11.2 - Firewalls

 11.2 - Firewalls 

 

Key Terms: 

    • Packet-filtering – When the firewall looks at the packet headers to distinguish between real and illegitimate traffic. 
    • Access control list (ACL) - A list that specifies the permissions associated with an object. 
    • Stateful firewallThis firewall determines the legitimacy of traffic based on the state of the connection. 
    • Virtual private network (VPN) - An encrypted connection across a public network. 
    • Network address translation (NAT) - NAT remaps IPv4 addresses. 
    • Domain name server (DNS) - The directory of a domain name that specifies the IP address for the domain. 
    • Demilitarised zone (DMZ) - A subnet that interfaces with external networks to protect the internal network. 
    • Bastion host – Also called a boundary firewall, its designed to have an entry and exit point on the network which allows public and internal interfaces to connect. 
    • Screened hubnetA configuration using a single firewall to protect multiple interfaces. 
    • Multihomed – A network or host connected to two or more networks. 
    • Firewalking – Probing a firewall to determine the configuration of ACLs. 
    • Fragmentation – An attack where fragments of outgoing packets are created, causing some of the header information to be transferred to another packet. 
    • Tunnelling – A communication protocol for transmitting data over one network to another. 

 

Hardware Firewalls 

A hardware firewall is a physical device placed between 2 networks. They can either be a standalone device or built into other devices like broadband routers. 

 

Packet-Filtering Firewall 

These firewalls were the first to ever be used. They look at the packet’s header information to identify their legitimacy. They follow an ACL to determine which packets to allow and which ones to block. 

 

Stateful Inspection Firewall 

This firewall identifies packet connections in the network layer to determine if they are legitimate or not. It will also evaluate the packet contents to check for malicious or suspicious traffic. 

 

Virtual Private Network 

A VPN offers a secure connection between two networks over a public network (the internet). 

 

Source Routing 

This is when packets are crafted to route around the firewall node. This means that they will not have to go through the firewall and can bypass its security measures. 

 

URL > IP Replacement 

This is a method of bypassing firewall restrictions on blocked websites. Instead of using the website’s URL, they can use the website’s IP address to directly access the site. In some cases, this can bypass the firewall. 

 

IP Fragmentation 

This is when tiny fragments of packets are created to force some of its header information into the next fragment. The firewall will not recognise the packets due to the broken header information and so the fragments will be able to bypass the firewall’s restrictions. 

 

Tunnelling 

HTTP tunnelling can bypass firewalls easily. This is because most firewalls don't examine the HTTP payload and so will let the packet through without checking its contents. 

 

Evasion Countermeasures 

Network administrators must make sure the firewalls are configured completely. They should also create unique user IDs whenever they are running the firewall and avoid using default IDs. 

Comments

Post a Comment

Popular posts from this blog

OSA Assignment 1 - Task 3 GUIDE

Image
  OSA Assignment 1 – Task 3 Guide     Exam parameters   Time length – 5 hours (2x 2 ½ sessions)   Marks available – 28     Task 3: Design – Communication Equipment   In this task you are required to submit :   A technical proposal covering the switches, wireless infrastructure and specifications   Justification of planned network architecture and considerations for security, resilience, performance and redundancy   Evidence print screens   Annotated floor plan/network diagram     Technical Proposal   The technical proposal in task 3 follows a similar format as task 2. It's another large document detailing the requirements and recommendations for the company. In task 3, however , it should discuss communication and other digital equipment such as switches, CCTV and APs.   You should recommend multiple hardware solutions and justify between them.   Here are some examples of tables and information ...
Read more

OSA Assignment 1 - Task 1 GUIDE

  OSA Assignment 1 – Task 1 Guide     Exam parameters   Time length – 3 hours   Marks available – 20     Task 1: Planning   In this task you are required to submit :   A project plan   Gantt chart showing th e critical path   Explanation of legal requirements   Physical and digital threat countermeasures   Annotated floor plan     Gantt Chart   The Gantt Chart is the first document you should create. This details each phase of the project alongside the timescale to complete it.   Ensure you make a note of the deadline for the project along with any pre-requisites such as cabling. This should all be implemented into your Gantt Chart.   You can follow a layout like this:   Project:   Pre considerations (Gathering project timescale, risk assessments, ...)   Planning (Devising project plan, identifying budget, ...)   Design (Research hardware, identify topology, ...)   Pre ...
Read more

OSA Summer 2023 Mock - Task 1, Assignment 1

Image
  OSA Summer 2023 Mock – Task 1           Legal requirements   The company must ensure they are compliant with the correct legislation whilst the project is undertaken.   If any person is working at height, the correct safety measures to prevent injury or death must be imposed under The Work at Height Regulations 2005. They must have an appropriate safety harness on and hazardous areas at height should be i dentified in the risk assessment.   By storing data internally on a local file server, the business is responsible for maintaining the confidentiality, availability and integrity of that data. They must comply with The Data Protection Act 2018 and General Data Protection Regulations.   Display screen equipment regulations (DSE) should be considered when installing workstations. Ergonomic and posture-friendly chairs should be installed and employees given appropriate breaks from working around screens.     Data p...
Read more