool.
15 Configuring Windows Firewall Settings
16 Pros and Cons of Windows Firewall The Windows Firewall does a good job of proxying inbound responses to outbound connection requests, and it does a good job of blocking inbound connection requests for TCP or UDP conversations that you haven't initiated. It will block any connection attempts that you haven't specifically allowed in the settings. However, that's only half of what a firewall needs to do. A firewall should also monitor, inspect, and proxy outbound communication—and this is where Windows Firewall fails. Any program on your computer can initiate any type of connection to any IP address on the Internet, and the Windows Firewall will sit by passively and let it happen! Don't let any prompts fool you: Even though it tells you a program has initiated a connection to the Internet and asks if you want to allow this connection, the connection has already occurred. What it’s really asking is whether you want to allow the Internet to connect to this program.
17 ZoneAlarm Firewall ZoneAlarm is a personal firewall software application originally developed by Zone Labs, which was acquired by Check Point. It includes an inbound intrusion detection system, as well as the ability to control which programs can create outbound connections. In ZoneAlarm, program access is controlled by way of "zones", into which all network connections are divided. The "trusted zone" generally includes the user's local area network and can share resources such as files and printers, while the "Internet zone" includes everything not in the trusted zone. The user can specify which "permissions" (trusted zone client, trusted zone server, Internet zone client, Internet zone server) to give to a program before it attempts to access the Internet (e.g. before running it for the first time) or, alternatively, ZoneAlarm will ask the user to give the program permission on its first access attempt.
18 Features Designed to be used in conjunction with an antivirus program, the strongest tool in ZoneAlarm's belt is the outbound firewall. Though Windows does offer some outbound protection, it's not activated by default. Most users tend to leave it off because they either don't know about it, or when they do turn it on it regularly interrupts their workflow with pop-up security warnings. Older versions of ZoneAlarm used to be noisy with pop-ups as well, but the new version has been set to be quieter without changing the level of protection. If you prefer, this can be changed in the program settings. During the testing of the default ZoneAlarm Firewall settings, the only pop-ups encountered were those blocking new software installations. The pop-ups for the three programs tested went away and allowed the installation to proceed with one click. More than just a low rate of interference, only encountering pop-ups for program installations is precisely the kind of warning that keeps you aware of what's occurring on your computer without distracting you simply for surfing the Web.
19 The benefits of an outbound firewall might not be readily apparent. An inbound firewall blocks threats coming in from the outside, but an outbound firewall does more than prevent your computer from spreading viruses and malware to others. If your computer has been compromised by a botnet, for example, outbound protection will stop it from sending your data back to its host servers. It can also stop program spoofing, which is when a malicious program pretends to be a good one, and IP spoofing, which is when harmful network transmissions dress up as safe ones.
20 The ZoneAlarm toolbar has also been given more than a simple spit-shine. We can opt out of installing it when you run the main installer, and install it later if you wish, but ZoneAlarm was quick to point out that it without it key security features are not activated. Hiding the toolbar after it's been installed won't disable its protections, which include the aforementioned signature and heuristic-based anti phishing protections.
21 It also adds a site check option that can be used to reveal the date founded and physical location of the site and has customizable safe site buttons for launching regularly visited sites such as Facebook or your banking site. The e-mail checker built into the toolbar is compatible with Hotmail, Gmail, Yahoo, RR, Univision, and POP3 accounts.
22 Performance ZoneAlarm's performance was notable simply for how unnoticeable it was. Shutdown time did not appear to be affected at all, and neither did starting up cold nor rebooting. Changing the antivirus program that it was partnered with didn't affect the firewall's behavior, either. Pros and Cons of ZoneAlarm Pros: Free for non commercial use, frequently updated, protects incoming and outgoing connections without additional configuration Cons: Did not automatically configure as many applications.
23 Outpost Firewall Outpost Firewall Pro is a software-based personal firewall package developed by the Russian firm Agnitum. Outpost Firewall 2009 Free now includes full Windows Vista (32 and 64bit) support and a completely revamped user interface. Outpost Firewall Pro (personal firewall) is designed to monitor incoming and outgoing network traffic on Windows machines. Like most advanced PC firewalls (ZoneAlarm, Comodo, etc.), Outpost goes beyond monitoring internet traffic and also monitors application behavior in an attempt to stop malicious software covertly infecting Windows systems. Agnitum calls this technology "Component Control" and "Anti-Leak Control" (included into HIPS-based "Host Protection" module). The product also includes a spyware scanner and monitor, together with pop-up blocker/spyware filter for Internet Explorer and Mozilla Firefox (Outpost's web surfing security tools include black-lists for IPs and URLs, unwanted web page element filters and ad-blocking. The technology altogether is known as "Web control").
24 Outpost Firewall Pro allows the user to specifically define how a PC application connects to the Internet. This is known as the "Rules Wizard" mode, or policy, and is the default behavior for the program. When in this mode, Outpost Firewall Pro displays a prompt each time a new process attempts network access or when a process requests a connection that is not covered by its pre-validated rules. The idea being that this then lets the user decide whether an application should be allowed a network connection to a specific address, port or protocol. In practice, prompting users can make the product seem over complicated to less experienced users. Agnitum engineers includes pre-set rules for many popular applications. Users can optionally submit rules they have created through the AgnitumImproveNet system for validation and sharing new rules by Agnitum engineers via product updates. Outpost is a very powerful and feature rich firewall. Many users will barely scratch the surface of what can be done with the configuration manager. We're happy to report that the instant nagging prompts pushing users to upgrade to the paid version, which plagued the previous version of Outpost Firewall are gone. Gone too are the concerns about lack of support for the software. Agnitum seem fully committed to supporting this new free firewall and we had no concerns about the
