SlideShare une entreprise Scribd logo

Firewall

Télécharger en tant que PPTX, PDF
Shivank Shah
Shivank Shah
Technologie
1  sur  26
By: Siddhant Shetty(1115101 B2) & Shivank Shah(1115100 B2)
 The term firewall was in use by Lightoler as early as [1764] to describe walls which separated the parts of a building most likely to have a fire (e.g., a kitchen)from the rest of a structure. These physical barriers prevented or slowed a fire's spread throughout a building, saving both lives and property.  A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or computer system.
 IP addresses - Each machine on the Internet is assigned a unique address called an IP address. IP addresses are 32-bit numbers, normally expressed as four "octets" in a "dotted decimal number." A typical IP address looks like this: 216.27.61.137  Domain names - Because it is hard to remember the string of numbers that make up an IP address, and because IP addresses sometimes need to change, all servers on the Internet also have human-readable names, called domain names A company might block all access to certain domain names, or allow access only to specific domain names.  Ports - Any server machine makes its services available to the Internet using numbered ports, one for each service that is available on the server .For example, if a server machine is running a Web (HTTP) server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. A company might block port 21 access on all machines but one inside the company.  Packet : On the Internet, the network breaks an e-mail message into parts of a certain size in bytes. These are the packets. Each packet carries the information that will help it get to its destination -- the sender's IP address, the intended receiver's IP address, something that tells the network how many packets this e-mail message has been broken into and the number of this particular packet. The packets carry the data in the protocols that the Internet uses: Transmission Control Protocol/Internet Protocol (TCP/IP). Each packet contains part of the body of your message. A typical packet contains perhaps 1,000 or 1,500 bytes.
 Protocols - The protocol is the pre-defined way that someone who wants to use a service talks with that service. The "someone" could be a person, but more often it is a computer program like a Web browser. Protocols are often text, and simply describe how the client and server will have their conversation. The http in the Web's protocol. Some common protocols that you can set firewall filters for include:  IP (Internet Protocol) - the main delivery system for information over the Internet  TCP (Transmission Control Protocol) - used to break apart and rebuild information that travels over the Internet  HTTP (Hyper Text Transfer Protocol) - used for Web pages  FTP (File Transfer Protocol) - used to download and upload files  UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video  ICMP (Internet Control Message Protocol) - used by a router to exchange the information with other routers  SMTP (Simple Mail Transport Protocol) - used to send text-based information (e- mail)  SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer  Telnet - used to perform commands on a remote computer
 The OSI Reference Model is a set of seven layers that define the different stages that data must go through to travel from one device to another over a network.  A protocol stack is a group of protocols that all work together to allow software or hardware to perform a function. The TCP/IP protocol stack is a good example. It uses four layers that map to the OSI model as follows:
 Firewalls use one of the following methods to control traffic flowing in and out of the network:  Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.  Packet filters use one or more of the following pieces of information to make their decision on whether or not to forward the packet [Reed 2002a]:  source address  destination address  whether the packet is inbound or outbound
 Advantages of Packet Filtering :  Packet filtering is "free." If you already have a router, it probably supports packet filtering. On a small LAN a single router can be sufficient for use as a packet filter.  Theoretically, you only need one, at the point where your LAN connects to the Internet or an external network. This provides a "choke point" for the network.  You don't have to train users or use any special client or server programs to implement packet filters. The screening router or packet filtering host transparently does all the work to the clients in your network.
Disadvantages of Packet Filtering Firewall :  Difficulty of setting up packet filtering rules  Another drawback of packet filtering is that it cannot determine which user is causing which network traffic. It can inspect the IP address of the host where the traffic originates, but a host is not the same as a user. If an organization with a packet- filtering firewall is trying to limit the services some users can access, it must either implement an additional, separate protocol for authentication or use the IP address of the user's primary machine as a weak replacement for true user authentication.  Also, because IP addresses can be spoofed, using them for authentication can lead to other problems.
 A stateful firewall is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it.  The firewall is programmed to distinguish legitimate packets for different types of connections.  Only packets matching a known active connection will be allowed by the firewall; others will be rejected  Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics.  If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.
 Advantages of stateful inspection :  More secure .  No need to write long and insecure filtering rules.  Mechanism is faster.  Disadvantages of stateful inspection :  Cache table overflow: If a firewall of a very large or busy network with less memory has filled its memory with cache ,it will start evicting cache entries and the connections will drop.  Time out too short :If the user has been inactive for a long time ,the cache entry is evicted and the connection is lost.
