Operational security: Firewalls

Isolates organization’s internal net from larger Internet, allowing some packets to pass, blocking others:

This figure shows how a LAN and WAN are interconnected through a firewall.

Figure 39 The firewall filters the flow of packets between the LAN and WAN
Gateway Firewall... by Harald Mühlböck... from Wikipedia CC BY-SA 3.0

Prevent denial of service attacks:

  • SYN flooding: attacker establishes many bogus TCP connections, no resources left for “real” connections

Prevent illegal modification/access of internal data

  • e.g., attacker replaces CIA’s homepage with something else
    Allow only authorized access to inside network
  • Set of authenticated users/hosts

There are three types of firewalls:

  • Stateless packet filters: decision to forward/drop packet based on source, destination IP address, TCP/UDP source and destination port numbers, ICMP message type and TCP SYN and ACK bits.
  • Stateful packet filters: tracks status of every TCP connection to drop packets that “make no sense”. Basically, track connection setup (SYN), teardown (FIN).
  • Application gateways: Filter packets on application data as well as on IP/TCP/UDP fields.
Project
  • University of Boras logo
  • UHI logo
  • Alcala University logo
  • Digital connextions logo

This resource was developed as part of an Erasmus+ project, funded with support from the European Commission under grant agreement 2016-1-SE01-KA203-22064.

The project was a collaboration between:

  Creative Commons License

This resource has been released under Creative Commons license CC-BY-SA 4.0.

Contact
  • University of Boras logo
  • UHI logo
  • Alcala University logo
  • Digital connextions logo

If you would like more information on this resource please contact:

  • Academic content – The University of Alcalá (https://www.uah.es/en/)
  • Technical resource development – The University of the Highlands and Islands Educational Development Unit - EDU (edu@uhi.ac.uk)
Disclaimer
  • University of Boras logo
  • UHI logo
  • Alcala University logo
  • Digital connextions logo

Except where otherwise noted, this website is licensed under Creative Commons license CC-BY-SA 4.0. All images used under permission remain the copyright of the license holder.

PDF
  • University of Boras logo
  • UHI logo
  • Alcala University logo
  • Digital connextions logo

Download a copy of this resource in PDF format.

You can also print individual pages by printing directly from the browser.

×