25 software being out of date this time. Configuring and working with Outpost may initially seem a bit daunting, although with the new interface it is much easier. Pros and Cons of ZoneAlarm Pros: Very powerful firewall, extensive configuration options, protects incoming and outgoing connections without additional configuration, automatic configuration for lots of popular software, full 64 bit operating system support. Cons: Some users find ZoneAlarm easier to use, although thanks to the revamped interface Outpost Firewall is no longer as daunting to beginners.
26 Comodo Firewall Comodo Internet Security is currently ranked number 1 in Matousec's Proactive Security Challenge, and passing 100% of the 148 software firewall tests, and is the only firewall and host intrusion prevention system to consistently score number 1 or tie for number one (usually with Online Armor) in all independent tests. Comodo Internet Security was designed around the concept of layered security, by integrating components designed to prevent intrusions upon a computer system (the Firewall, Defense+, and Memory Firewall), with components designed to resolve any intrusions which the other components miss. This free software firewall, from a leading global security solutions provider and certification authority, use the patent pending "Clean PC Mode" to prohibit any applications from being installed on your computer unless it meets one of two criteria. Those criteria are a) the user gives permission for the installation and b) the application is on an extensive list of approved applications provided by Comodo. With this feature, you don't have to worry about unauthorized programs installing on your computer without your knowledge.
27 Configuration Comodo Firewall Pro is a freeware software package for Windows that that controls the programs that can connect to the outside world and the types of connections that they can make. If Comodo Firewall isn't configured correctly, it can prevent Firefox from accessing the Internet, causing Firefox to give Server not found errors. This describes how to configure Comodo Firewall Pro to give Firefox access to the Internet. Open Comodo Firewall Pro - click the Windows Start button, then click All Programs >Comodo> Firewall > COMODO Firewall Pro. In the Summary window, under the Security Monitoring heading, click the ApplicationMonitor.
28 In the list of Application Control Rules, locate any mentions of Firefox or firefox.exe. Click on each one, then click Remove. After removing each instance of Firefox in the Application Control Rules list, click the Tasks button. In the Tasks window, click the Define a new Trusted Application.
29 In the Trusted Application window, under the Specify Application heading, click Browse... Navigate to your Firefox program folder (usually C:Program FilesMozilla Firefox and choose firefox.exe. Click OK at the bottom of the Trusted Application Window.
30 Return to the Application Monitor by clicking its icon on the left side of the Window. You should see Firefox listed, this time with full access rights. Unless you have a whole lot of stuff to setup or multiple users or youare on a network machine, we would suggest just install and enter the settings as the firewall detects new applications and activities. In the message box that shows up 1.set the action to do (allow . block ...) 2.set the type of app that it is (installer,.....) 3.Ifyou want to set this property for this app permanently check the the box (do this always) As you add more app to the do always list the frequency of the Message box will go down.
31 PROS of Comodo Firewall 1. Free means free! : Comodo firewall is a completely free software and they actually mean free. They don’t give any nag screens, no promotional offers, nothing. They are giving away the software at zero cost. They just require you to supply you with your email address, so that they can send you the registration key at no cost. They send registration keys to keep a track on how many people are using their software. 2. Great security : It delivers, what it is supposed to and thus qualifies itself as one of the better security softwares available on the Internet. In various tests, it has proved its worth and helped in identifying the unwanted elements. It blocks attacks from outside world and blocks malware-style leak tests. Let’s you take control of the softwares or programs which will access the Internet connection. Watch out bad guys, the firewall will not let you break into the computer so easily. 3. Simple Interface : The interface of the software is also simple. It is good enough for any user and most of the users will find ease in using and going through
32 the options it has to offer. However, still there is scope of improvement but I’m sure that most of the users will be fine with it. 4. Recognize know programs : One of the good thing about this software is that it lets you scan your computer first and then automatically puts the known programs in the safe list and doesn’t give alerts for those softwares. CONS of ComodoFirewall : 1. Too many alerts : Somehow, it gave lots and lots of alerts and thus it can alarm any beginner in starting and can create problems in case a user clicks on the deny button of an important software. Although, alerts can be minimized by letting the program scan through the system for the known programs. 2. Starting problems in accessing the web based services : I did face some problems in accessing the web based services like GMail, Google Reader. However, once I restarted the computer, everything seemed normal. After, using it for few days, I started to face the problem in connecting to the Internet and gave me errors too. However, just a simple restart and everything used to get back to normal.
33 Bibliography "Firewalls-A complete guide*"-J.L.Aadrew .S .Tanenbuam www.google.com Firewall and Internet Security -Cheswick, Bellovin, Rubin The Best Damn Firewall Book Period -Cherie Amon

