gr5 firewall secc

8/3/2019 GR5 Firewall SecC

1/6

The Tech Panorama on

FirewallSubmitted by:

Group 5 Section C

Joel Dias 2011154

Komal Laddha 2011156

Nikhil Mahajan 2011161

Pankaj Kumar Jha 2011162

Pushkar Kshirsagar 2011164

Praveen Sharma 2011165


2/6

Firewall

There are various ways to access the computers apart from normal physical access. Some of

them are ethical while some of them are used for unethical purposes. Few of the ways are

discussed below:

1. Remote login- Remote login is the ability to get access to a computer or a network froma remote distance. In corporations, people at branch offices, telecommuters, and people

who are travelling may need access to the corporation's network. A remote access

server is the computer and associated software that is set up to handle users seekingaccess to network remotely.

2. Denial of service- Denial of service is an attempt to make a computer or networkresource unavailable to its intended users. It generally consists of the concerted efforts

of a person, or multiple people to prevent a network or service from functioning

efficiently or at all, temporarily or indefinitely.

3. E-mail bombs- email bomb is a malicious act where huge numbers ofe-mails aredirected to a specific system or a targeted user of that system. Mail bombs will usually

fill the allotted space on an e-mail server for the users e-mail and can result in crashing

the e-mail server

4.

Viruses-viruses are specially designed programs aimed at gaining access or crashingcomputer applications.

Three of the above mentioned four ways of accessing computers are intended for unethical use.

This underlines the need of an application or hardware which can control the traffic on the

network. Firewall helps the users to achieve this.

Why firewall?In this era of internet wherein 1846936890 people have direct access to internet, it is

impossible to physically isolate people from accessing network. So there is always a risk of theft

of critical internal data. Firewall helps organizations prevent unauthorized access to their

intranet thereby preventing misuse and alteration of the data.

What is firewall?The name firewall, originates from construction industry. A firewall is a fireproof barrier used

to prevent the spread of fire between or through buildings, structures, electrical substation

transformers, or within an aircraft or vehicle. In computer language, a firewall is software or

hardware designed to permit or deny network transmissions based upon a set of rules and is

frequently used to protect networks from unauthorized access while permitting legitimate

communications to pass.
http://www.webopedia.com/TERM/E/e_mail.htmlhttp://www.webopedia.com/TERM/E/e_mail_server.htmlhttp://www.webopedia.com/TERM/E/e_mail_server.htmlhttp://www.webopedia.com/TERM/E/e_mail.html


3/6

Ways of implementing firewall policy1. Default permit- In this policy, anything which is not explicitly forbidden is permitted.

The level is security in this policy is less to enhance functionality.

2. Default deny-In this policy, anything which is not explicitly permitted is forbidden. Ahigh level of security is achieved with this policy.

Classification of firewall:Based on the complexity and usefulness, Firewall is basically divided into four types:

1. Packet Filtering: These are first generation of firewall worked at network level by

inspecting packet headers and filtering traffic based on the Ip address of source and

destination, the port and the service. They are fast and today they can be found in many

hardware devices like routers and switches. These firewalls however dont support

sophisticated rule based models and cant understand languages like HTML and XML.

2. Circuit Gateway: These applications, which represent the second-generation of firewall

technology, monitor TCP handshaking between packets to make sure a session is

legitimate. Traffic is filtered based on specified session rules and may be restricted to

recognized computers only. Circuit-level firewalls hide the network itself from the

outside, which is useful for denying access to intruders. But they don't filter individual

packets.

3. Application Gateway: They are also called Proxies and have been looking more deeply

into the application data going through their filters. They are most secure form of

firewall but are bit costly.

With the combination of good features of all the above categories of firewall, Dynamic

Firewall Feature is formed.

Firewall Utilities

When choosing your firewall it is important to pay attention to what features they offer you asthese features can make a large difference in how your computer is protected. In terms of

security the most important features are inbound and outbound filtering, application

protection, notifications, stealth mode. These features and others will be discussed below:

1. Inbound and Outbound FilteringFiltering is when a firewall examines information passing through it and determines if

that information is allowed to be transmitted and received or should be discarded based

on rules or filters that have been created. This function is the primary function of a

firewall and how it handles these tasks if very important for your security.


4/6

Most people feel inbound filtering, which is the processing of inbound data towards your

computer, is the most important function of a firewall. Outbound filtering, though, plays

just as an important role for securing your computer.

You may have had malware installed on your computer without your knowledge, and

suddenly when you install a firewall with outbound filtering, you will find that software

on your computer is attempting to transmit data to a remote host somewhere on the

Internet. Now, not only do you know that this software is installed, but the outbound

filtering stopped it from passing on private information.

