Proxy Servers&

Firewalls

What is proxy ?What is proxy ? Main purpose of using proxiesMain purpose of using proxies How a proxy works ?How a proxy works ? Proxy typesProxy types Popular hardware & software proxiesPopular hardware & software proxies What is firewall ?What is firewall ? Main purpose of using firewallsMain purpose of using firewalls How a firewall works ?How a firewall works ? Firewall typesFirewall types Popular hardware & software firewallsPopular hardware & software firewalls

ObjectivesObjectives

What is proxy ?What is proxy ?Proxy

Proxy is hardware / software

Indirect access to other networks e.g INTERNET. all computers on Indirect access to other networks e.g INTERNET. all computers on the local network have to go through it before accessing information the local network have to go through it before accessing information on the Internet.on the Internet.

Organization , universities , companies use proxy systems

Proxy act as gateway

Proxy act as Cache Server/Firewall

Proxy share a connection to others

LAN INTERNET

Main purpose of using Main purpose of using proxiesproxies

Improve PerformanceImprove Performance– Act as Cache serverAct as Cache server– Bandwidth controlBandwidth control

Filter RequestsFilter Requests– Prevent access to some web sites!!!Prevent access to some web sites!!!– Prevent access to some protocolsPrevent access to some protocols– Time divisionTime division

Surfing AnonymouslySurfing Anonymously– Browsing the WWW without any identification!!!Browsing the WWW without any identification!!!

Improve PerformanceImprove Performance CachingCaching

– Reduce latencyReduce latency– Reduce Network TrafficReduce Network Traffic

Caching can greatly speed up Internet access. If one or more Internet sites are frequently requested, they are kept in the proxy's cache, so that when a user requests them, they are delivered directly from the proxy's cache instead of from the original Internet site.

Caches diminish the need for network bandwidth, typically by 35% or more, by reducing the traffic from browsers to content servers.

Bandwidth controlBandwidth control– Policy-based Bandwidth Limits– Deny by content type

INTERNET

64 Kbps

128 Kbps

512 Kbps1 Mbps

Filter RequestsFilter Requests Prevent access to some web sites!!!Prevent access to some web sites!!!

– Categories web sitesCategories web sites Adult/Sexually ExplicitAdult/Sexually Explicit Advertisements & Pop-UpsAdvertisements & Pop-Ups Chat Chat Gambling Gambling Games Games Hacking Hacking Peer-to-PeerPeer-to-Peer …………

– Check by content typeCheck by content type .Exe / .Com.Exe / .Com .Mid / .MP3 / .Wav.Mid / .MP3 / .Wav .Avi / .Mpeg / .Rm.Avi / .Mpeg / .Rm

What do you need for What do you need for proxy installation?proxy installation?

Proxy SoftwareProxy Software Ms ISA Server , Squid , WinRoute , …Ms ISA Server , Squid , WinRoute , …

ServerServer At least 2 network cardsAt least 2 network cards DIRECT INTERNET connection DIRECT INTERNET connection (Public IP Address)(Public IP Address)

Switch/Hub Switch/Hub (elective) (elective)

Private IP AddressPrivate IP Address 10.0.0.1/8 – 172.16.0.1/16 – 192.168.0.1/2410.0.0.1/8 – 172.16.0.1/16 – 192.168.0.1/24

How a proxy works ?How a proxy works ?