Recomendados

Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer networkpoorvavyas4
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Network attacks
Network attacksNetwork attacks
Network attacksManjushree Mashal
 

Recomendados

Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer networkpoorvavyas4
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Network attacks
Network attacksNetwork attacks
Network attacksManjushree Mashal
 
Topics in network security
Topics in network securityTopics in network security
Topics in network securityNasir Bhutta
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security DefinitionPatten John
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Firewall & its configurations
Firewall & its configurationsFirewall & its configurations
Firewall & its configurationsStudent
 
Firewalls
FirewallsFirewalls
Firewallsvaishnavi
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationTayabaZahid
 
Windows firewall
Windows firewallWindows firewall
Windows firewallVC Infotech
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Email threats
Email threatsEmail threats
Email threatsShivam Tomar
 
Firewalls
FirewallsFirewalls
FirewallsUniversity of Central Punjab
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter newKarnav Rana
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
Firewall
FirewallFirewall
FirewallMudasser Afzal
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its typesMohammed Maajidh
 
Distributed Computing ppt
Distributed Computing pptDistributed Computing ppt
Distributed Computing pptOECLIB Odisha Electronics Control Library
 
Firewall
FirewallFirewall
FirewallApo
 
What is Ping
What is PingWhat is Ping
What is PingDisha Dudhal
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
Firewall
FirewallFirewall
FirewallShivank Shah
 
Firewall
FirewallFirewall
Firewallnayakslideshare
 

Más contenido relacionado

La actualidad más candente

Topics in network security
Topics in network securityTopics in network security
Topics in network securityNasir Bhutta
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security DefinitionPatten John
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Firewall & its configurations
Firewall & its configurationsFirewall & its configurations
Firewall & its configurationsStudent
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationTayabaZahid
 
Windows firewall
Windows firewallWindows firewall
Windows firewallVC Infotech
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter newKarnav Rana
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
Firewall
FirewallFirewall
FirewallApo
 

La actualidad más candente (20)

Topics in network security
Topics in network securityTopics in network security
Topics in network security
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security Definition
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Firewall & its configurations
Firewall & its configurationsFirewall & its configurations
Firewall & its configurations
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Windows firewall
Windows firewallWindows firewall
Windows firewall
 
Types of firewall
Types of firewallTypes of firewall
Types of firewall
 
Email threats
Email threatsEmail threats
Email threats
 
Firewalls
FirewallsFirewalls
Firewalls
 
Network security
Network securityNetwork security
Network security
 
FIREWALL
FIREWALL FIREWALL
FIREWALL
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter new
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
 
Firewall
FirewallFirewall
Firewall
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
 
Distributed Computing ppt
Distributed Computing pptDistributed Computing ppt
Distributed Computing ppt
 
Firewall
FirewallFirewall
Firewall
 
What is Ping
What is PingWhat is Ping
What is Ping
 
Network security
Network security Network security
Network security
 

Similar a Firewall configuration

Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2sweta dargad
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet BawaPuneet Bawa
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdfImXaib
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfDr. Shivashankar
 
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptxCSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptxVivekTripathi684438
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security conceptssonuagain
 
Cryptography and network security.
Cryptography and network security.Cryptography and network security.
Cryptography and network security.RAVI RAJ
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptRevanth71
 

Similar a Firewall configuration (20)

Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
 
Firewall
Firewall Firewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Network security
Network securityNetwork security
Network security
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptxCSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security concepts
 
Cryptography and network security.
Cryptography and network security.Cryptography and network security.
Cryptography and network security.
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Firewalls
FirewallsFirewalls
Firewalls
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
 

Último

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 

Último (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 

Firewall configuration

  • 1. qwertyuiopasdfghjklzxcvbnmqw ertyuiopasdfghjklzxcvbnmqwert yuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopa Firewall Configuration sdfghjklzxcvbnmqwertyuiopasdf Project By: Nutan Kumar Panda ghjklzxcvbnmqwertyuiopasdfghj ATL Bhubaneswar klzxcvbnmqwertyuiopasdfghjklz xcvbnmqwertyuiopasdfghjklzxcv bnmqwertyuiopasdfghjklzxcvbn mqwertyuiopasdfghjklzxcvbnmq wertyuiopasdfghjklzxcvbnmqwe rtyuiopasdfghjklzxcvbnmqwerty uiopasdfghjklzxcvbnmqwertyuio pasdfghjklzxcvbnmqwertyuiopas dfghjklzxcvbnmqwertyuiopasdfg hjklzxcvbnmqwertyuiopasdfghjk
  • 2. 1 Introduction Our project “Study Different Firewalls” is related to study the functioning of different firewalls available to us and find out each others pros and cons. We have selected few firewalls like Windows Firewall, Zone Alarm Firewall,Comodo Firewall etc for our project. In our project we are concerned only about the software firewalls. Objective Microsoft Windows provides a variety of methods by which security software can perform network traffic filtering and other security-related tasks. However, these same capabilities can be used by malicious software, also known as malware, to tap into the operating system’s network architecture in order to circumvent security software, open backdoors, and steal information. A number of articles have been published that discuss and compare the features of different software firewalls, but there are few resources that explore the filtering techniques that these firewalls use. Understanding these filtering techniques is not only useful for choosing a software firewall and troubleshooting problems with it, but it also helps to understand, detect, and prevent the malware threats that exploit inherent weaknesses in them.
  • 3. 2 Scope The Internet, like any other society, is plagued with the kind of jerks who enjoy the electronic equivalent of writing on other people's walls with spray-paint, tearing their mailboxes off, or just sitting in the street blowing their car horns. Some people try to get real work done over the Internet, and others have sensitive or proprietary data they must protect. Usually, a firewall's purpose is to keep the jerks out of your network while still letting you get your job done. Many traditional-style corporations and data centers have computing security policies and practices that must be followed. In a case where a company's policies dictate how data must be protected, a firewall is very important, since it is the embodiment of the corporate policy. Frequently, the hardest part of hooking to the Internet, if you're a large company, is not justifying the expense or effort, but convincing management that it's safe to do so. A firewall provides not only real security--it often plays an important role as a security blanket for management. Some firewalls permit only email traffic through them, thereby protecting the network against any attacks other than attacks against the email service. Other firewalls provide less strict protections, and block services that are known to be problems. Generally, firewalls are configured to protect against unauthenticated interactive logins from the ``outside'' world. This, more than anything, helps prevent vandals from logging into machines on your network. More elaborate firewalls block traffic from the outside to the inside, but permit users on the inside to communicate freely with the outside. The firewall can protect you against any type of network- borne attack if you unplug it.
  • 4. 3 What is a Firewall? The Internet is a network of computer networks. It has evolved from the interconnection of networks around the globe. Interconnection is a good thing; it allows the free exchange of information via the Web, e-mail and file transfer. But it also carries a price, namely the risk that your Internet connection may be used by “hackers” (or as some would rather call them “crackers”) to gain unauthorized access to your local network. Availability of computing facilities can also be targeted by Denial of Service (DoS) attacks. A firewall is a system that implements and enforces an access control (or security) policy between two networks; it usually guards an internal private network from an external public one, isolating an intranet from the Internet. Essentially a firewall connects two or more networks but only allows specified forms of traffic to flow between them. The firewall is a means by which a security policy can be enforced.
  • 5. 4 Types of Firewall There have historically been two main types of firewall; application layer and network layer: 1. Application layer firewalls implement a proxy server for each service required. A proxy is a server that enables connections between a client and server, such that the client talks to the proxy, and the proxy to the server on behalf of the client. They prevent traffic from passing directly between networks, and as the proxies are often implemented for a specific protocol they are able to perform sophisticated logging and auditing of the data passing through them. A disadvantage of application layer firewalls is that a proxy must exist for each protocol that you wish to pass through the firewall; if one does not exist then that protocol cannot be used. Some protocols, such as SMTP for e-mail, are natural proxies. Others, such as FTP for file transfer, are not.
