Solution of Exercise Sheet 5

Size: px
Start display at page:

Download "Solution of Exercise Sheet 5"

Transcription

1 Foundations of Cybersecurity (Winter 15/16) Prof. Dr. Michael Backes CISPA / Saarland University saarland university computer science Protocols = {????} Client Server IP Address =???? IP Address =???? Figure 1: Communication scenario Solution of Exercise Sheet 5 1 Network packets Figure 1 shows the communication scenario for which a network trace (exercise- 5.pcapng) has been provided. The first task is to identify the actors and the protocols involved in the communication. (1 point) i. Identify the IP address of the client and the IP address of the server? Client IP address = Server IP address = (2 points) ii. List at least 3 application layer protocols that the client has used to establish a communication with the server? Application layer protocols: HTTP, TELNET, SSH (3 points) iii. Are these protocols secure or insecure? If they are insecure, what would be your suggestion for a replacement? HTTP and TELNET are insecure protocols. The secure replacement for these protocols are: HTTPS and SSH. 2 Packet Structure 1/6

2 Version (4 bits) Header Length (4 bits) Type of service (8 bits) Total Length (16 bits) Identification Flags Fragment Offset Time to live (TTL) Protocol Checksum Source IP Address (32 bits) Destination IP Address (32 bits) Options Data Figure 2: IP Header Source Port Number (16 bits) Destination Port Number (16 bits) Sequence Number Acknowledgement Number Checksum Control Bits (9 bits) Window Size Urgent Pointer Options Data Figure 3: TCP Header Select a package which has HTTP as a protocol and the info column says GET. Take a closer look to see the similarities and differences between it and the TCP/IP model as was described in the lecture. In wireshark, the protocol blocks are shown in the middle panel, i.e., details view. To expand each block and get all the details for the selected packet click on the + sign. Spend some time trying to understand the layered communication and answer the following questions: (2 points) i. Examine the selected HTTP request and identify the transport and the internet layer. Figure 2 and 3 show the header format of TCP and IP and different options in the header, as discussed in the lecture. Your task is to fill in the marked cells with the appropriate values from the selected HTTP request. In the packet trace provided for the exercise sheet there are two HTTP GET requests. Depending of the chosen request there are might be more then one correct answers. IP Header: Version = 4, Header Length = 20 bytes, Total Length = 407 (or 381), Time To Live = 128, Protocol = TCP, Source IP = , 2/6

3 Destination IP = TCP Header: Source Port Number = (or 64126), Destination Port = 80, Window Size = 256 (2 points) ii. Can you extract any kind of data from the website? If yes, provide a small portion of that data. One simple example would be: <title>test Page for the Apache HTTP Server on Fedora</title> 3 Insecure protocols The client is using insecure protocol to log in to the server (see Figure 1). He is not aware that his username and password are sent via insecure communication channel. Your task as a security expert is to identify the problem and suggest a solution. (7 points) i. Identify the (insecure) protocol that the client has used to log in to the server. Which protocol has been used? What are his credentials? The client uses TELNET to connect to the remote server. His credentials are: username: testuser password: (3 points) ii. What would you suggest as a secure protocol replacement? How does the replacement prevent the leakage? Explain your answer! The secure replacement would be SSH. 4 Network Firewalls In the lecture, we have seen stateless packet-filter firewalls, i.e. every packet is handled and checked against the list of configured access rules on an individual basis. In addition to stateless packet-filters, there are also stateful packet-filters (You can refer to https://en.wikipedia.org/wiki/stateful_firewall to get more information). (1 point) i. Briefly describe the difference of stateless and stateful packet-filters. 3/6