 Developed by Cisco, Network Address Translation is used by a device (firewall, router or computer) that sits between an internal network and the rest of the world.  Implementing dynamic NAT automatically creates a firewall between your internal network and outside networks, or between your internal network and the Internet.  A computer on an external network cannot connect to your computer unless your computer has initiated the contact. You can browse the Internet and connect to a site, and even download a file; but somebody else cannot latch onto your IP address and use it to connect to a port on your computer.
 Circuit level gateways work at the session layer of the OSI model, or the TCP layer of TCP/IP.  They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks.  Circuit level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect.  On the other hand, they do not filter individual packets.
 Application level gateways, also called proxies, are similar to circuit-level gateways except that they are application specific. They can filter packets at the application layer of the OSI model.  Incoming or outgoing packets cannot access services for which there is no proxy. In plain terms ,an application level gateway that is configured to be a web proxy will not allow any ftp, other traffic through. Because they examine packets at application layer, they can filter application specific commands such as http:post and get, etc.  They offer a high level of security, but have a significant impact on network performance. This is because of context switches that slow down network access dramatically.  They are not transparent to end users and require manual configuration of each client computer.
Great Firewall of China
 The Golden Shield Project is a censorship and surveillance  project operated by the Ministry of Public Security(MPS) division of the government of China. The project was initiated in 1998 and began operations in November 2003.  It has been nicknamed "the Great Firewall" in reference to its role as a network firewall and to the ancient Great Wall of China.  A major part of the project includes the ability to block content by preventing IP addresses from being routed through and consists of standard firewalls and proxy servers.
 Web sites belonging to "outlawed" or suppressed groups, such as pro-democracy activists.  News sources that often cover topics that are considered defamatory against China, such as police brutality, freedom of speech, democracy, and Marxist sites. These sites include Voice of America and the Chinese edition of BBC News.  Most blogging sites like Twitter experience frequent or permanent outages.
 Web sites that contain anything the Chinese authorities regard as obscenity or pornography.  Web sites relating to criminal activity.  Sites linked with the Dalai Lama, his teachings or the International Tibet Independence Movement.  Social networking sites like Facebook are also blocked.
 The English-language BBC website (but not the Chinese language website).  YouTube, although it has been subsequently re-blocked.  Wikipedia (wikipedia.org), HTTPS version is not blocked. However, if one uses HTTP, many wikis are blocked.  Social websites and free web hosting websites. However, these have also been re-blocked.  Some foreign news websites.  Dropbox has been unblocked, although the reason for this is still unclear
 Despite strict government regulations, the Chinese people are continuing to protest against their government’s attempt to censor the Internet.  They can also utilize the widely available proxies and virtual private networks to fanqiang, or "climb the wall.”  In January 2010,Google announced that it will no longer censor its Web search results in China, even if this means it might have to shut down its Chinese operations altogether which ultimately led to the blocking of all google search sites.
 Denial of service: In feb 2000 many websites such as Yahoo,Amazon,CNN etc were attacked and were shut down for hours .Yahoo lost a million $ /minute  Viruses: Malicious program inserted in an executable file .When executed spreads and infects other files.The effects include inability to boot,deletion of file,inability to create file etc .  Trojan Horse: Creates backdoor which gives the hacker access to private and confidential information. Eg: black orifice,freelink,back door g etc.  Worm: On May 4,2000 a fast moving computer worm called “lovebug” spread by email to millions of computers and deleted every .jpeg and .mp3 file on computer.  Macro Virus:Infects word or excel documents and is spread by email attachment.  Remote login by Hackers.  E-mail bomb
 Provide ◦ configurable packet filtering ◦ NAT/DHCP Eg :  Linksys – single board RISC based linux computer  D-Link
 http://scan.sygatetech.com/  http://www.csnc.ch/onlinetests/  http://grc.com/  http://hackerwhacker.com/
 A firewall cannot prevent users or attackers with modems from dialing in to or out of the internal network, thus bypassing the firewall and its protection completely.  Firewalls cannot stop internal users from accessing websites with malicious code, making user education critical.  Firewalls cannot protect you when your security policy is too lax.  Email viruses :  Email viruses are attached to email messages. A firewall can't determine the contents of email messages, so it can't protect you from these types of viruses. You should use an antivirus program to scan and delete suspicious attachments from an email message before you open it. Even when you have an antivirus program, you should not open an email attachment if you're not positive it's safe.  Phishing scams :  Phishing is a technique used to trick computer users into revealing personal or financial information, such as a bank account password. A common online phishing scam starts with an email message that appears to come from a trusted source, but actually directs recipients to provide information to a fraudulent website. Firewalls can't determine the contents of email messages, so they can't protect you from this type of attack.
 Discuss the role of firewall ? Explain in detail firewall components and list the benefits of an internet firewall (10 mks)
 www.howstuffworks.com  www.wikipedia.org  P.T joseph  www.youtube.com  www.campuskeeda.com  www.antionline.com  www.microsoft.com/security/pc-security/firewalls-whatis.aspx  www.vicomsoft.com/learning-center/firewalls/  www.cisco.com