  • 6. 5 2. Network layer firewalls make decisions on whether to allow or disallow individual Internet Protocol (IP) packets to pass between the networks. IP is the protocol by which almost all data is routed around the Internet. IP connections rely on a unique source and destination IP address for the communicating hosts. TCP layer port numbers (the “application layer endpoints”) are also readily available to a network layer firewall. For example, port 25 is the agreed port number for SMTP e-mail transfer. The firewall can make filtering decisions based on the IP and port number values. This type of firewall can be very flexible. However the added complexity increases the risk of security holes through misconfiguration. In Figure , a network layer firewall called a ``screened host firewall'' is represented. In a screened host firewall, access to and from a single host is controlled by means of a router operating at a network layer. The single host is a bastion host; a highly-defended and secured strong-point that can resist attack.
  • 7. 6 Modes of operation There are two very distinct and different modes for network firewalls to operate in. 1.Default allow firewalls allow all traffic in and out of a site. Some specified services may be blocked on the firewall, but all others can freely pass through. 2.Default deny firewalls block all traffic in or out of a site (though commonly they only block inbound, rather than outbound, traffic). Only named services are allowed to pass through the firewall. All firewall systems which were tested were found to be susceptible to packet spoofing which tricks the server into thinking packets have come from a trusted host, or into using its intrusion-detection counter measures to cut connectivity to legitimate sites. Detection mainly via sending packets (requests) and collecting responses from client machines about packets and thereby getting a detail report about the port to which the packet was send across the Network. When one machine sends its request, the request is encapsulated in an 'IP packet'. The 'IP packet' consists of two parts, i.e. header and data part. The header part consists of all information of data i.e. the 'Source IP Address' and 'Destination IP Addresses', the send time and checksums. This can be used for analyzing data integrity. The 'TCP-IP Protocol Suit' is responsible for converting low-level Network Frames into Packets and Segments. TCP is an independent, general-purpose protocol. Since TCP makes very few assumptions about the underlying network, it is possible to use it over a single network like an Ethernet as well as over a complex Internet, It is a communication protocol.
  • 8. 7 A connection consists of virtual circuit between two application programs. TCP defines an end point to be a pair of integers (host, port). It defines various protocols they are TCP, UDP, ICMP, IGMP TCP TCP is a connection oriented reliable protocol. For sniffing purpose like sniffing the details of a packet based on 'TCP' protocol. It would list out the following details of the packet. Source IP, Destination IP, Source Port, Destination Port, Sequence, Acknowledgement UDP For sniffing purpose like sniffing the details of a packet based on 'UDP' protocol. UDP is a connectionless unreliable protocol. It would list out the following details of the packet. Source IP, Destination IP, Source Port, Destination Port, length ICMP For sniffing purpose like sniffing the details of a packet based on 'ICMP' protocol. It would list out the following details of the packet. Source IP, Destination IP, Source Port, Destination Port IGMP For sniffing purpose like sniffing the details of a packet based on 'ICMP' protocol. It would list out the following details of the packet.Source IP, Destination IP, Source Port, Destination Port. Firewall policies must be realistic and reflect the level of security in the entire network .For a firewall to work, it must be a part of a consistent overall
  • 9. 8 organizational security architecture. A firewall cannot replace security- consciousness on the part of your users. Firewall is a software/hardware which functions in a networked environment to prevent unauthorized access. Its goal is to provide controlled connectivity between internet and internal network. This is acquired by enforcing a security policy .A firewall is that it implements an access control policy .A firewall is a system or group of systems that enforces an access control policy between two or more networks . For firewalls where the emphasis is on security instead of connectivity, you should consider blocking everything by default, and only specifically allowing what services you need on a case-by-case basis. If you block everything, except a specific set of services, then you've already made your job much easier. Instead of having to worry about every security problem with everything product and service around, you only need to worry about every security problem with a specific set of services and products.
  • 10. 9 Popular hardware & software firewalls Software Firewall Hardware Firewall Windows Firewall Cisco PIX ZoneAlarm Fortiguard Comodo Firewall Cyberoam Norton Internet Security Check Point Outpost NetScreen BlackICE NetD Macfee Internet Security WatchGuard
