BH

Firewall Report

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Abstract
I have made this report file on the topic Firewall; I have tried my best to elucidate all the relevant
detail to the topic to be included in the report. While in the beginning I have tried to give a
general view about this topic.

My efforts and wholehearted co-corporation of each and everyone has ended on a successful
note. I express my sincere gratitude to …………..who assisting me throughout the
preparation of this topic. I thank him for providing me the reinforcement, confidence
and most importantly the track for the topic whenever I needed it.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Content
⚫ Introduction
⚫ What is a Firewall
⚫ Applications of Firewall
⚫ Software Firewall vs Hardware Firewall
⚫ History
⚫ Design goals for Firewall
⚫ Types
⚫ Basic Concepts of Firewall
⚫ Role of Firewall
⚫ Advantages
⚫ Disadvantages
⚫ Conclusion

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

INTRODUCTION

The Internet has made great deal of knowledge available to the a verage someone
reception, in business and education. for several people, having access to the current information
is not any longer just an advantage; it's essential.

By connecting a personal network to the net can expose critical or

confidential data to malic ious attack from anywhere within the world. The intruders could gain
access to your sites private information or interfere together with your use of yo u r o w n s ys t e
ms .

U s e r s w ho co nn e c t t h e i r c om p ut e r s t o t h e I n t e r n e t mu s t be a w a r e o f t h es e d
an ge r s , t h e i r implications and the way to safeguard their data and their critical systems.
Therefore, security of network is that the main criteria here and firewalls provide this security.

The Internet firewalls keep the flames of Internet hell out of your network or, to stay the members
of your LAN pure by denying them access the all the evil Internet temptations.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

What is a Firewall?
• A Firewall is simply a program or hardware device that filters the information coming
through the internet connection into your private network or computer system.

What is an application firewall?

An application firewall could be a special firewall that’s specifically coded for the kind of traffic it’s
inspecting. The foremost widely developed application firewall is that the web application firewall. A
web application firewall is a smaller amount concerned with source and destination addresses, and
focuses on the particular data within the packet to determine if the requests being sent to an
internet server, and also the replies issued from the online server, meet its rules. For example, an
internet application firewall may have a rule that says a requested URL might not be over 256
characters long. When a packet is found that incorporates a longer URL within the request field it may
be dropped without giving it to the net server.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

What is the difference between a host-based firewall and a

network-based firewall?
A host-based firewall is installed on a personal computer to guard it from activity occurring on its
network. The policy may affect what traffic the pc accepts from the web, from the local network,
or maybe from itself.

A network-based firewall is implemented at a specified point within the network path and protects
all computers on the “internal” side of the firewall from all computers on the “external” side of
the firewall.

Network-based firewalls is also installed at the perimeter , or edge, of a network to shield a

company from hosts on the web, or internally to guard one segment of the community from another,
like separating corporate and residential systems, or research systems from marketing systems. A
network-based firewall cannot protect one computer from another on the identical network, or any
computer from itself.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Hardware firewall vs Software firewall

Hardware firewalls

Hardware firewalls are integrated into the router that sits between a computer and the Internet.
They typically use packet filtering, which means they scan packet headers to determine their
source, origin, destination addresses and check with the existing user defined rules to make an
allow/deny decision.

Key advantages of hardware firewall.

1. Speed: Hardware firewalls are tailored for faster response times, so it can handle more traffic
loads.
2. Security: A firewall with its own operating system is less prone for at tacks. This in turn
reduces the security risk and in addition, hardware firewalls have enhanced security controls.
3. No Interference: Since the hardware firewall is an isolated network component, it can be
managed better, and does not load or slowdown other applications. The firewall can be moved,
shutdown, or reconfigured with minimal interference to the network.

Software firewall

Software firewalls are installed on individual servers. They intercept each connection request and
then determine whether the request is valid or not. Software firewall process all requests by using
the server resources. Apart from performance limitation, the software firewall has numerous
advantages.

Key advantages of software firewall.

1. While comparing with the hardware firewalls, software firewalls are easier to configure and
setup.
2. Through the software firewall, we can restrict some specific application from the
Internet. This makes the software firewall more flexible.
3. The software firewall give users complet e control on their Internet traffic through a nice user
friendly interface that requires little or no knowledge.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

History of Firewalls

Firewall technology first began to emerge within the late 1980s. Internet was still a
reasonably new technology in terms of its global usage and connectivity. The first idea was
formed in response to variety of major internet security breaches, which occurred within
the late 1980s.

