Network Security Major Problems Network Security Major Problems Why Firewall? Why Firewall? Problems...

Tags:

Preview:

Click to see full reader

Citation preview

Network Security Major ProblemsNetwork Security Major Problems Why Firewall?Why Firewall? Problems with FirewallsProblems with Firewalls What is an Intrusion Detector? What is an Intrusion Detector? Problems with Intrusion DetectorsProblems with Intrusion Detectors What is a Content Management Firewall?What is a Content Management Firewall? HACKTRAP FeaturesHACKTRAP Features Future TrendsFuture Trends DemoDemo

TopicsTopics

Network Security Major ProblemsNetwork Security Major Problems

Providing information confidentiality.Providing information confidentiality.

Providing data integrity.Providing data integrity.

Protecting network services Protecting network services availability.availability.

Why Firewall?Why Firewall?

Problems with FirewallsProblems with Firewalls

Checks packet headers ONLYChecks packet headers ONLY

Does NOT detect header intrusionsDoes NOT detect header intrusions

What is an Intrusion Detector?What is an Intrusion Detector?

A tool that detects intrusion A tool that detects intrusion attempts.attempts.

Alerts the network administrator with Alerts the network administrator with detected intrusions.detected intrusions.

Problems with Intrusion DetectorsProblems with Intrusion Detectors

Does NOT take permanent actionsDoes NOT take permanent actions

Does NOT block specific IPs and Does NOT block specific IPs and PORTsPORTs

Intrusion Detector

What is a Content Management What is a Content Management Firewall? Firewall?

A new approach of firewalls.A new approach of firewalls.

Combines the features of BOTH Firewalls Combines the features of BOTH Firewalls and Intrusion Detectors.and Intrusion Detectors.

Checks NOT ONLY packet’s header but Checks NOT ONLY packet’s header but contents as well.contents as well.

Blocks the source of the detected Blocks the source of the detected intrusions.intrusions.

HACKTRAPA content management firewall

IS OUR SOLUTION

HACKTRAP

HACKTRAP FeaturesHACKTRAP Features

Three Security LevelsThree Security Levels• FRA (FRA (Fast Response ActionFast Response Action) ) Firewall RulesFirewall Rules

• IDS (IDS (Intrusion Detection systemIntrusion Detection system) Alerts) Alerts

• ISS (Integrated security system) ISS (Integrated security system) feedback from IDS to FRAfeedback from IDS to FRA

External Network

External Network

Internal NetworkInternal Network

ISSISS

FRAFRA IDSIDS

1

2

3

1 3

HACKTRAP ModelHACKTRAP Model

Generate FRA

HACKTRAP FeaturesHACKTRAP Features

Dynamic Action GenerationDynamic Action Generation

FWRule

IDSPRule

IDMPRule

FRActions

• Administrator point of viewAdministrator point of view Add and Remove types of attacks.Add and Remove types of attacks. Different types of alerts : popup messages, Data Different types of alerts : popup messages, Data

base, XML format ,TCP dump format.base, XML format ,TCP dump format. Restrict and unrestrict hosts accessing firewall .Restrict and unrestrict hosts accessing firewall . Close and open different services (ports) for outside Close and open different services (ports) for outside

hosts. hosts.

• Developer point of viewDeveloper point of view Intrusions can be easily implementedIntrusions can be easily implemented

HACKTRAP FeaturesHACKTRAP Features

Future WorkFuture Work

Enhance for better performance.Enhance for better performance. Using iptables with the ipchains.Using iptables with the ipchains.

Using ACID to make a good analysis Using ACID to make a good analysis on the intrusion detection output to on the intrusion detection output to the data base and display neat the data base and display neat graphs representing it.graphs representing it.

Adding another output modules such Adding another output modules such as email & SMSas email & SMS..

InternetInternetLANLAN

Hacker

Web Server

Unix Server

InternetInternet

x y

yz

xy

Packet forwarding

And

NAT (Masquerading)

x y

x V

Z V

rule4

rule3

rule2rule1

Input

chain rule4

rule3

rule2

Forward

chain

rule4

rule3

rule2

Output

chainrouter

d

e

m

a

s

q

log host

Local process

DENY ACCEPT

ACCEPTACCEPT

+

preprocessor Attacks rules

Input chain

Forward chain

Output chain

Log file

Samba alert database Alert

file

DemoDemo

InternetInternetLANLAN

Hacker

Windows

Lunix

HACKTRAP

Recommended

Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion
Documents
Firewalls Implementation IPTables Firewall Implementation Taken from Red Hat Linux Firewalls, Bill McCarty Copyright Red Hat and Bill McCarty
Documents
Minimizing the maximum firewall ruleset in a network with multiple firewalls
Documents
Firewall Architecture and Application Layer Firewalls Intrusion
Documents
FIREWALLS - CertainTeed Firewalls...Benefits of M2Tech or GlasRoc Shaftliner for Firewalls • Numerous fire-rated assembly designs for safety and performance • Firewall ratings
Documents
Deploying Juniper Firewalls - Elsevier · 2013. 12. 20. · Deploying Juniper Firewalls Solutions in this chapter: Managing Your Juniper Firewall Configuring Your Firewall for the
Documents
Firewalls - Columbia Universitysmb/classes/f06/l15.pdf · Firewall Advantages Firewalls What’s a Firewall Why Use Firewalls? Tradttional Firewalls by Analogy Should We Fix the Network
Documents
Guidelines on firewalls and firewall policy - NIST · GUIDELINES ON FIREWALLS AND FIREWALL POLICY Reports on Computer Systems Technology The Information Technology Laboratory (ITL)
Documents
Where firewalls fit in the corporate landscape. Firewall topics Why firewall? What is a firewall? What is the perfect firewall? What types of firewall
Documents
Guidelines on firewalls and firewall policy · PDF fileGuidelines on Firewalls and Firewall Policy Recommendations of the National Institute of Standards and Technology Karen Scarfone
Documents
Solution Brief: XG Firewall - Avanet · Solution Brief: XG Firewall Firewalls Today Early firewalls operated at lower layers of the network stack, providing basic routing as well
Documents
Network Firewall Security Auditing Firewalls. Module 1: Understanding Firewalls Firewall Architecture Overview
Documents
1 Chapter 11 Firewalls. 2 Outline Firewall Design Principles –Firewall Characteristics –Types of Firewalls –Firewall Configurations Trusted Systems –Data
Documents
Firewall Migration Guide - Allwyn Mascarenhas€¦ · 8 • Firewall Migration Guide © Palo Alto Networks, Inc. Migrate to New Firewalls Firewall Migration Step 5 Connect your management
Documents
CSC 382: Computer SecuritySlide #1 Firewalls. CSC 382: Computer SecuritySlide #2 Firewalls 1.What is a firewall? 2.Types of Firewalls 3.Packet Filtering
Documents
Guidelines on Firewalls and Firewall Policysaiedian/710/Lectures/Readings/09-nist... · Guidelines on Firewalls and Firewall Policy Recommendations of the National Institute of Standards
Documents
FIREWALLS - ftp.tex-host.ru”ополнительные файлы/Reading/07... · 22.4 Firewall Basing Bastion Host Host-Based Firewalls Personal Firewall 22.5 Firewall Location
Documents
Security Firewall Firewall design principle. Firewall Characteristics. Types of Firewalls. Firewall Components & Configurations
Documents
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI
Documents
Guidelines on firewalls and firewall policy · PDF fileFirewalls and Network Architectures ... firewall into existing network and security infrastructures. Additionally, firewall solution
Documents