4 Some (propably too long) sample answer: A stateful firewall keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. It is capable of distinguishing legitimate packets for different types of connections. Only packets matching a known active connection will be allowed by the firewall; others will be rejected. A stateless firewall treats each network frame (or packet) in isolation. Such packet filters might function more efficiently because they only look at the header part of a packet. This is at the same time a drawback as they cannot check the context which makes them vulnerable to spoofing attacks. Stateless firewalls have no way of knowing whether any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet. (3 points) ii. Name and briefly explain two advantages and disadvantages of stateful packet-filters. Should stateful packet-filters always be preferred over stateless filters? Why? Check wikipedia article, e.g.: + can use context (session/connection) for filtering + can defend against spoofing + necessary to allow some services (like FTP see below) - might be slower under heavy load - more complex and harder to administrate - require memory to track connections (2 points) iii. Name two concrete scenarios in which a stateless packet-filter cannot be used. Usage of secure protocols such as IPsec for tunneling and encryption. File Transfer Protocol (FTP). By design, such protocols need to be able to open connections to arbitrary high/unprivileged ports to function properly. Since a stateless firewall has no way of knowing 4/6

5 that the packet destined to the protected network (to some host s destination port 4970, for example) is part of a legitimate FTP session, it will drop the packet. (4 points) iv. We would like to test whether a firewall performs stateless or stateful inspection of TCP traffic. We assume that: The firewall filters traffic exchanged between two hosts (Host #1 and Host #2), as shown in Figure 4. The firewall allows Host #1 to access any Web server running on Host #2. The default security policy is Deny all. Moreover, we assume that five packets have been generated and exchanged (see Figure 4). By analyzing the accepted and denied packets, tell whether the firewall performs stateless or stateful packet inspection and briefly explain your answer. Figure 4: List of packets accepted and denied by the firewall To answer this question, students have to read how a tcp connection is established (1. syn to dest host, 2. syn ack to source host, 3. ack to dest host) The firewall performs stateful packet filtering. Host #1 initiates a FTP connection with source port Packet #1, #3, and #4 belong to the 5/6

6 three-way tcp handshake. Packet #2 is dropped as it does not belong to a connection (there were no prior packets for syn and syn ack). Packet #5 is accepted as it initiates a new telnet connection. A stateless packet filter would drop packet #3, due to the deny all rule (for unprivileged ports, here 2000). The FTP connection could not be established then. 6/6

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall Chapter 10 Firewall Firewalls are devices used to protect a local network from network based security threats while at the same time affording access to the wide area network and the internet. Basically,

More information

CSE331: Introduction to Networks and Security. Lecture 12 Fall 2006

CSE331: Introduction to Networks and Security. Lecture 12 Fall 2006 CSE331: Introduction to Networks and Security Lecture 12 Fall 2006 Announcements Midterm I will be held Friday, Oct. 6th. True/False Multiple Choice Calculation Short answer Short essay Project 2 is on

More information

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2

More information

Firewalls. configuring a sophisticated GNU/Linux firewall involves understanding

Firewalls. configuring a sophisticated GNU/Linux firewall involves understanding Firewalls slide 1 configuring a sophisticated GNU/Linux firewall involves understanding iptables iptables is a package which interfaces to the Linux kernel and configures various rules for allowing packets

More information

Lecture 23: Firewalls

Lecture 23: Firewalls Lecture 23: Firewalls Introduce several types of firewalls Discuss their advantages and disadvantages Compare their performances Demonstrate their applications C. Ding -- COMP581 -- L23 What is a Digital

More information

Firewalls and Intrusion Detection Systems. Advanced Computer Networks

Firewalls and Intrusion Detection Systems. Advanced Computer Networks Firewalls and Intrusion Detection Systems Advanced Computer Networks Firewalls & IDS Outline Firewalls Stateless packet filtering Stateful packet filtering Access Control Lists Application Gateways Intrusion

More information

ΕΠΛ 674: Εργαστήριο 5 Firewalls

ΕΠΛ 674: Εργαστήριο 5 Firewalls ΕΠΛ 674: Εργαστήριο 5 Firewalls Παύλος Αντωνίου Εαρινό Εξάμηνο 2011 Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized

More information

NETWORK SECURITY. Ch. 8: Defense Mechanism - Firewall

NETWORK SECURITY. Ch. 8: Defense Mechanism - Firewall NETWORK SECURITY Ch. 8: Defense Mechanism - Firewall Firewall A firewall is a hardware, software, or a combination of both that monitors and filters traffic packets that attempt to either enter or leave

More information

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts

More information

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls CEN 448 Security and Internet Protocols Chapter 20 Firewalls Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa

More information

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized Internet users

More information

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall Firewall Introduction Several Types of Firewall. Cisco PIX Firewall What is a Firewall? Non-computer industries: a wall that controls the spreading of a fire. Networks: a designed device that controls

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

CYBER ATTACKS EXPLAINED: PACKET CRAFTING CYBER ATTACKS EXPLAINED: PACKET CRAFTING Protect your FOSS-based IT infrastructure from packet crafting by learning more about it. In the previous articles in this series, we explored common infrastructure

More information

Network Security. Chapter 3. Cornelius Diekmann. Version: October 21, 2015. Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik

Network Security. Chapter 3. Cornelius Diekmann. Version: October 21, 2015. Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik Network Security Chapter 3 Cornelius Diekmann Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik Version: October 21, 2015 IN2101, WS 15/16, Network Security 1 Security Policies and

More information

FIREWALL AND NAT Lecture 7a

FIREWALL AND NAT Lecture 7a FIREWALL AND NAT Lecture 7a COMPSCI 726 Network Defence and Countermeasures Muhammad Rizwan Asghar August 3, 2015 Source of most of slides: University of Twente FIREWALL An integrated collection of security

More information

- TCP and UDP - Transport Layer Protocols

- TCP and UDP - Transport Layer Protocols 1 Transport Layer Protocols - TCP and UDP - The Transport layer (OSI Layer-4) does not actually transport data, despite its name. Instead, this layer is responsible for the reliable transfer of data, by

More information

Firewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015)

Firewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015) s (March 4, 2015) Abdou Illia Spring 2015 Test your knowledge Which of the following is true about firewalls? a) A firewall is a hardware device b) A firewall is a software program c) s could be hardware

More information

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall. Firewalls 1 Firewalls Idea: separate local network from the Internet Trusted hosts and networks Firewall Intranet Router DMZ Demilitarized Zone: publicly accessible servers and networks 2 1 Castle and

More information

Chapter 8 Security Pt 2

Chapter 8 Security Pt 2 Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,

More information

Firewall Implementation

Firewall Implementation CS425: Computer Networks Firewall Implementation Ankit Kumar Y8088 Akshay Mittal Y8056 Ashish Gupta Y8410 Sayandeep Ghosh Y8465 October 31, 2010 under the guidance of Prof. Dheeraj Sanghi Department of

More information

Introduction of Intrusion Detection Systems

Introduction of Intrusion Detection Systems Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:

More information

OS/390 Firewall Technology Overview

OS/390 Firewall Technology Overview OS/390 Firewall Technology Overview Washington System Center Mary Sweat E - Mail: sweatm@us.ibm.com Agenda Basic Firewall strategies and design Hardware requirements Software requirements Components of

More information

Internet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering

Internet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering Internet Firewall CSIS 3230 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 8.8: Packet filtering, firewalls, intrusion detection Ch

More information

EXPLORER. TFT Filter CONFIGURATION

EXPLORER. TFT Filter CONFIGURATION EXPLORER TFT Filter Configuration Page 1 of 9 EXPLORER TFT Filter CONFIGURATION Thrane & Thrane Author: HenrikMøller Rev. PA4 Page 1 6/15/2006 EXPLORER TFT Filter Configuration Page 2 of 9 1 Table of Content

More information

FIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others

FIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others FIREWALLS FIREWALLS Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others FIREWALLS: WHY Prevent denial of service attacks: SYN flooding: attacker