Recommandé

Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's TypesHem Pokhrel
 
multilevel security Database
multilevel security Database multilevel security Database
multilevel security DatabaseVrundaBhavsar
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric CryptographyUTD Computer Security Group
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
IP Security
IP SecurityIP Security
IP SecurityKeshab Nath
 

Recommandé

Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's TypesHem Pokhrel
 
multilevel security Database
multilevel security Database multilevel security Database
multilevel security DatabaseVrundaBhavsar
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric CryptographyUTD Computer Security Group
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
IP Security
IP SecurityIP Security
IP SecurityKeshab Nath
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
TCP Vs UDP
TCP Vs UDP TCP Vs UDP
TCP Vs UDP Ahmed Elnaggar
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its typesMohammed Maajidh
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake Alok Tripathi
 
Introduction to TCP/IP
Introduction to TCP/IPIntroduction to TCP/IP
Introduction to TCP/IPMichael Lamont
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Design issues of dos
Design issues of dosDesign issues of dos
Design issues of dosvanamali_vanu
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocolasimnawaz54
 
Features of mobile ip
Features of mobile ipFeatures of mobile ip
Features of mobile ippriya Nithya
 
Congestion control
Congestion controlCongestion control
Congestion controlAman Jaiswal
 
Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Securityiberrywifisecurity
 
switching techniques in data communication and networking
switching techniques in data communication and networkingswitching techniques in data communication and networking
switching techniques in data communication and networkingHarshita Yadav
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Principle source of optimazation
Principle source of optimazationPrinciple source of optimazation
Principle source of optimazationSiva Sathya
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
SSL & TLS Architecture short
SSL & TLS Architecture shortSSL & TLS Architecture short
SSL & TLS Architecture shortAvirot Mitamura
 
Network address translation
Network address translationNetwork address translation
Network address translationVarsha Honde
 