  • 11. 10 Windows Firewall Windows Firewall is a software component of Microsoft Windows that provides firewalling and packet filtering functions. It was first included in Windows XP and Windows Server 2003. Windows Firewall, previously known as Internet Connection Firewall or ICF, is a protective boundary that monitors and restricts information that travels between your computer and a network or the Internet. This provides a line of defense against someone who might try to access your computer from outside the Windows Firewall without your permission. Windows Firewall was first introduced as part of Windows XP Service Pack 2. Every type of network connection, whether it is wired, wireless, VPN, or even FireWire, has the firewall enabled by default, with some built-in exceptions to allow connections from machines on the local network. It also fixed a problem whereby the firewall policies would not be enabled on a network connection until several seconds after the connection itself was created, thereby creating a window of vulnerability. XP's Windows Firewall cannot block outbound connections; it is only capable of blocking inbound ones. Windows Firewall is turned on by default. However, some computer manufacturers and network administrators might turn it off.To open Windows Firewall 1. Click Start and then click Control Panel. 2. In the control panel, click Windows Security Center. 3. Click Windows Firewall.
  • 12. 11 Windows Firewall should be always turned on.
  • 13. 12 How Windows Firewall Works When someone on the Internet or on a network tries to connect to your computer, we call that attempt an "unsolicited request." When your computer gets an unsolicited request, Windows Firewall blocks the connection. If you run a program such as an instant messaging program or a multiplayer network game that needs to receive information from the Internet or a network, the firewall asks if you want to block or unblock (allow) the connection. You should see a window like the one below. If you choose to unblock the connection, Windows Firewall creates an exception so that the firewall won't bother you when that program needs to receive information in the future. The Exceptions tab includes a list of programs and services that you can select or deselect to allow or remove access to the network. You can also add or delete ports (both TCP and UDP). When adding programs or ports, you also have the following options to limit the scope of access: Any Computer (Including Those On The Internet), My Network (Subnet) Only, or Custom List, which allows you to choose a mix of IP addresses and subnets. On the Advanced tab, you can choose which connections the firewall will apply to, and you can specify logging features. You can also control, with some granularity, how the firewall handles Internet Control Message Protocol (ICMP) packets.
  • 14. 13 Finally, if you get completely lost and make changes that prevent the computer from connecting to the Internet, you can click the Restore Defaults button. This removes all of your changes, returning Windows Firewall to the Microsoft default state.
  • 15. 14 What Windows Firewall Does and Does Not Do It does It does not Help block computer viruses and Detect or disable computer viruses and worms if they worms from reaching your computer. are already on your computer. For that reason, you should also install antivirus software and keep it updated to help prevent viruses, worms, and other security threats from damaging your computer or using your computer to spread viruses to others. Ask for your permission to block or Stop you from opening e-mail with dangerous unblock certain connection requests. attachments. Don't open e-mail attachments from senders that you don't know. Even if you know and trust the source of the e-mail you should still be cautious. If someone you know sends you an e-mail attachment, look at the subject line carefully before opening it. If the subject line is gibberish or does not make any sense to you, check with the sender before opening it. Create a record (a security log), if Block spam or unsolicited e-mail from appearing in your you want one, that records successful inbox. However, some e-mail programs can help you do and unsuccessful attempts to connect this. to your computer. This can be useful as a troubleshooting tool.
  • 17. 16 Pros and Cons of Windows Firewall The Windows Firewall does a good job of proxying inbound responses to outbound connection requests, and it does a good job of blocking inbound connection requests for TCP or UDP conversations that you haven't initiated. It will block any connection attempts that you haven't specifically allowed in the settings. However, that's only half of what a firewall needs to do. A firewall should also monitor, inspect, and proxy outbound communication—and this is where Windows Firewall fails. Any program on your computer can initiate any type of connection to any IP address on the Internet, and the Windows Firewall will sit by passively and let it happen! Don't let any prompts fool you: Even though it tells you a program has initiated a connection to the Internet and asks if you want to allow this connection, the connection has already occurred. What it’s really asking is whether you want to allow the Internet to connect to this program.
  • 18. 17 ZoneAlarm Firewall ZoneAlarm is a personal firewall software application originally developed by Zone Labs, which was acquired by Check Point. It includes an inbound intrusion detection system, as well as the ability to control which programs can create outbound connections. In ZoneAlarm, program access is controlled by way of "zones", into which all network connections are divided. The "trusted zone" generally includes the user's local area network and can share resources such as files and printers, while the "Internet zone" includes everything not in the trusted zone. The user can specify which "permissions" (trusted zone client, trusted zone server, Internet zone client, Internet zone server) to give to a program before it attempts to access the Internet (e.g. before running it for the first time) or, alternatively, ZoneAlarm will ask the user to give the program permission on its first access attempt.