See the next DemoSee the next Demo

LAN

INTERNET

Proxy Server

IP : 172.16.0.2

Gw : 172.16.0.1

IP : 172.16.0.1

Source IP

172.16.0.2www.yahoo.com

Dest IP209.191.93.52

IP : 217.219.66.2

Gw : 217.219.66.1

LAN

INTERNET

Proxy Server

IP : 172.16.0.2

Gw : 172.16.0.1

IP : 217.219.66.2

Gw : 217.219.66.1

IP : 172.16.0.1

Source IP

217.219.66.2www.yahoo.com

Dest IP209.191.93.52

Change Source IP Address

Source IP

172.16.0.2www.yahoo.com

Dest IP209.191.93.52

LAN

INTERNET

Proxy Server

IP : 217.219.66.2

Gw : 217.219.66.1

IP : 172.16.0.1

Source IP

209.191.93.52

Dest IP217.219.66.2

Change Source IP Address & Destination IP Address

IP : 172.16.0.2

Gw : 172.16.0.1

LAN

INTERNET

Proxy Server

IP : 217.219.66.2

Gw : 217.219.66.1

IP : 172.16.0.1

Source IP

209.191.93.52

Dest IP217.219.66.2

Change Dest. IP Address

Source IP

209.191.93.52

Dest IP172.16.0.2

IP : 172.16.0.2

Gw : 172.16.0.1

LAN

INTERNET

Proxy Server

IP : 172.16.0.2

Gw : 172.16.0.1

IP : 217.219.66.2

Gw : 217.219.66.1

IP : 172.16.0.1

Source IP

209.191.93.52

Dest IP172.16.0.2

Proxy typesProxy types

Web proxiesWeb proxies SSL proxiesSSL proxies Transparent proxiesTransparent proxies Open proxiesOpen proxies Anonymous proxiesAnonymous proxies

Proxy setting in IEProxy setting in IE

Popular hardware & software Popular hardware & software proxiesproxies

Software Proxy Hardware Proxy

Ms. ISA ServerMs. ISA Server Cisco PIXCisco PIX

SquidSquid Blue CoatBlue Coat

Kerio WinRouteKerio WinRoute CyberoamCyberoam

1st Up Net Server1st Up Net Server AlacerAlacer

CCProxyCCProxy

CProxyCProxy

Windows ICSWindows ICS

WinGateWinGate

What is firewall ?What is firewall ?Firewall

Firewall is hardware / software

protects the resources of a private network from users from other networks

Organization , universities , companies use firewall systems

Firewall can act as gateway

Firewall can act as proxy

Firewall filter Incoming & Outgoing information

LAN INTERNET

Main purpose of using Main purpose of using firewallsfirewalls

Packet filteringPacket filtering– Analyzing packetsAnalyzing packets

Proxy serviceProxy service– Provide access to other networks e.g INTERNETProvide access to other networks e.g INTERNET

LAN

INTERNET

How a firewall works ?How a firewall works ?

The FIREWALL can now:

• Log the attempt

• Alert the admin

• Harden the firewall

• Or reset a TCP/IP connection

Sniffing Mode

1) An attacker tries to compromise a service on the protected network.

2) The Firewall identifies the attempt.

LOG

Alert

Reset

Harden

What firewall protects us What firewall protects us fromfrom

Remote loginRemote login Application backdoors Application backdoors Operating system bugs Operating system bugs Denial of service Denial of service E-mail bombsE-mail bombs VirusesViruses SPAMsSPAMs TrojansTrojans ICMP bombingICMP bombing FTP brute forceFTP brute force PhishingPhishing ……..

Popular hardware & software Popular hardware & software firewallsfirewalls

Software Firewall Hardware Firewall

Ms. ISA ServerMs. ISA Server Cisco PIXCisco PIX

Norton Internet SecurityNorton Internet Security Blue CoatBlue Coat

Mcafee Internet SecurityMcafee Internet Security CyberoamCyberoam

ZoneAlarmZoneAlarm Check PointCheck Point

KerioKerio NetScreenNetScreen

BlackICEBlackICE D-link SECURESPOTD-link SECURESPOT

OutpostOutpost WatchGuardWatchGuard

Thank You,Thank You,

References :References :

www.cisco.comwww.cisco.com www.isaserver.orgwww.isaserver.org www.wikipedia.comwww.wikipedia.com www.cert.orgwww.cert.org www.isc.sans.orgwww.isc.sans.org www.zonelabs.comwww.zonelabs.com www.symantec.comwww.symantec.com www.mshdiau.ac.irwww.mshdiau.ac.ir Communication & Information Technology Department of Communication & Information Technology Department of

Mashhad University - IRANMashhad University - IRAN

Contact me : Poustchi@yahoo.comContact me : Poustchi@yahoo.com

http://poustchi.blogspot.comhttp://poustchi.blogspot.com