Firewall
FirewallFirewall
FirewallApo
 
Firewall
FirewallFirewall
Firewallsyeda zoya mehdi
 

Contenu connexe

Tendances

CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake Alok Tripathi
 
Introduction to TCP/IP
Introduction to TCP/IPIntroduction to TCP/IP
Introduction to TCP/IPMichael Lamont
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Design issues of dos
Design issues of dosDesign issues of dos
Design issues of dosvanamali_vanu
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocolasimnawaz54
 
Features of mobile ip
Features of mobile ipFeatures of mobile ip
Features of mobile ippriya Nithya
 
Congestion control
Congestion controlCongestion control
Congestion controlAman Jaiswal
 
switching techniques in data communication and networking
switching techniques in data communication and networkingswitching techniques in data communication and networking
switching techniques in data communication and networkingHarshita Yadav
 
Principle source of optimazation
Principle source of optimazationPrinciple source of optimazation
Principle source of optimazationSiva Sathya
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
SSL & TLS Architecture short
SSL & TLS Architecture shortSSL & TLS Architecture short
SSL & TLS Architecture shortAvirot Mitamura
 
Network address translation
Network address translationNetwork address translation
Network address translationVarsha Honde
 

Tendances (20)

CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
TCP Vs UDP
TCP Vs UDP TCP Vs UDP
TCP Vs UDP
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
 
block ciphers
block ciphersblock ciphers
block ciphers
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake
 
Introduction to TCP/IP
Introduction to TCP/IPIntroduction to TCP/IP
Introduction to TCP/IP
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Design issues of dos
Design issues of dosDesign issues of dos
Design issues of dos
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocol
 
Features of mobile ip
Features of mobile ipFeatures of mobile ip
Features of mobile ip
 
Congestion control
Congestion controlCongestion control
Congestion control
 
Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Security
 
switching techniques in data communication and networking
switching techniques in data communication and networkingswitching techniques in data communication and networking
switching techniques in data communication and networking
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architecture
 
Principle source of optimazation
Principle source of optimazationPrinciple source of optimazation
Principle source of optimazation
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
FIREWALL
FIREWALL FIREWALL
FIREWALL
 
SSL & TLS Architecture short
SSL & TLS Architecture shortSSL & TLS Architecture short
SSL & TLS Architecture short
 
Network address translation
Network address translationNetwork address translation
Network address translation
 

En vedette

Firewall
FirewallFirewall
FirewallApo
 
China Online Media and the Great Firewall
China Online Media and the Great FirewallChina Online Media and the Great Firewall
China Online Media and the Great FirewallAndrea Hunt
 
Social Media: Hype, Hell or Hope
Social Media: Hype, Hell or HopeSocial Media: Hype, Hell or Hope
Social Media: Hype, Hell or HopeRick Mans
 
China - Human Rights Revision
China - Human Rights RevisionChina - Human Rights Revision
China - Human Rights Revisionknoxmodernstudies
 
6 trends of China social media and consumer insights
6 trends of China social media and consumer insights 6 trends of China social media and consumer insights
6 trends of China social media and consumer insights Vincent lee
 
Navigating the Social Media Landscape In China
Navigating the Social Media Landscape In ChinaNavigating the Social Media Landscape In China
Navigating the Social Media Landscape In ChinaGravity Media
 
The Social Media Landscape in China
The Social Media Landscape in ChinaThe Social Media Landscape in China
The Social Media Landscape in ChinaAshley McVey
 
China, human rights and international relations 1
China, human rights and international relations 1China, human rights and international relations 1
China, human rights and international relations 1shivraj negi
 
American Meridian University Quality Tool Series: The Fish Bone
American Meridian University Quality Tool Series: The Fish Bone American Meridian University Quality Tool Series: The Fish Bone
American Meridian University Quality Tool Series: The Fish Bone College/University
 
Diclofenac rabeprazole hplc
Diclofenac rabeprazole hplcDiclofenac rabeprazole hplc
Diclofenac rabeprazole hplcDeepak Gadade
 
