Ip Address and Questions Q 1 Essay

Submitted By 04Gaurav1
Words: 3013
Pages: 13
Open Document
Firewall Characteristics
Introduction:- A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized
Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
Following are the design goals for a firewall:1. All traffic from inside to outside, and vice versa, must pass through the firewall. This is achieved by physically blocking all access to the local network except via the firewall.
2. Only authorized traffic, as defined by the local security policy, will be allowed to pass. Various types of firewalls are used, which implement various types of security policies, as explained later in this section.
3. The firewall itself is immune to penetration. This implies that use of a trusted system with a secure operating system. Originally, firewalls focused primarily on service control, but they have since evolved to provide all four:







Service control: Determines the types of Internet services that can be accessed, inbound or outbound. The firewall may filter traffic on the basis of IP address and TCP port number; may provide proxy software that receives and interprets each service request before passing it on; or may host the server software itself, such as a Web or mail service. Direction control:Determines the direction in which particular service requests may be initiated and allowed to flow through the firewall.
User control: Controls access to a service according to which user is attempting to access it. This feature is typically applied to users inside the firewall perimeter. It may also be applied to incoming traffic from external users; the latter requires some form of secure authentication technology.
Behavior control: Controls how particular services are used. For example, the firewall may filter e-mail to eliminate spam, or it may enable external access to only a portion of the information on a local Web server.

The following capabilities are within the scope of a firewall:
1. A firewall defines a single choke point that keeps unauthorized users out of the protected network, prohibits potentially vulnerable services from entering or leaving the network, and provides protection from various kinds of IP spoofing and routing attacks. The use of a single choke point simplifies security management because security capabilities are consolidated on a single system or set of systems.
2. A firewall provides a location for monitoring security-related events. Audits and alarms can be implemented on the firewall system.
3. A firewall is a convenient platform for several Internet functions that are not security related. These include a network address translator, which maps local addresses to Internet addresses, and a network management function that audits or logs Internet usage.
4. A firewall can serve as the platform for IPSec.
Firewalls have their limitations, including the following:
1. The firewall cannot protect against attacks that bypass the firewall. Internal systems may have dial-out capability to connect to an ISP. An internal LAN may support a modem pool that provides dial-in capability for traveling employees and telecommuters.
2. The firewall does not protect against internal threats, such as a disgruntled employee or an employee who unwittingly cooperates with an external attacker.
3. The firewall cannot protect against the transfer of virus-infected programs or files. Because of the variety of operating systems and applications supported inside the perimeter, it would be impractical and perhaps impossible for the firewall to scan all incoming files, e-mail, and messages for viruses

Title: <
Show More

Related Documents: Ip Address and Questions Q 1 Essay

Essay about Lab 5

Justin Freetage 2/14/15 Lab 5 TS1-6: IP ADDRESSING AND ROUTING Table 1 IP Addressing Reference (Planned) Device Interface IP Address Mask Default Gateway R1 S/0/0/0 192.168.1.17 255.255.255.240 N/A S0/0/1 192.168.1.97 255.255.255.240 N/A Fa0/0 192.168.1.49 255.255.255.240 N/A R2 S0/0/0 192.168.1.33 255.255.255.240 N/A S0/0/1 192.168.1.18 255.255.255.240 N/A Fa0/0 192.168.1.65 255.255.255.240 N/A R3 S0/0/0 192.168.1.98 255.255.255.240 N/A S0/0/1 192.168.1.34 255.255.255.240 N/A Fa0/0 192.168…

Words 2313 - Pages 10

Computer Networking: a Top-Down Approach Featuring the Internet, 4th Edition - Solutions to Review Questions and Problems Essay

Computer Networking: A Top-Down Approach Featuring the Internet, 4th Edition Solutions to Review Questions and Problems Version Date: June 21, 2007 This document contains the solutions to review questions and problems for the 4th edition of Computer Networking: A Top-Down Approach Featuring the Internet by Jim Kurose and Keith Ross. These solutions are being made available to instructors ONLY. Please do NOT copy or distribute this document to others (even other instructors). Please do not post…

