منتدى قسم تكنولوجيا المعلومات في مدرسة الدوحة الثانوية المستقلة للبنين
علمت أن رزقي لن يأخذه غيري فاطمأن قلبي

قم وذق طعم الصلاة في دجى الليل الطويل

قم وجاهد في الحياة ان مثوانا قليل

منتدى قسم تكنولوجيا المعلومات في مدرسة الدوحة الثانوية المستقلة للبنين

من أفضل مدارس قطر
 
الرئيسيةمكتبة الصوربحـثالتسجيلدخولاليومية
قال الامام احمد بن حنبل: إن لنا إخوان لانراهم إلا مره كل سنه , نحن اوثق بمودتهم ممن نراهم كل يوم .أسعد الله قلوبا طاهره إن وصلناها شكرت وإن قصرنا عذرت
من العظماء من يشعر المرء فى حضرته أنه صغير ولكن العظيم بحق هو من يشعر الجميع في حضرته بأنهم عظماء
كم في المقابر من يحسدونك على هذه الأيام والليالي التي تعيشها يتمنون لو تسبيحة أو استغفار ينفعهم عند ربهم أو سجدة تنير قبورهم أو صدقة تظلهم بين يدي الملك الجبار .. فقط تذكر .. ولا تضيع الفرصة التي بين يديك

شاطر | 
 

 Firewalls Part "1"

اذهب الى الأسفل 
كاتب الموضوعرسالة
ghostpc



Posts : 85
أهمية العضو : 0
Join date : 18/11/2008

مُساهمةموضوع: Firewalls Part "1"   الثلاثاء نوفمبر 25, 2008 2:51 pm

Firewalls


Introduction:

Firewalls are a key part of keeping networked computers safe and secure. All computers deserve the protection of a firewall, whether it’s the thousands of servers and desktops that compose the network of a Fortune 500 company, a traveling salesperson’s laptop connecting to the wireless network of a coffee shop, or your grandmother’s new PC with a dial-up connection to the Internet.
This article covers the design, deployment, and use of both network and host-based firewalls (also called personal firewalls). Although home users have traditionally used only host-based firewalls, recent trends in security exploits highlight the importance of using both types of firewalls together. Traditional firewall architectures protect only the perimeter of a network. However, once an attacker penetrates that perimeter, internal systems are completely unprotected. Hybrid worms, in particular, have penetrated corporate networks through email systems, and then have spread quickly to unprotected internal systems. Applying host-based firewalls to all systems, including those behind the corporate firewall, should now be standard practice

Definitions :

• A firewall is a structure intended to keep a fire from spreading. Building have firewalls made of brick walls completely dividing sections of the building. In a car a firewall is the metal wall separating the engine and passenger compartments.

• firewall is to home users. If techno stuff is totally mysterious to you, brace yourself for a little bit of strange new terminology. I've tried to define terms and to use as much plain English as possible, in hopes you'll find it comprehensible. I invite anyone who can, to point out errors of fact or important omissions.)


• A firewall is a system or group of systems that enforces an access control policy between two networks. The actual means by which this is accomplished varies widely, but in principle, the firewall can be thought of as a pair of mechanisms: one which exists to block traffic, and the other which exists to permit traffic. Some firewalls place a greater emphasis on blocking traffic, while others emphasize permitting traffic. Probably the most important thing to recognize about a firewall is that it implements an access control policy. If you don't have a good idea of what kind of access you want to allow or to deny, a firewall really won't help you. It's also important to recognize that the firewall's configuration, because it is a mechanism for enforcing policy, imposes its policy on everything behind it. Administrators for firewalls managing the connectivity for a large number of hosts therefore have a heavy responsibility


The Development of Firewalls :

Firewalls, like most Internet technology, is constantly developing. The writers of the Internet Firewalls FAQ feel that future firewalls will lie somewhere between network level firewalls (which make very simple decisions based on header information, such as a packet filtering router) and application level firewalls (which generally run proxy servers, such as the dual-homed gateway). Network level firewalls will likely become increasingly more sophisticated, and more "aware" of the information going through them. On the other hand, application level firewalls will become increasingly "low-level" and transparent to the user - the end result being a fast, packet-screening system which provides logging facilities and audits data as it passes through.

1- Stateful Firewalls:

An existing version of this combination of a packet filter and proxy server is the stateful firewall system. These firewalls actually understand the protocols which pass through them, so they can securely allow or block traffic as well as authenticating the use of services .

2- Rainwall :

Another developing form of firewall is a fully distributed high-availability clustering solution for gateways and firewalls. The first commercially available implementation is Rainwall, by RAINfinity . Rainwall allows for automatic dynamic load-balancing, multiple Internet connections per cluster, and is scalable to any number of gateways.

