Computer Networking and Management
By: Mike • Research Paper • 7,431 Words • February 11, 2010 • 1,249 Views
Join now to read essay Computer Networking and Management
By M J I - Maldives
Task 1
a) In context of firewalls, explain the operation of a packet filtering router and an application gateway (sometimes referred as an application proxy)
What does firewall means? As far as my knowledge goes, firewall is some kind of system or group of systems which enables to control access and sets privileges between two networks. The most common boundary in firewall is between a trusted and an un-trusted network. A perfect and secure firewall would not interfere with users’ activities or any transfers between authorized networks. Network firewalls mainly operate in different layers of the OSI model. The lowest layer in which the firewall operates is in the network layer. In this layer the internet protocol for TCP/IP will determine if the packet is from a trusted source. Special privileges cannot be assigned to grant access or deny in this layer. Firewall which works at the highest layer of OSI layer is on Application layer, where granting access is more easy because at application layer a large collection of information including the source and packet contents will be known. The network would be more secure if packets are intersected and analyzed at lowest levels of OSI model. It is mere impossible to gain access for an intruder pass the third layer of OSI model.
A great feature of router is that it has the ability to block the flow of broadcasts between network segments. Routers also have the ability to filter out certain traffic. That is when two networks are connected there are certain data the destination network should be able to access from the main network. To grant this, IP filtering is configured in to the routers so this would enable encryption and security and will prevent unauthorized access.
Cisco routers provide a couple of methods for filtering traffic. The simplest is Standard Access List, which enables to filter from a certain subnet range to a specific IP address. Extended Access Lists are used for advance IP filtering. This allows filtering source address, destination address and services. Also there is an option to select static packet filtering or dynamic packet filtering. Cisco Access Lists perform static packet filtering by default and dynamic packet filtering is an option.
Static packet filtering offers very simple protection against attacks; they could be said as non-intelligent devices. Minimum amount of information is monitored to determine the security levels in a static packet filter. The reason is static packet filtering can be used to implement security when the risk is minimal. Dynamic packet filtering is very advanced and intelligent method. It makes the traffic control decisions based on the packet attributes and state table.
Depending on the kernel, applications can be used to configure a Linux system to act as a router. This means that the packets are sent from one network to another. At these levels Linux routers do not examine or filter any traffic. It simply ensures that all traffic addressed to a remote network gets sent to it.
The main four main types of firewall techniques are packet filtering firewalls, circuit level gateways, application gateways and proxy server. In this paper packet filtering firewalls and proxy server firewall techniques are only highlighted. In �Packet filtering’, where the core is on a multi-homed machine, which decides to forward or block a packet. This is based on a set of rules. The second type is �proxy server’ that relies on a program to provide authentication and forwards packets on a multi-homed machine. (Gary & Alex, 2007)
A Packet filter works at the network layer of the OSI model. The practice of examining and blocking traffic is called packet filtering. Daemons such as Squid also allow you to examine and block traffic. However Squid is not a packet filter, it is a proxy server that is designed to operate at the application layer of the OSI model.
A packet filtering router has an addition included that of the router. IT checks each packet and compares it with the set of rules set to it, and decides to forward or block it. Every packet goes through these set of rules and if the match is found, action is obeyed. Actions include dropping packet or informing sender with packet status. The packets are checked in packet orders and on first match first serve basis. The packet order depends on the source IP address of the packets, destination IP address, the destination port numbers or even packet types. Some examples of packet types are UDP, TCP, ICMP...etc.
An application gateway is an application program which is programmed on a firewall that runs between networks. Then one system (the client) sends message to other (destination computer), the packet is first connected to a proxy. Then the client