More information

Hands-on Network Traffic Analysis. 2015 Cyber Defense Boot Camp

Hands-on Network Traffic Analysis. 2015 Cyber Defense Boot Camp Hands-on Network Traffic Analysis 2015 Cyber Defense Boot Camp What is this about? Prerequisite: network packet & packet analyzer: (header, data) Enveloped letters inside another envelope Exercises Basic

More information

Stateful Firewalls. Hank and Foo

Stateful Firewalls. Hank and Foo Stateful Firewalls Hank and Foo 1 Types of firewalls Packet filter (stateless) Proxy firewalls Stateful inspection Deep packet inspection 2 Packet filter (Access Control Lists) Treats each packet in isolation

More information

Firewall Firewall August, 2003

Firewall Firewall August, 2003 Firewall August, 2003 1 Firewall and Access Control This product also serves as an Internet firewall, not only does it provide a natural firewall function (Network Address Translation, NAT), but it also

More information

1. Firewall Configuration

1. Firewall Configuration 1. Firewall Configuration A firewall is a method of implementing common as well as user defined security policies in an effort to keep intruders out. Firewalls work by analyzing and filtering out IP packets

More information

Computer and Network Security Exercise no. 4

Computer and Network Security Exercise no. 4 University of Haifa Winter Semester 11/1/12 Computer and Network Security Exercise no. 4 Submit in Pairs/Single to mailbox 19 by 25/1/12, 2:00 p.m. 1. Following the sensitivity of the information in its

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Network Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Circuit switching vs. packet switching OSI and TCP/IP layered models TCP/IP encapsulation

More information

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding? Page 1 of 5 1. Introduction The present document explains about common attack scenarios to computer networks and describes with some examples the following features of the MilsGates: Protection against

More information

Attack Lab: Attacks on TCP/IP Protocols

Attack Lab: Attacks on TCP/IP Protocols Laboratory for Computer Security Education 1 Attack Lab: Attacks on TCP/IP Protocols Copyright c 2006-2010 Wenliang Du, Syracuse University. The development of this document is funded by the National Science

More information

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection. A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based

More information

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton

More information

Firewalls. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Firewall Design Principles

Firewalls. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Firewall Design Principles Firewalls Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Firewall Design Principles Firewall Characteristics Types of Firewalls Firewall Configurations

More information

Network Security. Internet Firewalls. Chapter 13. Network Security (WS 2002): 13 Internet Firewalls 1 Dr.-Ing G. Schäfer

Network Security. Internet Firewalls. Chapter 13. Network Security (WS 2002): 13 Internet Firewalls 1 Dr.-Ing G. Schäfer Network Security Chapter 13 Internet Firewalls Network Security (WS 2002): 13 Internet Firewalls 1 Introduction to Network Firewalls (1)! In building construction, a firewall is designed to keep a fire

More information

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.

More information

SOFTWARE ENGINEERING 4C03. Computer Networks & Computer Security. Network Firewall

SOFTWARE ENGINEERING 4C03. Computer Networks & Computer Security. Network Firewall SOFTWARE ENGINEERING 4C03 Computer Networks & Computer Security Network Firewall HAO WANG #0159386 Instructor: Dr. Kartik Krishnan Mar.29, 2004 Software Engineering Department of Computing and Software

More information

Firewalls, Tunnels, and Network Intrusion Detection

Firewalls, Tunnels, and Network Intrusion Detection Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls

More information

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with

More information

Network Security: Workshop. Dr. Anat Bremler-Barr. Assignment #2 Analyze dump files Solution Taken from www.chrissanders.org

Network Security: Workshop. Dr. Anat Bremler-Barr. Assignment #2 Analyze dump files Solution Taken from www.chrissanders.org 1.pcap - File download Network Security: Workshop Dr. Anat Bremler-Barr Assignment #2 Analyze dump files Solution Taken from www.chrissanders.org Downloading a file is a pretty basic function when described

