Читать практическое задание по информационному обеспечению, программированию: "Investigation of Firewalls" Страница 1

(Назад) (Cкачать работу)

National Aviation Universityand Research Institute of Computer Information TechnologiesSystems and Networks Department integrity protection Work №1Information Security in Computer Systems Done by Kisilova K.S.ERICIT-423by Kudrenko S.O. 2016

Aim: Practical acquaintance with the capabilities and configuration of firewalls.: To study the principle of firewalls; purchase firewall-setting skills. Basic information

firewall is a set of hardware and software to monitor and filter passing through network packets in accordance with the prescribed rules. Traffic control is in its filtering that is selectively passed through the screen, and sometimes even with the implementation of reforms and the formation of special notices to the sender, if the data in the pass denied.

A personal firewall is an application which controls network traffic to and from a computer, permitting or denying communications based on a security policy . Typically it works as an application layer firewall .personal firewall differs from a conventional firewall in terms of scale. A personal firewall will usually protect only the computer on which it is installed, as compared to a conventional firewall which is normally installed on a designated interface between two or more networks, such as a router or proxy server . Hence, personal firewalls allow a security policy to be defined for individual computers, whereas a conventional firewall controls the policy between the networks that it connects.firewall (figure1) can either be software based or hardware based and is used to help keep a network secure. Firewalls are used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. Its primary objective is to control the incoming and outgoing network traffic by analyzing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set.

Fig. 1. An illustration of firewall

of Firewalls

are such functions of Firewalls:separation of workstations and servers, internal network segment (internal network) from the external communication channels;stage identification of requests coming into the network (authentication server, communication centers, and other components external network);checking and user access rights to the network of internal resources;of all queries to the internal network from outside components;monitoring software and data; saving the network address space (in the internal subnet can be used by the local system server address);the IP-addresses of internal servers to protect against hackers;filtering data streams.

of Firewalls

are divided into different types depending on the following characteristics:the screen provides the connection between a host and a network or between two or more different networks;the level of any network protocol flow control takes place;the active compounds are monitored condition or not.firewalls depending on the coverage of monitored data streams are divided into:network (or gateway) screen - the program (or an integral part of the operating system) on the gateway (server, transmitting traffic between networks) or a hardware solution, controlling incoming and outgoing data between connected networks.firewall - a program installed on the user's computer and is designed to protect against unauthorized access to only this computer.on the level at which the access control, there is a separation on firewalls operating on:level when filtering takes place on the basis of the addresses of the sender and recipient of a package, transport layer port numbers OSI model and static rules, set by the administrator;layer (also known as stateful) - tracking sessions between applications, not passing packets violate TCP / IP specifications, commonly used for malicious operations - scanning resources, hacking through the incorrect TCP / IP implementation, interruption / delay connections, data injection.level filtering on the basis of the analysis of the application of data transmitted within the package. These types of screens allow you to block the transmission of unwanted and potentially damaging information on the basis of policies and settings.on the track of the active compounds firewalls are:(easy filtration), which do not keep track of the current connection (for example, the TCP), and the filtered data stream based solely on static rules;, stateful packet inspection (SPI) (filtering, taking into account the context), tracking the current connections and pass only those packages that match the logic and algorithms of work of relevant protocols and applications.are two basic types of firewalls: firewalls of application layer and firewalls with packet filtering. They are based on different principles of operation, but when properly configured, the two types of devices ensure the correct implementation of security features, is blocking traffic banned.

of Firewalls

firewalls are designed to protect a single host from unauthorised access. They can take the form of software or hardware.firewalls protect the whole network from unauthorised access. They can be a dedicated appliance (hardware) which is installed on the system or a software application or an integration of the two.firewall applications are installed on top of the operating system and can be configured for more than one purpose including spam filter and DNS server. Examples of personal software firewalls include ZoneAlarm and Comodo; network capable software firewalls include Linus IPTables and Checkpoint NG.Firewalls are dedicated appliances that physically sit between two networks; for example, the internet and the organisation's network. An example of a dedicated appliance could be the CISCO PIX or a Netgear router (for SO/HO).Filtering Firewall analyse network traffic at the transport layer. It will look at each packet entering or leaving the network

Похожие работы