  • 19. 18 Features Designed to be used in conjunction with an antivirus program, the strongest tool in ZoneAlarm's belt is the outbound firewall. Though Windows does offer some outbound protection, it's not activated by default. Most users tend to leave it off because they either don't know about it, or when they do turn it on it regularly interrupts their workflow with pop-up security warnings. Older versions of ZoneAlarm used to be noisy with pop-ups as well, but the new version has been set to be quieter without changing the level of protection. If you prefer, this can be changed in the program settings. During the testing of the default ZoneAlarm Firewall settings, the only pop-ups encountered were those blocking new software installations. The pop-ups for the three programs tested went away and allowed the installation to proceed with one click. More than just a low rate of interference, only encountering pop-ups for program installations is precisely the kind of warning that keeps you aware of what's occurring on your computer without distracting you simply for surfing the Web.
  • 20. 19 The benefits of an outbound firewall might not be readily apparent. An inbound firewall blocks threats coming in from the outside, but an outbound firewall does more than prevent your computer from spreading viruses and malware to others. If your computer has been compromised by a botnet, for example, outbound protection will stop it from sending your data back to its host servers. It can also stop program spoofing, which is when a malicious program pretends to be a good one, and IP spoofing, which is when harmful network transmissions dress up as safe ones.
  • 21. 20 The ZoneAlarm toolbar has also been given more than a simple spit-shine. We can opt out of installing it when you run the main installer, and install it later if you wish, but ZoneAlarm was quick to point out that it without it key security features are not activated. Hiding the toolbar after it's been installed won't disable its protections, which include the aforementioned signature and heuristic-based anti phishing protections.
  • 22. 21 It also adds a site check option that can be used to reveal the date founded and physical location of the site and has customizable safe site buttons for launching regularly visited sites such as Facebook or your banking site. The e-mail checker built into the toolbar is compatible with Hotmail, Gmail, Yahoo, RR, Univision, and POP3 accounts.
  • 23. 22 Performance ZoneAlarm's performance was notable simply for how unnoticeable it was. Shutdown time did not appear to be affected at all, and neither did starting up cold nor rebooting. Changing the antivirus program that it was partnered with didn't affect the firewall's behavior, either. Pros and Cons of ZoneAlarm Pros: Free for non commercial use, frequently updated, protects incoming and outgoing connections without additional configuration Cons: Did not automatically configure as many applications.
  • 24. 23 Outpost Firewall Outpost Firewall Pro is a software-based personal firewall package developed by the Russian firm Agnitum. Outpost Firewall 2009 Free now includes full Windows Vista (32 and 64bit) support and a completely revamped user interface. Outpost Firewall Pro (personal firewall) is designed to monitor incoming and outgoing network traffic on Windows machines. Like most advanced PC firewalls (ZoneAlarm, Comodo, etc.), Outpost goes beyond monitoring internet traffic and also monitors application behavior in an attempt to stop malicious software covertly infecting Windows systems. Agnitum calls this technology "Component Control" and "Anti-Leak Control" (included into HIPS-based "Host Protection" module). The product also includes a spyware scanner and monitor, together with pop-up blocker/spyware filter for Internet Explorer and Mozilla Firefox (Outpost's web surfing security tools include black-lists for IPs and URLs, unwanted web page element filters and ad-blocking. The technology altogether is known as "Web control").
  • 25. 24 Outpost Firewall Pro allows the user to specifically define how a PC application connects to the Internet. This is known as the "Rules Wizard" mode, or policy, and is the default behavior for the program. When in this mode, Outpost Firewall Pro displays a prompt each time a new process attempts network access or when a process requests a connection that is not covered by its pre-validated rules. The idea being that this then lets the user decide whether an application should be allowed a network connection to a specific address, port or protocol. In practice, prompting users can make the product seem over complicated to less experienced users. Agnitum engineers includes pre-set rules for many popular applications. Users can optionally submit rules they have created through the AgnitumImproveNet system for validation and sharing new rules by Agnitum engineers via product updates. Outpost is a very powerful and feature rich firewall. Many users will barely scratch the surface of what can be done with the configuration manager. We're happy to report that the instant nagging prompts pushing users to upgrade to the paid version, which plagued the previous version of Outpost Firewall are gone. Gone too are the concerns about lack of support for the software. Agnitum seem fully committed to supporting this new free firewall and we had no concerns about the