Example of a Firewall allowing a remote computer access to a computer behind a

firewall2. Stealth Mode

It is important for your firewall to not only block requests to reach your computer, but to

also make it appear as if your computer does not even exist on the Internet. When you

are connected to the Internet and your computer can be not be detected via probes to

your computer, you are in what is called Stealth mode. Hackers have the ability to detect

if you are on the Internet by probing your machine with special data and examining the

results. When you are in Stealth mode the firewall does not send this information back

making it seem like you are not even connected. Due to this hackers will not continue

targeting your computer as they will think you are not online.

3. Privacy protectionMany firewalls now have the ability to block spyware, hijackers, and adware from

reaching your computer. This allows you to protect your computer from being infected

with software that is known to reveal private information about what you do on the

Internet or other computing habits. These features are usually bundled into the

commercial versions of the firewall software packages.

4. Application IntegrityApplication Integrity is when the firewall monitors the files on your computer for

modification in the file or how they are launched. When it detects such a change it will

notify the user of this and not allow that application to run or transmit data to the


5/6

Internet. Many times these modifications may have been part of an upgrade, but if it was

modified by a malicious program you will now be made aware of it.

5. Intrusion detectionIntruders use various methods to penetrate the security of your computer. Intrusion

detection scans incoming data for signatures of known methods and notifies you when

such attacks are recognized. This allows you to see what means a hacker is trying to use

to hack your computer.

6. NotificationsNotifications allow you to see the activity of what is happening on your firewall and for

the firewall to notify you in various ways about possible penetration attempts on your

computer.

Deploying firewall policyDeploying a firewall is often a costly affair. In a business scenario, we need to analyse it

from different perspectives before we actually go about implementing it. Firstly, we need to

decide the level of access granted to different users i.e. who gets to do what over the

network. Secondly, the kind of pages or sites one is allowed to browse over the network

also needs to be analysed, else it may lead to serious security threats. Next is the role of

firewall administrator. The role of firewall administrator becomes all the more important

because he is the one who has to look after all the day to day maintenance activities. If this

responsibility is not assigned to a responsible and skilled person, the security of an

organisation may be jeopardised. Fourthly, the technology changes at a rapid pace.

Therefore, an organization cannot afford to be complacent. The firewall system must allow

privileges to adapt to the ever growing security demands of an organisation. Last but more

importantly, several non-technical issues play a vital role in the deployment of firewall.

Some people may like to have greater access and user friendliness which is often restricted

because of a firewall, whereas few others would prefer security over user friendliness. In

such dicey situations, the pros and cons should be analysed thoroughly and a strategy

should be devised to meet the long term goals of the business.

Business Advantages of Firewall:1. Enhanced business continuity- business continuity is improved by preventing

malware infections and security breaches from disrupting business critical applications

and services.2. Cost Savings- decreased need of removing spyware, viruses and other malwares

reduces the cost.

3. Enhanced employee productivity- due to reduced spams, spyware and relateddistractions employees are less disturbed and are able to concentrate on the work

better. This enhances employee productivity.

4. Efficient use of network resources- non-business traffic and content is under control.Firewall requires inside/outside users to connect first to firewall before connecting to

application thereby filtering the protocol. So, the network is used efficiently.


6/6

Limitations of firewallFirewalls are not the be all and end all of network security. They do have some

disadvantages, such as:

1. They are a central point for attack, and if an intruder breaks through the firewall theymay have unlimited access to the corporate network. They may restrict legitimate usersfrom accessing valuable services, for example, corporate users may not be let out onto

the Web, or when working away from home a corporate user may not have full access to

the organizations network. They do not protect against back door attacks, and may

encourage users to enter and leave via the backdoor, particularly if the service

restrictions are severe enough. Examples of backdoor entrance points to the corporate

network are: modems, and importing/exporting floppy discs. The security policy needs

to cover these aspects as well.

2. They can be a bottleneck to throughput, since all connections must go via the firewallsystem. Firewall systems on their own cannot protect the network against smuggling i.e.

the importation or exportation of banned material through the firewall e.g. gamesprograms as attachments to Email messages.

3. Smuggling could still be a significant source of virus infection if users downloadsoftware from external bulletin boards etc. This is an area that the security policy needs

to address.

4. The biggest disadvantage of a firewall is that it gives no protection against the insideattacker. Since most corporate computer crime is perpetrated by internal users, a

firewall offers little protection against this threat.

gr5 firewall secc

Documents