08Sp_SEC455_51_P6 - 1 Services Filtering & Stateful and...

Info iconThis preview shows pages 1–16. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 1 Services Filtering & Stateful and Stateful Firewall related Attacks 2 Plan • Web service • FTP service • Email service • Telnet service • DNS service • TFTP • Trojan horses • IP spoofing • Stateful Firewall 3 Internet Services Web Server Firewall Internet Internet Email Server DNS Server FTP Server Email Server DNS Server Other Servers Web Server FTP Server LAN Firewall Web Server 4 The Internet Layers and Protocols http ftp telnet SMTP Applications Layer TCP UDP Transport Layer IP Network Layer Physical Interface Data Link Layer & Physical Layer ICMP DNS 80 25 21 23 53 TFTP 69 5 IP Ethernet TCP - UDP FTP client Web client FTP server Web server IP TCP - UDP 1056 1067 21 80 Your Laptop Server Server: <= 1023 & Client: > 1023 Client vs Server 6 Well Known Servers Ports FTP : TCP – Port 21 TFTP : UDP – Port 69 Web or HTTP : TCP – Port 80 SMTP : TCP – Port 25 POP3 : TCP – Port 110 Telnet : TCP – Port 23 DNS : UDP/TCP – Port 53 7 Well Known Clients Software FTP Client : IE, LeapFTP… Web Client : IE, Netscape, FireFox… SMTP Client : Outlook, Eudora… POP3 Client : Outlook, Eudora… Telnet Client : DOS command 8 Web or HTTP service 9 Web/HTTP Service Firewall Web Server Web Server Web Server LAN Web Server Firewall Web Server LAN 10 Firewall Web Server Web Server LAN Ingoing and outgoing traffic TCP, Port 80 11 Security policy and Filtering Rules Rule Direction Source IP Dest. IP Protocol Source Port Destination Port Action R1 Outgoing Any or LAN’s IP Any TCP Any or > 1023 80 Deny Example 1 of security policy: • DENY any access from my LAN’s laptops to any external WEB server Web (HTTP, TCP) Web Server (TCP/80) Client Client Server LAN Filtering rule: 12 Security policy and Filtering Rules Rule Direction Source IP Dest. IP Protocol Source Port Destination Port Action R1 Incoming Any IP1 (web server IP) TCP Any or > 1023 80 Deny Example 1 of security policy: • DENY any access from any external laptop to my LAN’s web server (IP1). Web (HTTP, TCP) Our LAN’s Web Server (TCP/80) Client Client Server External client Filtering rule: IP1 13 Security policy and Filtering Rules Rule Direction Source IP Dest. IP Protocol Source Port Destination Port Action R1 Outgoing Any or LAN’s IP IP2 TCP Any or > 1023 80 Allow R2 Incoming IP2 Any or LAN’s IP TCP 80 Any or > 1023 Allow Example 3 of security policy: • ALLOW any access from my LAN’s laptops to the external WEB server (IP2) Web (HTTP, TCP) Web Server (TCP/80) Client Client Server LAN Filtering rule: IP2 In NetScreen Firewall , these two rules are represented by ONE rule 14 FTP service 15 FTP Service Firewall FTP Server FTP Server FTP Server FTP Server LAN FTP Server Firewall FTP Server LAN 16...
View Full Document

This note was uploaded on 03/26/2010 for the course SECB 455 taught by Professor Zuhairtrabelsi during the Spring '10 term at United Arab Emirates University.

Page1 / 59

08Sp_SEC455_51_P6 - 1 Services Filtering & Stateful and...

This preview shows document pages 1 - 16. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online