In 1988 an employee at the NASA Ames centre in California sent a memo by email to his
coll eagues that read, “We are currently under fire from a web VIRUS! It’s hit Berkeley,
UC port of entry, Lawrence Livermore, Stanford, and NASA Ames.” This virus called the
Morris Worm was carried by e -mail and is now a typical nuisance for even the foremost
innocuous domestic user.

The Morris Worm was the primary large scale attack on Internet security, of which the net
community neither expected, nor were prepared for. The web community made it a top
priority to combat any future attacks from happening and commenced to collaborate on new
ideas, systems and software to create the web safe again.

The first paper published on firewall technology was in 1988, when Jeff Mogul from Digital
Equipment Corp. developed filter systems know as packet filter fir ewalls.
This fairly basic system was the primary generation of what would become a highly
evolved and technical internet security feature. From 1980 -1990 two colleagues from AT&T
Bell Laboratories, Dave Presetto and Howard Trickey, developed the second generation of
firewalls called circuit level firewalls.

Publications by Gene Spafford of Purdue University, Bill Cheswick at AT&T laboratories

and Marcus Ranum described a 3rd generation firewall referred to as Application layer
firewall, also called proxy -based firewalls. Marcus Ranum’s work on the technology
spearheaded the creation of the primary commercial product.

The product was released by Digital Equipment Corporation’s (DEC) who named it the
SEAL product. DEC’s first major sale was on June 13, 1991 to a chemical company
supported the East-Coast of the USA.

At AT&T Bill Cheswick and Steve Bellovin were continuing their research in packet
filtering and developed a working model for his or her own company based upon their
original 1st generation architecture. In 1992, Bob Braden and Annette DeSchon at the
University of Southern California were developing their own fourth generation packet filter
firewall system.

The product referred to as “Visas” was the primary system to possess a visible integration
interface with colours and icons, which may be easily implemented to and accessed on a
computer OS like Microsoft’s Windows or Apple’s Mac/OS. In 1994 an Israeli company
called Check Point Software Technologies built this in to readily available software
referred to as FireWall-1.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Design goals for a firewall

• The first design goal for a firewall is that collectively the sum of all the network traffic
from internal to external must g o through the firewall physically cutting off all access to
the local network except via the firewall.

• The second design goal would be only authorized traffic which is delineated by the
local security policy will be allowed to proceed.

• Finally the las t design goal is that the firewall itself is resistant to penetration
inclusive is a solid trustworthy system with a protected operating system.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Types of firewalls
Three common types of Firewalls:

• Packet-filtering routers
• Application-level gateways
• Circuit-level gateways (Bastion host)

Packet-filtering Router

• Applies a set of rules to each incoming IP packet and then forwards or

discards the packet
• Filter packets going in both directions
• The packet filter is typically set up as a list of rules based on matches to
fields in the IP or TCP header
• Two default policies (discard or forward)

Advantages:

• Simplicity
• Transparency to users
• High speed

Disadvantages:

• Difficulty of setting up packet filter rules

• Lack of Authentication

Application-level Gateway

• Also called proxy server

• Acts as a relay of application -level traffic

Advantages:

• Higher security than packet filters

• Only need to scrutinize a few allowable applications
• Easy to log and audit all incoming traffic

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Disadvantages:

• Additional processing overhead on each connection (gateway as

splice point)

Circuit-level Gateway

• Stand-alone system or
• Specialized function performed by an Application -level Gateway
• Sets up two TCP connections
• The gateway typically relays TCP segments from one connection to t he other without
examining the contents
• The security function consists of determining which connections will be allowed
• Typically use is a situation in which the system administrator trusts the internal users
• An example is the SOCKS package

Bastion Host

• A system identified by the firewall administrator as a critical

strong point in the network´s security
• The bastion host serves as a platform for an application -level or
circuit-level gateway

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Basic concepts of a firewall

To understand what a firewall is, one can simply imagine it in biological terms as the organ of a
human known as skin. Skin does not actually kill foreign hostile bodies, it simply obstructs
them.

In a human for example, the loss of more than 50% of skin will result in death, simp ly because
the immune system cannot repel invaders from such a large and exposed surface area. The same can be
said of firewalls which unlike IDS (Intrusion Detection Systems) can not actually detect hostile
invaders but simply limits their access to your sensitive internal servers.

Properly designed and deployed, a firewall operates as a shield around your network just as skin
on a human.

