Firewalls Part "1"

Posts : 85 أهمية العضو : 0 Join date : 18/11/2008

Firewalls

Introduction:

Firewalls are a key part of keeping networked computers safe and secure. All computers deserve the protection of a firewall, whether it’s the thousands of servers and desktops that compose the network of a Fortune 500 company, a traveling salesperson’s laptop connecting to the wireless network of a coffee shop, or your grandmother’s new PC with a dial-up connection to the Internet.
This article covers the design, deployment, and use of both network and host-based firewalls (also called personal firewalls). Although home users have traditionally used only host-based firewalls, recent trends in security exploits highlight the importance of using both types of firewalls together. Traditional firewall architectures protect only the perimeter of a network. However, once an attacker penetrates that perimeter, internal systems are completely unprotected. Hybrid worms, in particular, have penetrated corporate networks through email systems, and then have spread quickly to unprotected internal systems. Applying host-based firewalls to all systems, including those behind the corporate firewall, should now be standard practice

Definitions :

• A firewall is a structure intended to keep a fire from spreading. Building have firewalls made of brick walls completely dividing sections of the building. In a car a firewall is the metal wall separating the engine and passenger compartments.

• firewall is to home users. If techno stuff is totally mysterious to you, brace yourself for a little bit of strange new terminology. I've tried to define terms and to use as much plain English as possible, in hopes you'll find it comprehensible. I invite anyone who can, to point out errors of fact or important omissions.)

• A firewall is a system or group of systems that enforces an access control policy between two networks. The actual means by which this is accomplished varies widely, but in principle, the firewall can be thought of as a pair of mechanisms: one which exists to block traffic, and the other which exists to permit traffic. Some firewalls place a greater emphasis on blocking traffic, while others emphasize permitting traffic. Probably the most important thing to recognize about a firewall is that it implements an access control policy. If you don't have a good idea of what kind of access you want to allow or to deny, a firewall really won't help you. It's also important to recognize that the firewall's configuration, because it is a mechanism for enforcing policy, imposes its policy on everything behind it. Administrators for firewalls managing the connectivity for a large number of hosts therefore have a heavy responsibility

The Development of Firewalls :

Firewalls, like most Internet technology, is constantly developing. The writers of the Internet Firewalls FAQ feel that future firewalls will lie somewhere between network level firewalls (which make very simple decisions based on header information, such as a packet filtering router) and application level firewalls (which generally run proxy servers, such as the dual-homed gateway). Network level firewalls will likely become increasingly more sophisticated, and more "aware" of the information going through them. On the other hand, application level firewalls will become increasingly "low-level" and transparent to the user - the end result being a fast, packet-screening system which provides logging facilities and audits data as it passes through.

1- Stateful Firewalls:

An existing version of this combination of a packet filter and proxy server is the stateful firewall system. These firewalls actually understand the protocols which pass through them, so they can securely allow or block traffic as well as authenticating the use of services .

2- Rainwall :

Another developing form of firewall is a fully distributed high-availability clustering solution for gateways and firewalls. The first commercially available implementation is Rainwall, by RAINfinity . Rainwall allows for automatic dynamic load-balancing, multiple Internet connections per cluster, and is scalable to any number of gateways.

3- Virtual Private Networks (VPN's) :

Not only are firewalls developing - so are potential uses for them. Stateful firewalls, in particular [9], allow users to set up virtual private networks over the Internet. Firewalls then incorporate encryption, allowing organisations with multiple points of Internet connectivity to use the Internet as a private backbone for their network . VPN software, together with encryption software, would normally be installed on the firewall . To simulate a normal corporate network using a VPN, the firewall can be set up to only accept traffic to or from another site on the VPN, thus disallowing all Internet traffic whatsoever.

The Benefits of a Firewall :

• Protection from Vulnerable Services :

Firewalls can be configured to filter out inherently dangerous services, exposing the protected network to fewer risks. For example, a firewall could block services such as NFS from entering or leaving the protected subnet. NFS can then be used within the subnet, but is not vulnerable to exploitation from outside the protected network.

• Controlled Access to Site Systems :

Firewalls can provide the ability to control access to sites within the protected subnet. Some hosts could be sealed off from access by the outside world, while in special cases, others could be accessible, such as mail servers and information servers.

• Concentrated Security :

In a network without firewalls, each host must maintain its own security. Hosts must cooperate to maintain a uniformly high level of security. There more hosts there are, the more difficult it is to manage this cooperation. Break-ins then tend to occur because of errors in configuration, and not because of complex attacks. In addition, costs become higher as security software must be installed on each host. Firewalls provide a single point at which security needs to be maintained.

• Enhanced Privacy :

Seemingly innocuous information may actually be useful to an attacker. For example, by using finger, an attacker could gain information about users, such as their last login time and whether they have unread mail. This can indicate whether the system has active users connected, and whether the system could be attacked without drawing attention. Firewalls can block these types of services, including possibly useful DNS information.

• Logging and Statistics :

As all Internet access passes through a firewall, the firewall can log accesses and calculate statistics about network usage. In addition, it can log information on possible probes and attacks, even if they were unsuccessful. A firewall may even be able to provide a tracing facility, in order to determine where the attack or probe originated (or claims to have originated).

• Policy Enforcement :

A firewall provides a means of implementing a security policy. (In fact, a firewall is practically useless without a strong corporate security policy.) By using a firewall to implement a network access policy, the necessity of having to rely on user cooperation and responsibility is avoided.

• Reduced Number of IP Addresses :

By forcing all traffic between the protected network and the outside world to pass through the firewall, only the host on which the firewall resides actually requires an externally valid IP address. Sites within the protected subnet will only be contacted by other sites within the subnet or the firewall, and thus only need an internal address.

موضوع: رد: Firewalls Part "1" الجمعة ديسمبر 05, 2008 2:33 pm

موضوع: رد: Firewalls Part "1" السبت سبتمبر 19, 2009 7:34 pm

يـــعـــطـــيـــك الـــعـــافـــيـــة

» Firewalls Part (2)
» Firewalls Part (3)
» Firewalls Part (4)
» "هاكرز" يسرقون بيانات حساسة حول أحدث مقاتلة أمريكية
» "هاكر" يخترق موقع تويتر ويُعَرِّض أدق أسراره للخطر