Karya Anak Bangsa - beta: Firewall

Februari 04, 2010

Firewall

di 19.34 By Muhammad Fatchur Rizqon 0 bAlas
• A firewall is a system or group that runs the system security access control between a secure internal network and untrusted networks like the Internet.

• Firewall is designed to allow trusted by the data, reject the vulnerable service, preventing the internal network from outside attacks that can penetrate the firewall every time

          
Firewall System Components
• A firewall can be a PC, router, midrange, mainframe, UNIX workstation, or a combination of the above.
• Firewalls can consist of one or more functional components as follows:

            - Packet-filtering router

            - Application-level gateway (proxy)

            - Circuit-level gateway


Packet-Filtering Router
• Packet-filtering accomplished by using a router that can forward packets according to filtering rules.
• Information can be captured from the packet headers:

            - IP address source and destination

            - The port number TCP / UDP source and destination

            - Type of ICMP message

            - Information encapsulated protocol (TCP, UDP, ICMP or IP tunnel)

Application Level Gateway (Proxy)
• Application-level gateway acts as a "proxy"
• Applicatin level gateway provides a high level of control on the traffic between two networks are content specific services therein can be monitored and filtered according to the network security policy.

Circuit Level Gateway
• Circuit-level gateway handles TCP connections and does not provide additional packages such as processing or filtering.
• Circuit-level gateway can be considered as a special type of the proxy because the proxy can be configured to pass all user information already diauthentifikasi the circuit-level gateway.

Example Firewall Types
• A firewall consists of one or more elements of software that runs on one or more hosts.
• The types of firewall are as follows:

            - Packet-filtering firewall

            - Dual-homed Gateway Firewall

            - Screened host firewall

            - Screened subnet firewall

Packet-Filtering Firewall
• Consists of a router is placed between the external network and internal network security.
• Packet filtering rule defined to allow or deny traffic.

Dual-Homed Gateway Firewall
• Dual-homed host has at least two network interfaces and two IP addresses.
• IP forwarding is disabled on the firewall, as a result of traffic on the second IP interface is a mess in the firewall because there is no other way for the IP through the firewall except through a proxy or SOCKS.
• The attack is coming from an unknown service will be blocked.

Screened host firewall
• Consists of a packet-filtering routers and application-level gateway
• Host of application-level gateway, known as "bastions host"
• Router configured to forward all traffic to the bastions untrusted hosts and in the same case to the information server.

Screened subnet firewall
• Consists of two packet filtering routers and a host bastions
• Provide a high level of security than other types of firewalls
• Creating a DMZ (Demilitarized Zone) between the internal and external networks, so that the outer router only permits access from hosts outside the bastions to the information servers and routers within only allow access from internal network to the host bastions
Posted under :

0 bAlas:

Posting Komentar

Langganan: Posting Komentar (Atom)