Tropicana's product (re)design
Tropicana's product (re)designTropicana's product (re)design
Tropicana's product (re)designbhushan8233
 
Quality Management
Quality ManagementQuality Management
Quality ManagementShivank Shah
 
Digital, Mobile, and Social Media in China (April 2011)
Digital, Mobile, and Social Media in China (April 2011)Digital, Mobile, and Social Media in China (April 2011)
Digital, Mobile, and Social Media in China (April 2011)Simon Kemp
 
Evolution Of Convergence And Voip
Evolution Of Convergence And VoipEvolution Of Convergence And Voip
Evolution Of Convergence And VoipUtkarsh Verma
 
Travelling salesman problem using genetic algorithms
Travelling salesman problem using genetic algorithms Travelling salesman problem using genetic algorithms
Travelling salesman problem using genetic algorithms Shivank Shah
 

En vedette (20)

Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
China Online Media and the Great Firewall
China Online Media and the Great FirewallChina Online Media and the Great Firewall
China Online Media and the Great Firewall
 
Social Media: Hype, Hell or Hope
Social Media: Hype, Hell or HopeSocial Media: Hype, Hell or Hope
Social Media: Hype, Hell or Hope
 
China - Human Rights Revision
China - Human Rights RevisionChina - Human Rights Revision
China - Human Rights Revision
 
6 trends of China social media and consumer insights
6 trends of China social media and consumer insights 6 trends of China social media and consumer insights
6 trends of China social media and consumer insights
 
Navigating the Social Media Landscape In China
Navigating the Social Media Landscape In ChinaNavigating the Social Media Landscape In China
Navigating the Social Media Landscape In China
 
Firewall
FirewallFirewall
Firewall
 
The Social Media Landscape in China
The Social Media Landscape in ChinaThe Social Media Landscape in China
The Social Media Landscape in China
 
China, human rights and international relations 1
China, human rights and international relations 1China, human rights and international relations 1
China, human rights and international relations 1
 
Ciw-tencent-empire
Ciw-tencent-empireCiw-tencent-empire
Ciw-tencent-empire
 
American Meridian University Quality Tool Series: The Fish Bone
American Meridian University Quality Tool Series: The Fish Bone American Meridian University Quality Tool Series: The Fish Bone
American Meridian University Quality Tool Series: The Fish Bone
 
Diclofenac rabeprazole hplc
Diclofenac rabeprazole hplcDiclofenac rabeprazole hplc
Diclofenac rabeprazole hplc
 
Tropicana's product (re)design
Tropicana's product (re)designTropicana's product (re)design
Tropicana's product (re)design
 
Quality Management
Quality ManagementQuality Management
Quality Management
 
Digital, Mobile, and Social Media in China (April 2011)
Digital, Mobile, and Social Media in China (April 2011)Digital, Mobile, and Social Media in China (April 2011)
Digital, Mobile, and Social Media in China (April 2011)
 
Evolution Of Convergence And Voip
Evolution Of Convergence And VoipEvolution Of Convergence And Voip
Evolution Of Convergence And Voip
 
Bajaj Auto
Bajaj AutoBajaj Auto
Bajaj Auto
 
Work sampling
Work samplingWork sampling
Work sampling
 
Travelling salesman problem using genetic algorithms
Travelling salesman problem using genetic algorithms Travelling salesman problem using genetic algorithms
Travelling salesman problem using genetic algorithms
 

Similaire à Firewall

Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security conceptssonuagain
 
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptxCSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptxVivekTripathi684438
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix FirewallSouvik Santra
 
Internetbasics
InternetbasicsInternetbasics
Internetbasicspatinijava
 
Computer networks - CBSE New Syllabus (083) Class - XII
Computer networks - CBSE New Syllabus (083) Class - XIIComputer networks - CBSE New Syllabus (083) Class - XII
Computer networks - CBSE New Syllabus (083) Class - XIIDeepak Singh
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet BawaPuneet Bawa
 
