Scribd Logo
Upload

Welcome to Scribd!

  • 48 views

    Firewall

    Uploaded by

    itinfopark
    A firewall is a device or software that protects private networks from unauthorized access by filtering network traffic based on a set of rules. It sits between a protected internal network and an unprotected external network like the internet. There are different types of firewalls including packet filters, application-level firewalls, and proxies that operate at different layers of the network stack and use stateful and stateless filtering to allow or deny traffic. Firewalls help ensure private information stays private and networks are protected from malicious threats.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd

    Firewall

    Uploaded by

    itinfopark
    48 views4 pages
    A firewall is a device or software that protects private networks from unauthorized access by filtering network traffic based on a set of rules. It sits between a protected internal network and an unprotected external network like the internet. There are different types of firewalls including packet filters, application-level firewalls, and proxies that operate at different layers of the network stack and use stateful and stateless filtering to allow or deny traffic. Firewalls help ensure private information stays private and networks are protected from malicious threats.

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    A firewall is a device or software that protects private networks from unauthorized access by filtering network traffic based on a set of rules. It sits between a protected internal network and an unprotected external network like the internet. There are different types of firewalls including packet filters, application-level firewalls, and proxies that operate at different layers of the network stack and use stateful and stateless filtering to allow or deny traffic. Firewalls help ensure private information stays private and networks are protected from malicious threats.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    48 views4 pages

    Firewall

    Uploaded by

    itinfopark
    A firewall is a device or software that protects private networks from unauthorized access by filtering network traffic based on a set of rules. It sits between a protected internal network and an unprotected external network like the internet. There are different types of firewalls including packet filters, application-level firewalls, and proxies that operate at different layers of the network stack and use stateful and stateless filtering to allow or deny traffic. Firewalls help ensure private information stays private and networks are protected from malicious threats.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    You are on page 1of 4

    Firewall

    A firewall is a part of a computer system or network that is designed to block


    unauthorized access while permitting authorized communications. It is a
    device or set of devices which is configured to permit or deny computer
    applications based upon a set of rules and other criteria.

    Firewalls can be implemented in either hardware or software, or a


    combination of both. Firewalls are frequently used to prevent unauthorized
    Internet users from accessing private networks connected to the Internet,
    especially intranets. All messages entering or leaving the intranet pass
    through the firewall, which examines each message and blocks those that do
    not meet the specified security criteria.

    There are several types of firewall techniques:

    1. Packet filter: Packet filtering inspects each packet passing through the
    network and accepts or rejects it based on user-defined rules. Although
    difficult to configure, it is fairly effective and mostly transparent to its
    users. It is susceptible to IP spoofing.
    2. Application gateway: Applies security mechanisms to specific
    applications, such as FTP and Telnet servers. This is very effective, but
    can impose a performance degradation.
    3. Circuit-level gateway: Applies security mechanisms when a TCP or
    UDP connection is established. Once the connection has been made,
    packets can flow between the hosts without further checking.
    4. Proxy server: Intercepts all messages entering and leaving the
    network. The proxy server effectively hides the true network addresses.

    Function

    A firewall is a dedicated appliance, or software running on a computer,


    which inspects network traffic passing through it, and denies or permits
    passage based on a set of rules/criteria.
    It is normally placed between a protected network and an unprotected
    network and acts like a gate to protect assets to ensure that nothing private
    goes out and nothing malicious comes in.

    A firewall's basic task is to regulate some of the flow of traffic between


    computer networks of different trust levels. Typical examples are the Internet
    which is a zone with no trust and an internal network which is a zone of
    higher trust. A zone with an intermediate trust level, situated between the
    Internet and a trusted internal network, is often referred to as a "perimeter
    network" or Demilitarized zone (DMZ).

    A firewall's function within a network is similar to physical firewalls with


    fire doors in building construction. In the former case, it is used to prevent
    network intrusion to the private network. In the latter case, it is intended to
    contain and delay structural fire from spreading to adjacent structures.

    Types

    There are several classifications of firewalls depending on where the


    communication is taking place, where the communication is intercepted and
    the state that is being traced.

    Network layer and packet filters

    Network layer firewalls, also called packet filters, operate at a relatively low
    level of the TCP/IP protocol stack, not allowing packets to pass through the
    firewall unless they match the established rule set. The firewall
    administrator may define the rules; or default rules may apply. The term
    "packet filter" originated in the context of BSD operating systems.

    Network layer firewalls generally fall into two sub-categories, stateful and
    stateless. Stateful firewalls maintain context about active sessions, and use
    that "state information" to speed packet processing. Any existing network
    connection can be described by several properties, including source and
    destination IP address, UDP or TCP ports, and the current stage of the
    connection's lifetime (including session initiation, handshaking, data
    transfer, or completion connection). If a packet does not match an existing
    connection, it will be evaluated according to the ruleset for new connections.
    If a packet matches an existing connection based on comparison with the
    firewall's state table, it will be allowed to pass without further processing.

    Stateless firewalls require less memory, and can be faster for simple filters
    that require less time to filter than to look up a session. They may also be
    necessary for filtering stateless network protocols that have no concept of a
    session. However, they cannot make more complex decisions based on what
    stage communications between hosts have reached.

    Modern firewalls can filter traffic based on many packet attributes like
    source IP address, source port, destination IP address or port, destination
    service like WWW or FTP. They can filter based on protocols, TTL values,
    netblock of originator, of the source, and many other attributes.

    Commonly used packet filters on various versions of Unix are ipf (various),
    ipfw (FreeBSD/Mac OS X), pf (OpenBSD, and all other BSDs),
    iptables/ipchains (Linux).

    Application-layer

    Application-layer firewalls work on the application level of the TCP/IP stack


    (i.e., all browser traffic, or all telnet or ftp traffic), and may intercept all
    packets traveling to or from an application. They block other packets
    (usually dropping them without acknowledgment to the sender). In principle,
    application firewalls can prevent all unwanted outside traffic from reaching
    protected machines.

    On inspecting all packets for improper content, firewalls can restrict or


    prevent outright the spread of networked computer worms and trojans. The
    additional inspection criteria can add extra latency to the forwarding of
    packets to their destination.

    Proxies

    A proxy device (running either on dedicated hardware or as software on a


    general-purpose machine) may act as a firewall by responding to input
    packets (connection requests, for example) in the manner of an application,
    whilst blocking other packets.
    Proxies make tampering with an internal system from the external network
    more difficult and misuse of one internal system would not necessarily cause
    a security breach exploitable from outside the firewall (as long as the
    application proxy remains intact and properly configured). Conversely,
    intruders may hijack a publicly-reachable system and use it as a proxy for
    their own purposes; the proxy then masquerades as that system to other
    internal machines. While use of internal address spaces enhances security,
    crackers may still employ methods such as IP spoofing to attempt to pass
    packets to a target network.

    You might also like