1 / 32

Internet Security Hardware (by students of E-commerce Security, Summer/2002 class)

Internet Security Hardware (by students of E-commerce Security, Summer/2002 class). Router Packet Ports Firewalls DMZ IP sniffing Personal firewalls Zone Alarm. Router. A device that forwards data packets from one local area network (LAN) or wide area network (WAN) to another.

torgny
Download Presentation

Internet Security Hardware (by students of E-commerce Security, Summer/2002 class)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet Security Hardware (by students of E-commerce Security, Summer/2002 class) • Router • Packet • Ports • Firewalls • DMZ • IP sniffing • Personal firewalls • Zone Alarm

  2. Router • A device that forwards data packets from one local area network (LAN) or wide area network (WAN) to another. • Routers are used to segment LANs in order to balance traffic within workgroups and to filter traffic for security purposes and policy management. Routers are also used at the edge of the network to connect remote offices. source: http://www.techweb.com Calie Liu

  3. packet A block of data used for transmission in packet switched systems. The terms frame, packet and datagram are often used synonymously. Jackie

  4. What is Ports? What is Disadvantage of firewall? By Security Context Lillian

  5. Ports (in a security context) Simply put • A port is a point at which computers connect to networks and to other computers so that it can exchange information with networks and other computers. Personal computers have various types of ports, each of which provides a specific and unique service. Port numbers that are open indicate which applications or services that computer is currently running. • You need to understand Transport Control Protocol (TCP). Ports are a parameter of the TCP. There are many different services that can run using TCP as the mechanism to get data from one place to another. TCP keeps these services separate from each other by assigning a unique "port" to each service. Since the "port" parameter is a 16-bit field, there are 65,536 possible "ports" or services. Some of these, such as port 0, are reserved and not used. The ports from 0-1,023 are called "Well Known Ports." The Well Known Ports are assigned by the Internet Assigned Numbers Authority (IANA) and on most systems can only be used by system (or root) processes or by programs executed by privileged users.

  6. Ports (in a security context) The ports from 1,024-49,151 are called "Registered Ports." The Registered Ports are listed by the IANA and on most systems can be used by ordinary user processes or programs executed by ordinary users. They are not controlled by IANA and can be used for most any purpose. However, IANA does maintain a "registry" of port numbers and their common uses as a convenience to the community The ports from 49,152 through 65,535 are called dynamic or "private ports." As the name implies, these ports are not registered and may be used for anything by any program. A listing of the Well-Known and Registered ports, along with their common uses can be found at http://www.iana.org/assignments/port-numbers. With regard to firewall security, your default policy should be to close all ports except those that need to be open for operational reasons. How you define which ports are open and which are closed will depend on which firewall you are using. Information Source from: http://searchsecurity.techtarget.com/ateQuestionNResponse/0,289625,sid14_cid407639_tax285453,00.html

  7. 3 kinds of firewall-1 • The first kind of firewall. • Software firewall. West

  8. 3 kinds of firewall-2 • The third kind of firewall: • standalone firewall • Internet Your PC Stand alone firewall

  9. 3 kinds of firewall-3 • The second kind of firewall: • Hardware hardware firewall:The standalone firewall is a piece of dedicated hardware (sometimes referred to as a Firewall Appliance) that sits between your network and the outside world.

  10. Selecting Firewalls • Price • Security Level • Easy of use/Configuration • Does the firewall run without user intervention? • Is there online help or technical support available? • What will be the trai5ning requirements for the firewall? • Will the firewall have a significant impact on the operation of the system as a whole? Calie Liu

  11. Software Firewall • Zone Alarm Pro (Best Buy)-$49.95 • Norton Personal Firewall-$44.99 • Sygate Personal Firewall Pro-$39.95 • BlackICE PC Protection 3.5-$39.95 Source:http://www.firewallguide.com Jackie

  12. Hardware Firewall • Cable/Adsl Router firewall(CNET TECH)-$82.99 • Cable/Adsl Router (D-Link)-$70 • Cable/Adsl Router (Allied Telsyn)-$104 Jackie

  13. Hardware Firewall (Cont.) Business • Cisco IOS Firewall (PIX 535)-$20,000 • SENSEI Small Business Firewall-$2650 • Cisco PIX 525 UR - $5,000 Source:http://cisco.com

  14. Disadvantages of Firewall there are some disadvantages to using firewalls • Restricted access to desirable services the most obvious being that certain types of network access may be hampered or even blocked for some hosts, including telnet, ftp, X Windows, NFS, NIS, etc. However, these disadvantage are not unique to firewalls; network access could be restricted at the host level as well, depending on a site's security policy. 2. All eggs in a single basket A second disadvantage with a firewall system is that it concentrates security in one spot as opposed to distributing it among systems, thus a compromise of the firewall could be disastrous to other less-protected systems on the subnet. This weakness can be countered, however, with the argument that lapses and weaknesses in security are more likely to be found as the number of systems in a subnet increase, thereby multiplying the ways in which subnets can be exploited. Lillian