Network Project Report
Network Project ReportNetwork Project Report
Network Project ReportTiffany Graham
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2sweta dargad
 
Networking fundamentals
Networking fundamentalsNetworking fundamentals
Networking fundamentalsThe Avi Sharma
 
Network Security
Network SecurityNetwork Security
Network SecurityJaya sudha
 
WT - Firewall & Proxy Server
WT - Firewall & Proxy ServerWT - Firewall & Proxy Server
WT - Firewall & Proxy Servervinay arora
 
Networking-basics
Networking-basicsNetworking-basics
Networking-basicsRaj Alam
 

Similaire à Firewall (20)

Firewall configuration
Firewall configurationFirewall configuration
Firewall configuration
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security concepts
 
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptxCSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
 
Mcse question
Mcse questionMcse question
Mcse question
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix Firewall
 
Firewall
FirewallFirewall
Firewall
 
Internetbasics
InternetbasicsInternetbasics
Internetbasics
 
Computer networks - CBSE New Syllabus (083) Class - XII
Computer networks - CBSE New Syllabus (083) Class - XIIComputer networks - CBSE New Syllabus (083) Class - XII
Computer networks - CBSE New Syllabus (083) Class - XII
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
 
Network security
Network securityNetwork security
Network security
 
Network security
Network securityNetwork security
Network security
 
Network Project Report
Network Project ReportNetwork Project Report
Network Project Report
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
 
Firewall
FirewallFirewall
Firewall
 
Networking fundamentals
Networking fundamentalsNetworking fundamentals
Networking fundamentals
 
Network Security
Network SecurityNetwork Security
Network Security
 
WT - Firewall & Proxy Server
WT - Firewall & Proxy ServerWT - Firewall & Proxy Server
WT - Firewall & Proxy Server
 
Networking-basics
Networking-basicsNetworking-basics
Networking-basics
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 

Dernier

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Dernier (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Firewall