More information

Chapter 8 Network Security

Chapter 8 Network Security [Computer networking, 5 th ed., Kurose] Chapter 8 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 84Securing 8.4 e-mail 8.5 Securing TCP connections: SSL 8.6 Network

More information

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace Lab Exercise SSL/TLS Objective To observe SSL/TLS (Secure Sockets Layer / Transport Layer Security) in action. SSL/TLS is used to secure TCP connections, and it is widely used as part of the secure web:

More information

A1.1.1.11.1.1.2 1.1.1.3S B

A1.1.1.11.1.1.2 1.1.1.3S B CS Computer 640: Network AdityaAkella Lecture Introduction Networks Security 25 to Security DoS Firewalls and The D-DoS Vulnerabilities Road Ahead Security Attacks Protocol IP ICMP Routing TCP Security

More information

20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7

20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7 20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic

More information

Network Traffic Evolution. Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig

Network Traffic Evolution. Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig Network Traffic Evolution Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig 1 Example trace Name port % bytes % packets bytes per packet world-wide-web 80???????????? netnews 119???????????? pop-3 mail 110????????????...

More information

OSI Transport layer. Dr. Luca Allodi - Network Security - University of Trento, DISI (AA 2015/2016)

OSI Transport layer. Dr. Luca Allodi - Network Security - University of Trento, DISI (AA 2015/2016) OSI Transport layer Dr. Luca Allodi - Network Security - University of Trento, DISI (AA 2015/2016) 1 Transmission Control Protocol (TCP) IP can only be used to send datagrams chunks or streams of information

More information

Intro to Firewalls. Summary

Intro to Firewalls. Summary Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer

More information

Firewalls. Chapter 3

Firewalls. Chapter 3 Firewalls Chapter 3 1 Border Firewall Passed Packet (Ingress) Passed Packet (Egress) Attack Packet Hardened Client PC Internet (Not Trusted) Hardened Server Dropped Packet (Ingress) Log File Internet Border

More information

What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services

What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services Firewalls What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services only authorized traffic is allowed Auditing and

More information

Security. TestOut Modules 12.6 12.10

Security. TestOut Modules 12.6 12.10 Security TestOut Modules 12.6 12.10 Authentication Authentication is the process of submitting and checking credentials to validate or prove user identity. 1. Username 2. Credentials Password Smart card

More information

Firewalls. Ahmad Almulhem March 10, 2012

Firewalls. Ahmad Almulhem March 10, 2012 Firewalls Ahmad Almulhem March 10, 2012 1 Outline Firewalls The Need for Firewalls Firewall Characteristics Types of Firewalls Firewall Basing Firewall Configurations Firewall Policies and Anomalies 2

More information

Securizarea Calculatoarelor și a Rețelelor 13. Implementarea tehnologiei firewall CBAC pentru protejarea rețelei

Securizarea Calculatoarelor și a Rețelelor 13. Implementarea tehnologiei firewall CBAC pentru protejarea rețelei Platformă de e-learning și curriculă e-content pentru învățământul superior tehnic Securizarea Calculatoarelor și a Rețelelor 13. Implementarea tehnologiei firewall CBAC pentru protejarea rețelei Firewall

More information

Outline (Network Security Challenge)

Outline (Network Security Challenge) Outline (Network Security Challenge) Security Device Selection Internet Sharing Solution Service Publishing 2 Security Device Selection Firewall Firewall firewall: An introduction to firewalls A firewall

More information

Network Security. Chapter 13. Internet Firewalls. Network Security (WS 07/08): 13 Internet Firewalls 1 Dr.-Ing G. Schäfer

Network Security. Chapter 13. Internet Firewalls. Network Security (WS 07/08): 13 Internet Firewalls 1 Dr.-Ing G. Schäfer Network Security Chapter 13 Internet Firewalls Network Security (WS 07/08): 13 Internet Firewalls 1 Introduction to Network Firewalls (1) In building construction, a firewall is designed to keep a fire