Words 27808 - Pages 112

Essay on Ip Address and Server

downloaded freely. It is my pleasure to give back to the community by making other new users knowledgeable instead of ripping them off. II. What is VICIdial? VICIdial is a set of scripts that are designed to interact with the Asterisk Open-Source IP PBX Phone System to make it function as an inbound / outbound call center solution. Scripts are made up of PERL and PHP. It uses MySQL as its database server, Apache / Httpd Server for its front end web interface, and Linux as its operating system…

Words 6876 - Pages 28

E-Mail In Academi Expectations, Use, And Instructional Impact

Chapel Hill identified issues surrounding the use of e-mail to advance instructional outcomes By Meredith Weiss and Dana Hanson-Baldauf 42 E D U C A U S E Q U A R T E R LY • Number 1 2008 “T he more elaborate our means of communication, the less we communicate,” claimed theologian and educator Joseph Priestly.1 Born in 1733, Priestly could hardly have imagined the Internet, e-mail, and instant messaging, although his prophetic statement presaged a dilemma now faced on college…

Words 5603 - Pages 23

Mis689 Strategic Information Technology Management

162 Please check our Desire2Learn course site for further updates Barbara T. Ozog, Ph.D. Professor, Information Systems Director, MIS Program SL-152 office location 1.630.829.6218 office voice 1.630.829.6226 office fax bozog@ben.edu e-mail address SL-221 Graduate Business Administration office location 1.630.829.6220 MIS Program office voice 1.630.829.6205 Graduate Business Administration office voice 1.630.829.6034 Graduate Business Administration office fax Course Description, from…

Words 3730 - Pages 15

Essay about unit 8 research project assss

Task 1 Research proposal Tesco leads the private sect Tesco decentralisation issues. Tesco Hatch End branch Introduction Tesco leads the private sector of employment in England, it has above 360,000 Tesco also expanded their business in other sectors like Financial services (Tesco bank), Petrol stations, Telecom (Tesco mobile), Internet retailing, Film making etc. Tesco has a large variety of shops from local Tesco Express stores to Tesco Extras superstores. Tesco Hatch End is one of the Express…

Words 3253 - Pages 14

Essay on Cloud Computing

”(Wired.com, 2007) The cloud has also been defined as on-demand network access to networks, servers, storage, applications, and services. Although the concept of the cloud has been around for years, development was hindered by several factors: (1) the old model for marketing software, (2) computer processing speed, (3) limited bandwidth links, and (4) the high cost of data storage. But within the past five years, the cost of data storage has reduced significantly, and processing speeds and bandwidth…

Words 2309 - Pages 10

Essay on Entry: Statistical Process Control

J. Amos, & Dr. Shawn D. Strong Peer-Refereed Article KEYWORD SEARCH Curriculum Manufacturing Quality Quality Control Research The Official Electronic Publication of the National Association of Industrial Technology • www.nait.org © 2004 1 Journal of Industrial Technology • Volume 20, Number 4 • September 2004 through November 2004 • www.nait.org Enhancing Entry Level Skills in Quality Assurance: An Industry Perspective By Dr. R. Neal Callahan, Dr. Scott J. Amos…

Words 3771 - Pages 16

Cognitive Radio And Networking Research At Virginia Tech

are carefully explored. We have termed a network that intelligently takes end-to-end goals into account a cognitive network (CN) [7]. While this paper reflects the broad scope and interdisciplinary nature of the Wireless @ Virginia Tech efforts to address the challenging problems raised in the creation of CRs and CNs, it is not a complete catalog of our related work. In particular, we have omitted significant work on the use of…

Words 23283 - Pages 94

Essay on Pay as you browse

WWW 2011 – Session: E-commerce March 28–April 1, 2011, Hyderabad, India Pay as you Browse: Microcomputations as Micropayments in Web-based Services Ghassan O. Karame Aurélien Francillon ˇ Srdjan Capkun Dept. of Computer Science ETH Zurich, Switzerland Dept. of Computer Science ETH Zurich, Switzerland Dept. of Computer Science ETH Zurich, Switzerland karameg@inf.ethz.ch afrancil@inf.ethz.ch ABSTRACT in Internet revenues was not solely caused by the general economic…

Words 8119 - Pages 33