Transcript Chapter 44 - Personal Web Pages

ITIS 1210
Introduction to Web-Based
Information Systems
Chapter 44
How Firewalls Work
Introduction
 The Internet is a dangerous place
 Hackers can
 Damage your programs/data
 Steal
 Your identity
 Your credit information
 Use your computer for other purposes
 Distributed attacks on other computers
 Spam
 Illegal activities
Introduction
 Choices are to
 Stay off the Internet
 Protect yourself
 Firewalls are one kind of protection
 Software/hardware
 Monitors the computer-Internet interface
How Corporate Firewalls Work
 The firewall acts as a shield
 Separates the internal environment from the
Wild-Wild-Web
 Inside, normal Internet technologies are
available
 Email
 Databases
 Software
How Corporate Firewalls Work
 Access to the outside is controlled by a
choke router or a screening router
 Examines packets traveling in both
directions and can learn
 Source & destination
 Protocols being used
 Ports being accessed
How Corporate Firewalls Work
 Some packets permitted to continue,
others blocked
 Some services such as logins might be
blocked
 Suspicious locations could be blocked
 System administrators set these rules
How Corporate Firewalls Work
 A bastion host is a heavily protected
server
 Lots of security built in
 Primary point of contact for connections
coming in from the Internet
 Internal computers or hosts inside the firewall
cannot be contacted directly
 Might also be a proxy server
 For WWW requests from inside the firewall
How Corporate Firewalls Work
 Bastion host is part of a perimeter network
in the firewall
 Not on the corporate network itself
 Adds another layer of security
 One more element the bad guys have to
break down to get into the corporate network
How Corporate Firewalls Work
 An exterior screening router or access
router screens packets between the
Internet and the perimeter network
 Again,
 Adds another layer of protection
 Can implement the same rules as the choke
router
 If the choke router fails the screening router
may still be able to block unauthorized access
How Personal Firewalls Work
 What personal resources are attractive to
hackers?
 High-speed connections
 “Always on” network connections like
Roadrunner
 Poorly protected computers that are
vulnerable to exploits
How Personal Firewalls Work
 Remember ports?
 Virtual connections between your computer
and the Internet
 Each port has a specific purpose
 Personal firewalls work by examining
packets for information including
 Source and destination IP address
 Port numbers
How Personal Firewalls Work
 Firewalls can be configured to block
packets address to specific ports
 Block port 21 and FTP can’t be used to attack
your PC
 Trojan horse software can permit a hacker
access to your PC
 Firewalls can detect when software attempts
to send packets
 If you don’t approve, the packets are blocked
How Personal Firewalls Work
 Firewalls can block specific IP addresses
as well
 Your personal history might be a source of UP
addresses to be blocked
 NAT (Network Address Translation) is a
technique whereby your true IP address is
shielded from the Internet
 It can’t be seen by anyone outside your home
network so you become invisible
How Personal Firewalls Work
 Firewalls can log probes or just plain traffic
 These logs can be examined for clues
about hacker’s efforts
How Proxy Servers Work
 A proxy server is one that acts as an
intermediary between its clients and
external services
 System administrators can establish many
types of services
 They decide which will go through proxy
servers
 Many types of proxy servers are available
How Proxy Servers Work
 A Web proxy handles Web traffic
 Commonly serves as a Web cache
 Could also provide content filtering by denying
access to specific URLs
 Some reformat Web pages for a certain
audience (e.g., for cell phones)
 To the internal user the use of the proxy is
transparent
 But it controls the interaction
How Proxy Servers Work
 A proxy server can be used to log Internet
traffic for analysis purposes
 Could record keystrokes
 Also how the external server reacted to those
keystrokes
 Could log
 IP addresses
 Date and time of access
 URLS
 Number of bytes downloaded
How Proxy Servers Work
 Could be used to implement security
schemes
 Permits files to be transferred internally
 But blocks access to external sites
 Common use is caching
 Speeds up performance by keeping copies of
frequently-requested Web pages
 Requests fulfilled by proxy eliminating need to
contact an external server
How Proxy Servers Work
 Other types of proxy servers
 An anonymizing proxy server
 Protects your identity by making you seem
anonymous to servers
 Vulnerable to man-in-the-middle attack
 Since they can read and modify messages
 Could intercept your credit card or logon
information
How Proxy Servers Work
 Circumventor – Method of defeating
blocking policies implemented using proxy
servers
 Web-based page that allows access to
blocked sites by routing it through an
unblocked site
 Famous example was elgooG, a mirror of
Google
 Search engine that only recognized search
terms entered backwards