More information

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Final exam review, Fall 2005 FSU (CIS-5357) Network Security Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection

More information

Proxy Server, Network Address Translator, Firewall. Proxy Server

Proxy Server, Network Address Translator, Firewall. Proxy Server Proxy Server, Network Address Translator, Firewall 1 Proxy Server 2 1 Introduction What is a proxy server? Acts on behalf of other clients, and presents requests from other clients to a server. Acts as

More information

Computer Networks. Secure Systems

Computer Networks. Secure Systems Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to

More information

83-10-41 Types of Firewalls E. Eugene Schultz Payoff

83-10-41 Types of Firewalls E. Eugene Schultz Payoff 83-10-41 Types of Firewalls E. Eugene Schultz Payoff Firewalls are an excellent security mechanism to protect networks from intruders, and they can establish a relatively secure barrier between a system

More information

Bypassing Firewall. @ PISA AGM Theme Seminar 2005. Presented by Ricky Lou Zecure Lab Limited

Bypassing Firewall. @ PISA AGM Theme Seminar 2005. Presented by Ricky Lou Zecure Lab Limited Bypassing Firewall @ PISA AGM Theme Seminar 2005 Presented by Ricky Lou Zecure Lab Limited Firewall Piercing (Inside-Out Attacks) Disclaimer We hereby disclaim all responsibility for the following hacks.

More information

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by

More information

Proxy Server, Network Address Translator, Firewall

Proxy Server, Network Address Translator, Firewall For Summer Training on Computer Networking visit Proxy Server, Network Address Translator, Firewall Prepared by : Swapan Purkait Director Nettech Private Limited swapan@nettech.in + 91 93315 90003 Proxy

More information

NETWORK SECURITY (W/LAB) Course Syllabus

NETWORK SECURITY (W/LAB) Course Syllabus 6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information

More information

Configuring Security for FTP Traffic

Configuring Security for FTP Traffic 2 Configuring Security for FTP Traffic Securing FTP traffic Creating a security profile for FTP traffic Configuring a local traffic FTP profile Assigning an FTP security profile to a local traffic FTP

More information

Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300

Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300 Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300 This example explains how to configure pre-shared key based simple IPSec tunnel between NetScreen Remote Client and RN300 VPN Gateway.

More information

Understand the OSI Model

Understand the OSI Model Understand the OSI Model Part 2 Lesson Overview In this lesson, you will learn information about: Frames Packets Segments TCP TCP/IP Model Well-known ports for most-used purposes Anticipatory Set Review

More information

Network Defense Tools

Network Defense Tools Network Defense Tools Prepared by Vanjara Ravikant Thakkarbhai Engineering College, Godhra-Tuwa +91-94291-77234 www.cebirds.in, www.facebook.com/cebirds ravikantvanjara@gmail.com What is Firewall? A firewall

More information

Module II. Internet Security. Chapter 6. Firewall. Web Security: Theory & Applications. School of Software, Sun Yat-sen University

Module II. Internet Security. Chapter 6. Firewall. Web Security: Theory & Applications. School of Software, Sun Yat-sen University Module II. Internet Security Chapter 6 Firewall Web Security: Theory & Applications School of Software, Sun Yat-sen University Outline 6.1 Introduction to Firewall What Is a Firewall Types of Firewall

More information

Fig. 4.2.1: Packet Filtering

Fig. 4.2.1: Packet Filtering 4.2 Types of Firewalls /DKo98/ FIREWALL CHARACTERISTICS 1. All traffic from inside to outside, and vice versa, must pass through the firewall. This is achieved by physically blocking all access to the

More information

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT Roopa K. Panduranga Rao MV Dept of CS and Engg., Dept of IS and Engg., J.N.N College of Engineering, J.N.N College of Engineering,