  15. Disadvantages of Firewall • Potential for alternative access Firewalls do not protect against back doors into the site. For example, if unrestricted modem access is still permitted into a site protected by a firewall, attackers could effectively jump around the firewall. • Cost of Vendor solution Another disadvantage is that relatively few vendors have offered firewall systems until very recently. Most firewalls have been somewhat ``hand-built'' by site administrators, however the time and effort that could go into constructing a firewall may outweigh the cost of a vendor solution. There is also no firm definition of what constitutes a firewall; the term ``firewall'' can mean many things to many people. 5. Improper set up leads to artificial some of security Source Information fromhttp://helios.bre.co.uk/iqit/el-ex/ee-firv1.htm#Issues and Problems with Firewalls http://csrc.nist.gov/publications/nistpubs/800-10/node40.html

  16. What is DMZ West A DMZ (or "Demilitarized Zone"), is viewed as a neutral zone inserted between the Internet and a private LAN where controlled public access is allowed.  Technically, the DMZ is a LAN subnet, to which non-authenticated access can be permitted at a configurable level.

  17. Definition • IP Sniffing : Stealing network addresses by reading the packets. Harmful data is then sent stamped with internal trusted addresses. (source:http://www.mynetsec.com/html/security.html#IP_Snoofing) Ruby

  18. A company's web server is a typical example of a device which may be placed in a DMZ, as it often makes sense to have other access procedures for the public-access features on a Web server than for the rest of the local network. source:http://www.eicon.com/support/helpweb/safepipe/DMZ.htm

  19. Definition • Sniffing is a passive security attack in which a machine separated from the intended destination reads data on a network. Passive security attacks are those that do not alter the normal flow of data on a communication link or inject data in to the link. These leads to leakage of different kinds of information. • http://www.infotechuniv.com/resources/r23.htm Ruby

  20. Definition • IP Sniffing - Unauthorized monitoring of directly connected IP traffic. Most IP traffic is sent cleartext (unencrypted), so it is possible to see what passes by on the network. For example, sniffers can capture the login and password pairs from telnet sessions. One of the most significant causes of break-ins from the Internet. http://www.icsalabs.com/html/communities/ids/buyers_guide/guide/Appendix/C_Glossary/c_glossary.shtml Ruby

  21. Types of Personal Firewalls • Zone Labs’ Zone Alarm Firewall It can be downloaded for free at http://www.zonelabs.com/products/za/index.htmlThe most current version was 2.6 • Tiny Software’s Tiny Personal Firewall It can be downloaded for free at http://www.tinysoftware.com • Symantec’s Norton Personal Firewall 2001 It can be purchased at http://www.symantec.com/sabu/nis/npf/. Ruby

  22. You can easily to install,configure, and maintain the personal firewall like Zone Alarm. Zone Alarm Firewall

  23. Installing ZoneAlarm • Clicking the downloaded installation file zonalm26.exe will start the ZoneAlarm setup program • Step by step ,configure ZoneAlarm to enable your Web browser to access the Internet • The setup confirmation dialog box show up, then click yes. ZoneAlarm is now installed.

  24. Configuring ZoneAlarm • ZoneAlarm is by default configured in stealth mode,indicating it is configured to be invisible to the rest of the Internet • ZoneAlarm provides two default user interfaces: the ZoneAlarm tray icon and the Control Center panel dialog box Ruby

  25. Click the button to display the Configuration panel. This button is located directly below the Help button in the top right corner of ZoneAlarm. Use the checkboxes and pushbuttons in the Configuration Panel to determine whether Configure Panel

  26. The main portion of the Programs panel is the Program List. This is the list of programs installed on your machine that have attempted to connect to the Internet. Use the checkboxes in this panel to control the connection behavior of any program on the list or to specify each program's access rightsfor the Local Zone or the Internet Zone. Program Panel

  27. Configuring ZoneAlarm • ZoneAlarm is by default configured in stealth mode,indicating it is configured to be invisible to the rest of the Internet • ZoneAlarm provides two default user interfaces: the ZoneAlarm tray icon and the Control Center panel dialog box

  28. Click the button to display the Configuration panel. This button is located directly below the Help button in the top right corner of ZoneAlarm. Use the checkboxes and pushbuttons in the Configuration Panel to determine whether Configure Panel

  29. The main portion of the Programs panel is the Program List. This is the list of programs installed on your machine that have attempted to connect to the Internet. Use the checkboxes in this panel to control the connection behavior of any program on the list or to specify each program's access rightsfor the Local Zone or the Internet Zone. Program Panel

  30. The Local and Internet Zone each have a security level selector, that you drag up and down to change the security level. Local Zone security is displayed in green, and Internet Zone security in blue. The default settings are: medium for the Local Zone high for the Internet Zone Security Panel

  31. When the Timer Bar below the Lock button is green, the Internet Lock is not on. This means that ZoneAlarm is allowing Internet traffic in and out of your computer When the timer bar is red, the lock is closed and no in-and-out Internet traffic is allowed. When the lock is closed, the countdown timer counts upwards, showing the amount of time the lock has been active. If the timer bar displays a countdown timer, this is the time remaining before the Automatic Lock will engage Lock Panel

  32. The two graphs in the top portion of the icon display Internet traffic as it occurs. The two graphs in the lower portion of the icon display a chronological history of Internet traffic as it is generated on your machine. Whenever red or green flashing bars appear in the Alerts icon, the application receiving or sending traffic is shown as a blinking icon inside the Programs icon. Alert Panel

More Related