  • 1. By: Siddhant Shetty(1115101 B2) & Shivank Shah(1115100 B2)
  • 2.  The term firewall was in use by Lightoler as early as [1764] to describe walls which separated the parts of a building most likely to have a fire (e.g., a kitchen)from the rest of a structure. These physical barriers prevented or slowed a fire's spread throughout a building, saving both lives and property.  A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or computer system.
  • 3.  IP addresses - Each machine on the Internet is assigned a unique address called an IP address. IP addresses are 32-bit numbers, normally expressed as four "octets" in a "dotted decimal number." A typical IP address looks like this: 216.27.61.137  Domain names - Because it is hard to remember the string of numbers that make up an IP address, and because IP addresses sometimes need to change, all servers on the Internet also have human-readable names, called domain names A company might block all access to certain domain names, or allow access only to specific domain names.  Ports - Any server machine makes its services available to the Internet using numbered ports, one for each service that is available on the server .For example, if a server machine is running a Web (HTTP) server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. A company might block port 21 access on all machines but one inside the company.  Packet : On the Internet, the network breaks an e-mail message into parts of a certain size in bytes. These are the packets. Each packet carries the information that will help it get to its destination -- the sender's IP address, the intended receiver's IP address, something that tells the network how many packets this e-mail message has been broken into and the number of this particular packet. The packets carry the data in the protocols that the Internet uses: Transmission Control Protocol/Internet Protocol (TCP/IP). Each packet contains part of the body of your message. A typical packet contains perhaps 1,000 or 1,500 bytes.
  • 4.  Protocols - The protocol is the pre-defined way that someone who wants to use a service talks with that service. The "someone" could be a person, but more often it is a computer program like a Web browser. Protocols are often text, and simply describe how the client and server will have their conversation. The http in the Web's protocol. Some common protocols that you can set firewall filters for include:  IP (Internet Protocol) - the main delivery system for information over the Internet  TCP (Transmission Control Protocol) - used to break apart and rebuild information that travels over the Internet  HTTP (Hyper Text Transfer Protocol) - used for Web pages  FTP (File Transfer Protocol) - used to download and upload files  UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video  ICMP (Internet Control Message Protocol) - used by a router to exchange the information with other routers  SMTP (Simple Mail Transport Protocol) - used to send text-based information (e- mail)  SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer  Telnet - used to perform commands on a remote computer
  • 5.  The OSI Reference Model is a set of seven layers that define the different stages that data must go through to travel from one device to another over a network.  A protocol stack is a group of protocols that all work together to allow software or hardware to perform a function. The TCP/IP protocol stack is a good example. It uses four layers that map to the OSI model as follows:
  • 6.  Firewalls use one of the following methods to control traffic flowing in and out of the network:  Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.  Packet filters use one or more of the following pieces of information to make their decision on whether or not to forward the packet [Reed 2002a]:  source address  destination address  whether the packet is inbound or outbound
  • 7.  Advantages of Packet Filtering :  Packet filtering is "free." If you already have a router, it probably supports packet filtering. On a small LAN a single router can be sufficient for use as a packet filter.  Theoretically, you only need one, at the point where your LAN connects to the Internet or an external network. This provides a "choke point" for the network.  You don't have to train users or use any special client or server programs to implement packet filters. The screening router or packet filtering host transparently does all the work to the clients in your network.
  • 8. Disadvantages of Packet Filtering Firewall :  Difficulty of setting up packet filtering rules  Another drawback of packet filtering is that it cannot determine which user is causing which network traffic. It can inspect the IP address of the host where the traffic originates, but a host is not the same as a user. If an organization with a packet- filtering firewall is trying to limit the services some users can access, it must either implement an additional, separate protocol for authentication or use the IP address of the user's primary machine as a weak replacement for true user authentication.  Also, because IP addresses can be spoofed, using them for authentication can lead to other problems.
  • 9.  A stateful firewall is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it.  The firewall is programmed to distinguish legitimate packets for different types of connections.  Only packets matching a known active connection will be allowed by the firewall; others will be rejected  Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics.  If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.
  • 10.  Advantages of stateful inspection :  More secure .  No need to write long and insecure filtering rules.  Mechanism is faster.  Disadvantages of stateful inspection :  Cache table overflow: If a firewall of a very large or busy network with less memory has filled its memory with cache ,it will start evicting cache entries and the connections will drop.  Time out too short :If the user has been inactive for a long time ,the cache entry is evicted and the connection is lost.