More information

ELEN 689: Topics in Network Security: Firewalls. Ellen Mitchell Computing and Information Services 20 April 2006

ELEN 689: Topics in Network Security: Firewalls. Ellen Mitchell Computing and Information Services 20 April 2006 ELEN 689: Topics in Network Security: Firewalls Ellen Mitchell Computing and Information Services 20 April 2006 Firewall Historically: a wall constructed to prevent the spread of fire Firewall Function

More information

Overview of TCP/IP. TCP/IP and Internet

Overview of TCP/IP. TCP/IP and Internet Overview of TCP/IP System Administrators and network administrators Why networking - communication Why TCP/IP Provides interoperable communications between all types of hardware and all kinds of operating

More information

CSE 127: Computer Security. Network Security. Kirill Levchenko

CSE 127: Computer Security. Network Security. Kirill Levchenko CSE 127: Computer Security Network Security Kirill Levchenko December 4, 2014 Network Security Original TCP/IP design: Trusted network and hosts Hosts and networks administered by mutually trusted parties

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Firewall 1 Basic firewall concept Roadmap Filtering firewall Proxy firewall Network Address Translation

More information

7. Firewall - Concept

7. Firewall - Concept 7. - Concept ค อ อ ปกรณ Hardware หร อ Software ซ งถ กต ดต ง เพ อ อน ญาต (permit), ปฏ เสธ(deny) หร อ เป นต วแทน(proxy data) ให ผ านไปย งเคร อข ายท ม ระด บความเช อถ อต างก น 7. - Concept components Network

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Network Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Circuit switching vs. packet switching OSI and TCP/IP layered models TCP/IP encapsulation

More information

INTERNET ENABLED SYSTEMS NETWORK PROTOCOLS

INTERNET ENABLED SYSTEMS NETWORK PROTOCOLS DEVICES AND COMMUNICATION BUSES FOR DEVICES NETWORK Lesson-24: INTERNET ENABLED SYSTEMS NETWORK PROTOCOLS 1 Internet enabled embedded system Communication to other on the Internet. Use html (hyper text

More information

Using SYN Flood Protection in SonicOS Enhanced

Using SYN Flood Protection in SonicOS Enhanced SonicOS Using SYN Flood Protection in SonicOS Enhanced Introduction This TechNote will describe SYN Flood protection can be activated on SonicWALL security appliance to protect internal networks. It will

More information

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann

More information

VLAN und MPLS, Firewall und NAT,

VLAN und MPLS, Firewall und NAT, Internet-Technologien (CS262) VLAN und MPLS, Firewall und NAT, 15.4.2015 Christian Tschudin Departement Mathematik und Informatik, Universität Basel 6-1 Wiederholung Unterschied CSMA/CD und CSMA/CA? Was

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

How to Make the Client IP Address Available to the Back-end Server

How to Make the Client IP Address Available to the Back-end Server How to Make the Client IP Address Available to the Back-end Server For Layer 4 - UDP and Layer 4 - TCP services, the actual client IP address is passed to the server in the TCP header. No further configuration

More information

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP Guide to Network Defense and Countermeasures Third Edition Chapter 2 TCP/IP Objectives Explain the fundamentals of TCP/IP networking Describe IPv4 packet structure and explain packet fragmentation Describe

More information

Internet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering

Internet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls

More information

Contents. Copyright ZYCOO All Rights Reserved 2 / 18

Contents. Copyright ZYCOO All Rights Reserved 2 / 18 Contents 1. Introduction... 3 2. Embedded Security Solutions... 4 2.1 SSH Access... 4 2.2 Brutal SIP Flood... 4 2.3 SIP Register Limitation... 5 2.4 Guest calls... 5 3. Manually configure system to raise

