Skip to main content

Firewall

What is firewall ?



Firewall is a software and hardware ,it is protect our system to the malware,virus, and malicious software ,which is come in to the system with the help of pen-drive or downloaded file .
A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. The rule is two type outbound and inbound .It's defined by the user.firewall only protect to incoming services . A firewall controls access to the resources of a network through a positive control model. This means that the only traffic allowed onto the network is defined in the firewall policy; all other traffic is denied.
Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet. 

Types of Firewall:- The National Institute of Standards and Technology (NIST) 800-10 divides firewalls into four basic types:

  1. Packet filters firewall
  2. Application gateway
  3. Circuit-level gateway
  4. Proxy server firewall
Describe one-by-one types of firewall :--

  1. Packet filter firewall:--

This involve looking at each packet entering or leaving the network and accepts or reject it on the basis of user define rule. Packet filtering is fairly effective and transparent user, but it is difficult  to configure . it is able to IP spoofing.IP spoofing is technique used to gain unauthorized access to computer , whereby the intruder send massage to a computer with an IP address indicate the massage is coming from a trusted host. To engage in IP spoofing , a hacker must first use a variety of technique to find an IP address of a trusted host .Never router and firewall arrangement can offer protection against IP spoofing .

2. Application gateway:-

This applise  security mechanism to specific application,  such as file transfer protocol (FTP),and telnet servers.This is very effective but can impose performance degradation  .

3. Circuit-level gateway:-

  With this ,security mechanism are applised when a TCP and UDP connection is established once the connection has been made ,packet can flow between the host without further checking .

4. Proxy server :- 

this is used to entercept all massage entering and leaving the network the proxy server effectively hides the true network address .most organisation have made this mandatory vide their security policy in interest of information system protection  for the user/employees. 

Comments

Popular posts from this blog

The Seven-Step Model of Migration

Irrespective of the migration approach adopted, the Seven-step Model of Cloud Migration creates a more rational point of view towards the migration process and offers the ability to imbibe several best practices throughout the journey Step 1: Assess Cloud migration assessments are conducted to understand the complexities in the migration process at the code, design and architectural levels. The investment and the recurring costs are also evaluated along with gauging the tools, test cases, functionalities and other features related to the configuration. Step 2: Isolate The applications to be migrated to the cloud from the internal data center are freed of dependencies pertaining to the environment and the existing system. This step cuts a clearer picture about the complexity of the migration process. Step 3: Map Most organisations hold a detailed mapping of their environment with all the systems and applications. This information can be used to distinguish between the ...

Special Permissions in linux

The setuid permission on an executable file means that the command will run as the user owning the file, not as the user that ran the command. One example is the passwd command: [student@desktopX ~]$ ls -l /usr/bin/passwd -rw s r-xr-x. 1 root root 35504 Jul 16 2010 /usr/bin/passwd In a long listing, you can spot the setuid permissions by a lowercase s where you would normally expect the x (owner execute permissions) to be. If the owner does not have execute permissions, this will be replaced by an uppercase S . The special permission setgid on a directory means that files created in the directory will inherit their group ownership from the directory, rather than inheriting it from the creating user. This is commonly used on group collaborative directories to automatically change a file from the default private group to the shared group, or if files in a directory should be...

RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version

import tweepy /usr/lib/python2.7/dist-packages/requests/__init__.py:80: RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version!   RequestsDependencyWarning) Traceback (most recent call last):   File "<stdin>", line 1, in <module>   File "/usr/local/lib/python2.7/dist-packages/tweepy/__init__.py", line 14, in <module>     from tweepy.api import API   File "/usr/local/lib/python2.7/dist-packages/tweepy/api.py", line 12, in <module>     from tweepy.binder import bind_api   File "/usr/local/lib/python2.7/dist-packages/tweepy/binder.py", line 11, in <module>     import requests   File "/usr/lib/python2.7/dist-packages/requests/__init__.py", line 97, in <module>     from . import utils   File "/usr/lib/python2.7/dist-packages/requests/utils.py", line 26, in <module>     from ._internal_utils import to...

tag