  • 26. 25 software being out of date this time. Configuring and working with Outpost may initially seem a bit daunting, although with the new interface it is much easier. Pros and Cons of ZoneAlarm Pros: Very powerful firewall, extensive configuration options, protects incoming and outgoing connections without additional configuration, automatic configuration for lots of popular software, full 64 bit operating system support. Cons: Some users find ZoneAlarm easier to use, although thanks to the revamped interface Outpost Firewall is no longer as daunting to beginners.
  • 27. 26 Comodo Firewall Comodo Internet Security is currently ranked number 1 in Matousec's Proactive Security Challenge, and passing 100% of the 148 software firewall tests, and is the only firewall and host intrusion prevention system to consistently score number 1 or tie for number one (usually with Online Armor) in all independent tests. Comodo Internet Security was designed around the concept of layered security, by integrating components designed to prevent intrusions upon a computer system (the Firewall, Defense+, and Memory Firewall), with components designed to resolve any intrusions which the other components miss. This free software firewall, from a leading global security solutions provider and certification authority, use the patent pending "Clean PC Mode" to prohibit any applications from being installed on your computer unless it meets one of two criteria. Those criteria are a) the user gives permission for the installation and b) the application is on an extensive list of approved applications provided by Comodo. With this feature, you don't have to worry about unauthorized programs installing on your computer without your knowledge.
  • 28. 27 Configuration Comodo Firewall Pro is a freeware software package for Windows that that controls the programs that can connect to the outside world and the types of connections that they can make. If Comodo Firewall isn't configured correctly, it can prevent Firefox from accessing the Internet, causing Firefox to give Server not found errors. This describes how to configure Comodo Firewall Pro to give Firefox access to the Internet. Open Comodo Firewall Pro - click the Windows Start button, then click All Programs >Comodo> Firewall > COMODO Firewall Pro. In the Summary window, under the Security Monitoring heading, click the ApplicationMonitor.
  • 29. 28 In the list of Application Control Rules, locate any mentions of Firefox or firefox.exe. Click on each one, then click Remove. After removing each instance of Firefox in the Application Control Rules list, click the Tasks button. In the Tasks window, click the Define a new Trusted Application.
  • 30. 29 In the Trusted Application window, under the Specify Application heading, click Browse... Navigate to your Firefox program folder (usually C:Program FilesMozilla Firefox and choose firefox.exe. Click OK at the bottom of the Trusted Application Window.
  • 31. 30 Return to the Application Monitor by clicking its icon on the left side of the Window. You should see Firefox listed, this time with full access rights. Unless you have a whole lot of stuff to setup or multiple users or youare on a network machine, we would suggest just install and enter the settings as the firewall detects new applications and activities. In the message box that shows up 1.set the action to do (allow . block ...) 2.set the type of app that it is (installer,.....) 3.Ifyou want to set this property for this app permanently check the the box (do this always) As you add more app to the do always list the frequency of the Message box will go down.
  • 32. 31 PROS of Comodo Firewall 1. Free means free! : Comodo firewall is a completely free software and they actually mean free. They don’t give any nag screens, no promotional offers, nothing. They are giving away the software at zero cost. They just require you to supply you with your email address, so that they can send you the registration key at no cost. They send registration keys to keep a track on how many people are using their software. 2. Great security : It delivers, what it is supposed to and thus qualifies itself as one of the better security softwares available on the Internet. In various tests, it has proved its worth and helped in identifying the unwanted elements. It blocks attacks from outside world and blocks malware-style leak tests. Let’s you take control of the softwares or programs which will access the Internet connection. Watch out bad guys, the firewall will not let you break into the computer so easily. 3. Simple Interface : The interface of the software is also simple. It is good enough for any user and most of the users will find ease in using and going through
  • 33. 32 the options it has to offer. However, still there is scope of improvement but I’m sure that most of the users will be fine with it. 4. Recognize know programs : One of the good thing about this software is that it lets you scan your computer first and then automatically puts the known programs in the safe list and doesn’t give alerts for those softwares. CONS of ComodoFirewall : 1. Too many alerts : Somehow, it gave lots and lots of alerts and thus it can alarm any beginner in starting and can create problems in case a user clicks on the deny button of an important software. Although, alerts can be minimized by letting the program scan through the system for the known programs. 2. Starting problems in accessing the web based services : I did face some problems in accessing the web based services like GMail, Google Reader. However, once I restarted the computer, everything seemed normal. After, using it for few days, I started to face the problem in connecting to the Internet and gave me errors too. However, just a simple restart and everything used to get back to normal.
  • 34. 33 Bibliography "Firewalls-A complete guide*"-J.L.Aadrew .S .Tanenbuam www.google.com Firewall and Internet Security -Cheswick, Bellovin, Rubin The Best Damn Firewall Book Period -Cherie Amon