3- Virtual Private Networks (VPN's) :

Not only are firewalls developing - so are potential uses for them. Stateful firewalls, in particular [9], allow users to set up virtual private networks over the Internet. Firewalls then incorporate encryption, allowing organisations with multiple points of Internet connectivity to use the Internet as a private backbone for their network . VPN software, together with encryption software, would normally be installed on the firewall . To simulate a normal corporate network using a VPN, the firewall can be set up to only accept traffic to or from another site on the VPN, thus disallowing all Internet traffic whatsoever.

The Benefits of a Firewall :

• Protection from Vulnerable Services :

Firewalls can be configured to filter out inherently dangerous services, exposing the protected network to fewer risks. For example, a firewall could block services such as NFS from entering or leaving the protected subnet. NFS can then be used within the subnet, but is not vulnerable to exploitation from outside the protected network.

• Controlled Access to Site Systems :

Firewalls can provide the ability to control access to sites within the protected subnet. Some hosts could be sealed off from access by the outside world, while in special cases, others could be accessible, such as mail servers and information servers.

• Concentrated Security :

In a network without firewalls, each host must maintain its own security. Hosts must cooperate to maintain a uniformly high level of security. There more hosts there are, the more difficult it is to manage this cooperation. Break-ins then tend to occur because of errors in configuration, and not because of complex attacks. In addition, costs become higher as security software must be installed on each host. Firewalls provide a single point at which security needs to be maintained.

• Enhanced Privacy :

Seemingly innocuous information may actually be useful to an attacker. For example, by using finger, an attacker could gain information about users, such as their last login time and whether they have unread mail. This can indicate whether the system has active users connected, and whether the system could be attacked without drawing attention. Firewalls can block these types of services, including possibly useful DNS information.

• Logging and Statistics :

As all Internet access passes through a firewall, the firewall can log accesses and calculate statistics about network usage. In addition, it can log information on possible probes and attacks, even if they were unsuccessful. A firewall may even be able to provide a tracing facility, in order to determine where the attack or probe originated (or claims to have originated).

• Policy Enforcement :

A firewall provides a means of implementing a security policy. (In fact, a firewall is practically useless without a strong corporate security policy.) By using a firewall to implement a network access policy, the necessity of having to rely on user cooperation and responsibility is avoided.

• Reduced Number of IP Addresses :

By forcing all traffic between the protected network and the outside world to pass through the firewall, only the host on which the firewall resides actually requires an externally valid IP address. Sites within the protected subnet will only be contacted by other sites within the subnet or the firewall, and thus only need an internal address.
الرجوع الى أعلى الصفحة اذهب الى الأسفل
معاينة صفحة البيانات الشخصي للعضو
A.Tamimi
Admin
avatar

Posts : 1593
أهمية العضو : 16
Join date : 13/11/2008
Age : 32
Location : Jordan

مُساهمةموضوع: رد: Firewalls Part "1"   الجمعة ديسمبر 05, 2008 2:33 pm

الرجوع الى أعلى الصفحة اذهب الى الأسفل
معاينة صفحة البيانات الشخصي للعضو http://falcons.aforumfree.com
M.ALS3OD

avatar

Posts : 854
أهمية العضو : 0
Join date : 13/09/2009
Age : 24
Location : AMMAN

مُساهمةموضوع: رد: Firewalls Part "1"   السبت سبتمبر 19, 2009 7:34 pm

يـــعـــطـــيـــك الـــعـــافـــيـــة

_________________
فــي تــوقــيــع بــس ......
الرجوع الى أعلى الصفحة اذهب الى الأسفل
معاينة صفحة البيانات الشخصي للعضو
 
Firewalls Part "1"
الرجوع الى أعلى الصفحة 
صفحة 1 من اصل 1
 مواضيع مماثلة
-
» حروب الرسول "ص"
» الأنبا "مرقس": بعد صلاة الجمعة حاول بعض المسلمين احتلال أرض كنيسة الأنبا "إبرام" بـ"ميت نما"
» التعريف بالولي الصالح سيد الحاج بحوص""2""
» الصرخة العظمة "1"
» مضيف الامام الرضا "ع"

صلاحيات هذا المنتدى:لاتستطيع الرد على المواضيع في هذا المنتدى
منتدى قسم تكنولوجيا المعلومات في مدرسة الدوحة الثانوية المستقلة للبنين :: ----§§§§ المنتديات التقنية والبرمجية §§§§---- :: قسم نظم التشغيل واللينكس-
انتقل الى: