Sunday, 21 September 2014

Firewall Configuration

This is my second post on firewall, I'll be using the abbreviations that I described in the first post. This post is aimed at the firewall configurations in brief. 
The following three firewall configurations are the most used.

Screened Host Firewall Single Homed Bastion














Whatever is coming from the internet is checked by packet filter. Packet filter checks the header of packets and then it proceeds to AGW where word-by-word checking is performed. However, in this configuration, incentive given to regular packets is that they are identified differently and are not checked thoroughly every time they visit. Such frequently visiting packets are by-passed directly to the LAN without being checked by AGW. This is where the configuration lacks and is prone to spoofing attacks. Hence, though it is faster, cannot be used practically. 

Screened Host Firewall Dual Homed Bastion 













This configuration was introduced to overcome the flaw in single homed bastion. Here, in order to enter LAN, every packet must undergo packet filter and AGW checking. Packets are allowed to enter the LAN only after these checks. So, there is no compromise in security but this makes the configuration slow, which becomes the major drawback for the system operations.

Screened Subnet Firewall

This configuration is like a hybrid of above two configurations. Here, two packets filters and one AGW is present which makes up the design of firewall. The packet coming from the internet towards the LAN is checked by the outside filter and AGW while the packet going out from the LAN is checked by the inside filter and AGW. This configuration combines the advantages of both of the above configurations and also overcomes their drawbacks. This is why, it is the best suited for practical use.

Saturday, 20 September 2014

Peeping Into The "Firewall"

This post is aimed at the basic understanding of the Firewall and its types.

What is the purpose of using firewall?
Firewall is just another security guard for the system which prevents the in and out of "bad" elements from our system. A company can have many LANs connected in arbitrary ways, but all the traffic to or from the company must be forced through an electronic drawbridge- firewall.

Types of firewall:

1. Circuit level gateway (CGW)-
This operates at the physical layer of the system.
Since physical layer deals with the bits, its main task is bit-level checking.

2. Packet filter-
It opeartes at the network layer.
The main job is to check the packet headers for errors.

3. Application layer gateway(AGW)-
As the name suggests, it functions at the application layer and performs the job of content based checking where the end user operates.

4.Bastion host-
This one can be said to be a hybrid of CGW and AGW.

The next post is all about the detailed configurations of firewall. Stay tuned, breaching to you soon!

Tuesday, 16 September 2014

TCP Joke?

"Hi, I'd like to hear a TCP joke"
"Hello, would you like to hear a TCP joke?"
"Yes, I'd like to hear a TCP joke"
"Okay, I'll tell you a TCP joke"
"Okay, I'm ready to hear a TCP joke"
"Okay, I'm about to send a TCP joke, that'll last for 10 seconds. It has two characters, it does not have a setting, it'll end with a punchline."
"Okay, I'll get your TCP joke, that'll last for 10 seconds. It has two characters, it does not have a setting, it'll end with a punchline."
"I'm sorry, your connection has timed out"

"Hello, I'd like to hear a TCP joke"

Friday, 5 September 2014

Domain Name Service:Everything To Know

Domain Name Service (DNS) is an application layer protocol used to keep track of computers, resources and services in network environment.
It uses four servers:
  • Local DNS Server: Local server present in the end user's network.  
  • Top Level Domain Server: Holds addresses for domains with extensions .com, .net, .org etc
  • Authoritative Server: System acting as an interface in the particular domain.  
  • Root Server: Holds the addresses of all TLDs.

    DNS uses TCP for replication and UDP for translation since it requires fastness.

  • How Does DNS Work?

    Whenever an end user requests for connecting to a domain on the internet, the request is first transferred to its local DNS server. If it has the information for which user is asking for, it replies immediately and connection is established. If local DNS has no information, the request goes to ISP router to check to see if it has the desired address. The request is then transferred to Root Server, which contains all addresses of Top Level Domains. If the address of domain is still not found, it finally goes to respective TLD server. TLD server will then search for the particular requested domain in its address tables and forward the request to thr Authoritative Server (AS). AS  may be any system in the network of that domain. The reverse connection process starts here. It'll respond back to the TLD server establishing connection in between TLD and AS servers. TLD server will send reply to root server giving it the information about the respective address. Root server in turn will pass on this information to ISP router which sends it to the local DNS server of end user. The end user can now get connected to desired domain. 
    While the address sent by AS to end user, the intermediate servers also add this address to their database and update it. In other words, it is said that this address is cached into these servers. Thus whenever next request is made to same domain, the local DNS server is capable of providing the reply to user avoiding the need to contact further servers.   

    Here's how I can summarize the working of DNS:


    Search This Blog