More information

Class Test 2 - e-security (CSN11102/11117) Semester 2, Session 2012-13

Class Test 2 - e-security (CSN11102/11117) Semester 2, Session 2012-13 Class Test 2 - e-security (CSN11102/11117) Semester 2, Session 2012-13 Outline Requirements The test will account for 20% of the module final grade, and is based on the academic content of the course covering

More information

Firewalls and System Protection

Firewalls and System Protection Firewalls and System Protection Firewalls Distributed Systems Paul Krzyzanowski 1 Firewalls: Defending the network inetd Most UNIX systems ran a large number of tcp services as dæmons e.g., rlogin, rsh,

More information

Distributed Systems. Firewalls: Defending the Network. Paul Krzyzanowski pxk@cs.rutgers.edu

Distributed Systems. Firewalls: Defending the Network. Paul Krzyzanowski pxk@cs.rutgers.edu Distributed Systems Firewalls: Defending the Network Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution

More information

Network Security in Practice

Network Security in Practice Network Security in Practice Practices of Network Security ccess control: firewalls ttacks and counter measures Security protocol case studies Kai Shen 12/8/2014 CSC 257/457 - Fall 2014 1 12/8/2014 CSC

More information

Firewall Design Principles Firewall Characteristics Types of Firewalls

Firewall Design Principles Firewall Characteristics Types of Firewalls Firewall Design Principles Firewall Characteristics Types of Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for these slides. Fall 2008

More information

Firewalls. Network Security. Firewalls Defined. Firewalls

Firewalls. Network Security. Firewalls Defined. Firewalls Network Security Firewalls Firewalls Types of Firewalls Screening router firewalls Computer-based firewalls Firewall appliances Host firewalls (firewalls on clients and servers) Inspection Methods Firewall

More information

ReadyNAS Remote White Paper. NETGEAR May 2010

ReadyNAS Remote White Paper. NETGEAR May 2010 ReadyNAS Remote White Paper NETGEAR May 2010 Table of Contents Overview... 3 Architecture... 3 Security... 4 Remote Firewall... 5 Performance... 5 Overview ReadyNAS Remote is a software application that

More information

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc. Considerations In Developing Firewall Selection Criteria Adeptech Systems, Inc. Table of Contents Introduction... 1 Firewall s Function...1 Firewall Selection Considerations... 1 Firewall Types... 2 Packet

More information

Safeguards Against Denial of Service Attacks for IP Phones

Safeguards Against Denial of Service Attacks for IP Phones W H I T E P A P E R Denial of Service (DoS) attacks on computers and infrastructure communications systems have been reported for a number of years, but the accelerated deployment of Voice over IP (VoIP)

More information

FIREWALLS & CBAC. philip.heimer@hh.se

FIREWALLS & CBAC. philip.heimer@hh.se FIREWALLS & CBAC philip.heimer@hh.se Implementing a Firewall Personal software firewall a software that is installed on a single PC to protect only that PC All-in-one firewall can be a single device that

More information

VPN Lesson 2: VPN Implementation. Summary

VPN Lesson 2: VPN Implementation. Summary VPN Lesson 2: VPN Implementation Summary 1 Notations VPN client (ok) Firewall Router VPN firewall VPN router VPN server VPN concentrator 2 Basic Questions 1. VPN implementation options for remote users

More information

Firewalls, IDS and IPS

Firewalls, IDS and IPS Session 9 Firewalls, IDS and IPS Prepared By: Dr. Mohamed Abd-Eldayem Ref.: Corporate Computer and Network Security By: Raymond Panko Basic Firewall Operation 2. Internet Border Firewall 1. Internet (Not

More information

Measurement of the Usage of Several Secure Internet Protocols from Internet Traces

Measurement of the Usage of Several Secure Internet Protocols from Internet Traces Measurement of the Usage of Several Secure Internet Protocols from Internet Traces Yunfeng Fei, John Jones, Kyriakos Lakkas, Yuhong Zheng Abstract: In recent years many common applications have been modified

More information