  • 11.  Developed by Cisco, Network Address Translation is used by a device (firewall, router or computer) that sits between an internal network and the rest of the world.  Implementing dynamic NAT automatically creates a firewall between your internal network and outside networks, or between your internal network and the Internet.  A computer on an external network cannot connect to your computer unless your computer has initiated the contact. You can browse the Internet and connect to a site, and even download a file; but somebody else cannot latch onto your IP address and use it to connect to a port on your computer.
  • 12.  Circuit level gateways work at the session layer of the OSI model, or the TCP layer of TCP/IP.  They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks.  Circuit level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect.  On the other hand, they do not filter individual packets.
  • 13.  Application level gateways, also called proxies, are similar to circuit-level gateways except that they are application specific. They can filter packets at the application layer of the OSI model.  Incoming or outgoing packets cannot access services for which there is no proxy. In plain terms ,an application level gateway that is configured to be a web proxy will not allow any ftp, other traffic through. Because they examine packets at application layer, they can filter application specific commands such as http:post and get, etc.  They offer a high level of security, but have a significant impact on network performance. This is because of context switches that slow down network access dramatically.  They are not transparent to end users and require manual configuration of each client computer.
  • 15.  The Golden Shield Project is a censorship and surveillance  project operated by the Ministry of Public Security(MPS) division of the government of China. The project was initiated in 1998 and began operations in November 2003.  It has been nicknamed "the Great Firewall" in reference to its role as a network firewall and to the ancient Great Wall of China.  A major part of the project includes the ability to block content by preventing IP addresses from being routed through and consists of standard firewalls and proxy servers.
  • 16.  Web sites belonging to "outlawed" or suppressed groups, such as pro-democracy activists.  News sources that often cover topics that are considered defamatory against China, such as police brutality, freedom of speech, democracy, and Marxist sites. These sites include Voice of America and the Chinese edition of BBC News.  Most blogging sites like Twitter experience frequent or permanent outages.
  • 17.  Web sites that contain anything the Chinese authorities regard as obscenity or pornography.  Web sites relating to criminal activity.  Sites linked with the Dalai Lama, his teachings or the International Tibet Independence Movement.  Social networking sites like Facebook are also blocked.
  • 18.  The English-language BBC website (but not the Chinese language website).  YouTube, although it has been subsequently re-blocked.  Wikipedia (wikipedia.org), HTTPS version is not blocked. However, if one uses HTTP, many wikis are blocked.  Social websites and free web hosting websites. However, these have also been re-blocked.  Some foreign news websites.  Dropbox has been unblocked, although the reason for this is still unclear
  • 19.  Despite strict government regulations, the Chinese people are continuing to protest against their government’s attempt to censor the Internet.  They can also utilize the widely available proxies and virtual private networks to fanqiang, or "climb the wall.”  In January 2010,Google announced that it will no longer censor its Web search results in China, even if this means it might have to shut down its Chinese operations altogether which ultimately led to the blocking of all google search sites.
  • 20.  Denial of service: In feb 2000 many websites such as Yahoo,Amazon,CNN etc were attacked and were shut down for hours .Yahoo lost a million $ /minute  Viruses: Malicious program inserted in an executable file .When executed spreads and infects other files.The effects include inability to boot,deletion of file,inability to create file etc .  Trojan Horse: Creates backdoor which gives the hacker access to private and confidential information. Eg: black orifice,freelink,back door g etc.  Worm: On May 4,2000 a fast moving computer worm called “lovebug” spread by email to millions of computers and deleted every .jpeg and .mp3 file on computer.  Macro Virus:Infects word or excel documents and is spread by email attachment.  Remote login by Hackers.  E-mail bomb
  • 21.
  • 22.  Provide ◦ configurable packet filtering ◦ NAT/DHCP Eg :  Linksys – single board RISC based linux computer  D-Link
  • 23.  http://scan.sygatetech.com/  http://www.csnc.ch/onlinetests/  http://grc.com/  http://hackerwhacker.com/
  • 24.  A firewall cannot prevent users or attackers with modems from dialing in to or out of the internal network, thus bypassing the firewall and its protection completely.  Firewalls cannot stop internal users from accessing websites with malicious code, making user education critical.  Firewalls cannot protect you when your security policy is too lax.  Email viruses :  Email viruses are attached to email messages. A firewall can't determine the contents of email messages, so it can't protect you from these types of viruses. You should use an antivirus program to scan and delete suspicious attachments from an email message before you open it. Even when you have an antivirus program, you should not open an email attachment if you're not positive it's safe.  Phishing scams :  Phishing is a technique used to trick computer users into revealing personal or financial information, such as a bank account password. A common online phishing scam starts with an email message that appears to come from a trusted source, but actually directs recipients to provide information to a fraudulent website. Firewalls can't determine the contents of email messages, so they can't protect you from this type of attack.
  • 25.  Discuss the role of firewall ? Explain in detail firewall components and list the benefits of an internet firewall (10 mks)
  • 26.  www.howstuffworks.com  www.wikipedia.org  P.T joseph  www.youtube.com  www.campuskeeda.com  www.antionline.com  www.microsoft.com/security/pc-security/firewalls-whatis.aspx  www.vicomsoft.com/learning-center/firewalls/  www.cisco.com