A firewall functions by acting on traffic based on its policy. A policy is comprised of a set of
rules. A rule is an action taken on traffic that fit a certain criteria. A single rule is comprised of
four basic elements:

• Source
o This is where the IP traffic is coming from and is comprised of the
following
o Single IP address or multiple IP addresses
o One or more networks in the form of a network ID and subnet mask
o A combination of IP addresses and Network addresses
• Destination
o This is where the IP traffic is going to and is comprised of the following
o Single IP address or multiple IP addresses
o One or more networks in the form of a network ID and subnet mask
o A combination of IP addresses and Network addresses
• Service
o This is the type of protocol that the traffic is using and is comprised of the
following
o One or more destination TCP ports
o One or more destination UDP ports
o A group or combination of destination TCP and UDP ports
o Although source port can be limited to a certain range, it is generally left wide
open. It is the destination port that is primarily specified.
• Action
o The administrator chooses from the following option s if all the above three
criteria match
o Reject the traffic
o Drop the traffic
o Permit the traffic
o Encrypt the traffic on IPSEC VPN capable firewalls

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

The Role of Firewalls

A firewall may be a term used for a ``barrier’’ between a network of machines and users tha
t operate under a standard security policy and usually trust one another, and therefore the
outside world. In recent years, firewalls became enormously popular on the web. In large
part, this is often thanks to the very fact that almost all existing operating systems have esse
ntially no security, and were designed under the idea that machines and users would
trust one another.

There are two basic reasons for employing a firewall at present: to save lots of money in
concentrating your security on alittle number of components, and to s implify the
architecture of a system by restricting access only to machines that trust one another.
Firewalls are often thought to be some as an irritation because they’re often considered an
impediment to accessing resources. This can be not a fundamental flaw of firewalls, but
rather is that the results of failing to stay up with demands to enhance the firewall.

There is a reasonably large group of determined and capable individuals round the world
who take pride in breaking into systems. Aside from the sense of in security that it’s
instilled in society, the quantity of actual damage that has been caused is comparatively
slight. It highlights the very fact that essentially any system is compromised if an
adversary is decided enough.

It is a tried and true method to enhance security within DOD projects to own a ``black hat’’
organization that attempts to interrupt into systems instead of have them found by your real
adversaries. By bringing the vulnerabilities of systems to the forefront, the net hackers have
essentially provided this service, and an impetus to boost
existing systems. It’s probably a stretch to mention that we must always thank them, but I think
that it’s better to lift these issues early instead of later when our society are almost 100%
captivated with information systems.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Advantages of firewal
• Concentration of security all modified software and logging is found on the firewall
system as critical being distributed on many hosts;
• Protocol fi ltering, where the firewall fi lters prot ocols and services that are either not
necessary or that can’t be adequately secured from exploitation;
• I n f o r m a t I on h I d I n g , I n whi c h a f I r e w a l l c an ``h I d e ‘ ‘ n a me s o f I
nt e rn a l s ys t e ms o r e l ec t ro n I c ma I l addresses, thereby revealing less
information to outside hosts;

• Application gateways, where the fi rewall requires inside or outside users to attach fi rst
to the firewall before connecting further, thereby filtering the protocol;

• Extended logging, within which a firewall can concentrate extended logging of

network traffic on one system;

• Centralized and simplified network services management, during which services like
ftp, piece of email, gopher, and other similar services are located on the firewall
system(s) as critical being maintained on many systems.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Disadvantages of firewall

• The most obvi ous being that certain types of netw ork access may be hampered
or even bloc ked for som e hosts, including telnet, ftp, X Windows, NFS, NIS, etc.
However, these disadvantages are not unique to fi rewalls; network access could be
restricted at the host level as well, depending on a site's security policy.

• A s e co nd d i s a dv ant a ge wi t h a f i r ew a l l s ys t e m i s t h a t i t
c o n c e nt r a t e s s ec u r i t y i n o ne s po t a s op p os ed t o distri buti ng it
among systems, thus a compr omi se of the f irewall could be disastrous to other
les s - protec ted systems on the subnet. This weakness can be countered; however, with the
argument that lapses and weakness in s ec urity are more l i kely to be found as the
number of systems in a subnet inc rease, thereby m ulti pl yi ng the ways in
which subnets can be exploited.

• Another dis adv antage is that relativ ely few vendors have offered firew
all systems until very recently. Most f i rew alls have been
somew hat ``hand-b uilt'' by site ad mi ni strators, how ever the ti me and
effort that coul d go into constructing a firewall may outweigh the cost of a vendor
solution. There is also no firm definition of what constitutes a firewall; the term ``firewall''
can mean many things to many people.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

Conclusion
• One of the best things about a firewall from a security standpoint is that it stops
anyone on the outside from logging onto a computer in your private network.
•
While this is a big deal for businesses, most home networks will probably not be
threatened in this manner. Still, putting a firewall in place provid es some peace of
mind.

YSPM’S YTC, Faculty of MCA, Satara

BH
Firewall Report

YSPM’S YTC, Faculty of MCA, Satara