Network Router Security Packeting Filtering OSI Model 1

  • Slides: 15
Download presentation
Network Router Security Packeting Filtering

Network Router Security Packeting Filtering

OSI Model 1. It is the most commonly refrenced protocol model. It provides common

OSI Model 1. It is the most commonly refrenced protocol model. It provides common ground when describing any network protocol. 2. It has seven layers: application, presentation, session, transport, network, datalink, physical layers. Each layer performs a specific function and then passes the result on to another layer. A sending station passes its data down to the lower layers, appending its own information to it. At the receiving station, the process happens in reverse.

Network Layer 1. It has two basic function: Logic network addressing, Routing. a. Logic

Network Layer 1. It has two basic function: Logic network addressing, Routing. a. Logic network addressing is protocoldependent. It translates logical addresses and names into physical addresses b. Routing using Routing table of the router to control inbound or outbound traffic. It also determines which path the data should take based on network conditions, priority of service, and other factors. 2. Packet filtering happens at Network Layer.

IP addressing 1. It is a Network layer-defined logical address through DNS. 2. It

IP addressing 1. It is a Network layer-defined logical address through DNS. 2. It takes decimals number from 0 to 255 to identify the addresses of the network and the host. 3. IP addressing is divided into classes. 4. The subnet and class addressing defines IP network address and host address.

Routing 1. A router will maintain a routing table of all known networks. It

Routing 1. A router will maintain a routing table of all known networks. It is a multiport device that makes decisions on how to direct the data based on protocol and network address. 2. Router is placed at the borders of a network segment. The CRC check is performed to ensure thst bad frams are not propagated through out the network. 3. Router has ability to block broadcast unless it is configured to forward all frames.

Routing-Contiued (example)

Routing-Contiued (example)

Routing-Contiued 1. System B broadcast a route request query to system F. Router 1

Routing-Contiued 1. System B broadcast a route request query to system F. Router 1 acts as System B’s only destination and adds its own MAC address as source address and puts Router 2’s MAC adress in its destination field. 2. Strips off the header and trailer of the previous data beacause new destination address and new CRC have been applied to the original data. .

Pocket 1. A packet is a unit of information transmitted as a whole from

Pocket 1. A packet is a unit of information transmitted as a whole from one device to another on a network 2. When the data passes down the OSI model, at each layer, information relevant to that layer is added to the data. This information is for the corresponding layer in the receiving computer to reassembles. 3. It has three components: Header, Data, Trailer.

Packet-Contiued 1. Header includes: an alter signal to indicate that the packet is being

Packet-Contiued 1. Header includes: an alter signal to indicate that the packet is being transmitted; the source and destination address; clock information to synchronize transmission. 2. Data: actual data must be broken into chunks to fit into packet. 3. Trailer usually contains checking component called CRC(Cyclical Redundancy Check).

Packrt Filtering 1. Static packet filtering: Controlling access to a network by analyzing the

Packrt Filtering 1. Static packet filtering: Controlling access to a network by analyzing the incoming and outgoing packets and letting them pass or halting them based on the IP addresses of the source and destination. 2. It parse the headers of a packet and then apply rules from a simple rule base to determine whether to route or drop the packet.

Packet Filtering-Contiued 3. Generally, the header fields that are available to the filter are

Packet Filtering-Contiued 3. Generally, the header fields that are available to the filter are packet type (TCP, UDP, etc. ), source IP address, destination IP address, and destination TCP/UDP port. 4. Routing table format: Action Sour- Port Dest- Port Type deny xxx (type) allow xxx (type)

Static packet filtering (example) Rule Dir Type Src. Addr Dst. Addr Src. Port Dst.

Static packet filtering (example) Rule Dir Type Src. Addr Dst. Addr Src. Port Dst. Port Act A in TCP External Internal >=1024 25 Permit B out TCP Internal External 25 > =1024 Permit C out TCP Internal External >=1024 25 Permit D in TCP External Internal 25 >=1024 Permit E either any any any Permit

Packet Filtering-Contiued 1. Stateful Inspection(Also referred to as dynamic packet filtering): It tracks each

Packet Filtering-Contiued 1. Stateful Inspection(Also referred to as dynamic packet filtering): It tracks each connection traversing all interfaces of the firewall and makes sure they are valid. 2. It may examine not just the header information but also the contents of the packet up through the application layer in order to determine more about the packet than just information about its source and destination.

Packet Filtering-Contiued 3. It also monitors the state of the connection and compiles the

Packet Filtering-Contiued 3. It also monitors the state of the connection and compiles the information in a state table. 4. Unlike static packet filtering, it closes off ports until connection to the specific port is requested.

Conclusion For static packet filtering, since it is based on source IP address, a

Conclusion For static packet filtering, since it is based on source IP address, a certain denied IP source address can use dynimic IP addressing to bypass a router. For statefull inspection firewall filtering, since it may examine the contents of a packet as well, the words contents can be converted into graphics to avoid router filtering.