Firewalls
Firewalls are the technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts. They were build to defend the corporate networks from any exploits. They are the first line of defense for every computer weather it is a personal or the corporate computer.
So here is the question How it got started? and How this type of complex algorithm came into existence.
Firewalls got particularly popular around 1996. This was the time where some new attack techniques emerged such as buffer overflows, remote exploits. Their primary goal was to provide traffic control and monitoring. They enforce the security policy represented by a set of rules, specifying what is explicitly permitted/denied. They usually interconnect two or more logical networks-public and a private ones.
State of the art:
So here is the question How it got started? and How this type of complex algorithm came into existence.
Firewalls got particularly popular around 1996. This was the time where some new attack techniques emerged such as buffer overflows, remote exploits. Their primary goal was to provide traffic control and monitoring. They enforce the security policy represented by a set of rules, specifying what is explicitly permitted/denied. They usually interconnect two or more logical networks-public and a private ones.
State of the art:
- They run as part of the OS kernel.
- They use some advanced algorithms for state-full traffic analysis (Advanced Security Analysis, state-full Inspection).
-
· They can hide information from the outside about the internal logic of the protocol network (NAT, PAT, DNS Proxy).· They can authenticate users with the use of different authentication methods (SecureID, RADIUS, AXENT, TACACS, Vasco, S/Key).· They can do some limited content filtering (Java, ActiveX).· They can be extended by 3rd party products (OSPF).· They can transparently proxy some common application services (FTP, telnet).· They provide support foro SNMP (Simple Network Management Protocol),o LDAP (Lightweight Directory Access Protocol),o ODBC (Integration with relational databases),o X 509 (certificates exchange)· They can also include support for implementing VPN (DNS, RC-4, MD5, SHA-1, SKIP, IPSec, IKE).· They are able to analyze most of the common.o Applications protocols: dns, echo, finger, ftp, irc, NetBeui, ras, rexec, rlogin, rsh, smb, snmp, syslog, telnet, tftp, time, uucp, X11, smtp, pop2, pop3, Microsoft exchange, gopher, http, nntp, waus, egp, ggp, grp, ospf, rip.o Multimedia protocols: Cooltalks, CU-SeeMee, FeeTel, H.323, Internet Phone, Net Meeting, Netshow, RealAudio/Video, StreamWorks, Vosaic, Web Theter.o Database Protocols: Cooktalks, CU-SeeMee, FreeTel, H.323, Internet Phone, Net Meeting, Lotus Notes, MS SQL Server, SQL Net* by Oracle, SQL Server by Sybase.Firewall system:They are pretty complex piece of software !!! (the Linux KLM binary of checkpoint FW 1 NW is 1.2 MB bytes long).· Commercial firewalls systems are closed software, which means that no one has really put them under the glass in a search for security problems.· Over the last couple of years there has been just several bugs found in them.· They just filter traffic coming to/from your network.· They can handle dozens of application protocols, but unfortunately cannot protect you against malicious content.· Security level of a network protected by a firewall system depends on many factors (DNS, routing infrastructure, security of client software).· There is always a great risk associated with the so called “human error”.
Comments
Post a Comment