tailieunhanh - Circuit & Application Level Gateways

Also called a Proxy Firewall Acts as a relay for application level traffic Typical applications: Telnet FTP SMTP HTTP More secure than packet filters Bad packets won't get through the gateway Only has to deal with application level packets Simplifies rules needed in packet filter | Circuit & Application Level Gateways CS-431 Dick Steflik Application Level Gateways Also called a Proxy Firewall Acts as a relay for application level traffic Typical applications: Telnet FTP SMTP HTTP More secure than packet filters Bad packets won't get through the gateway Only has to deal with application level packets Simplifies rules needed in packet filter Client connects Gateway does in depth inspection of the application level packet, if connection meets criteria on the gateway rule base packet will be proxied to the server Proxy firewall is directly between the client and the server on an application by application basis ALG Use Many application clients can be configured to use a specific ALG (proxy) by the end user Firefox-Options-Advanced-Network-Connections-Proxy WS/FTP-Connect-Firewall-Proxy Router can be set to forward all application packets to specific proxy Benefit is all user traffic is forced to a proxy User cannot bypass the proxy Additional ALG Benefits Privacy . | Circuit & Application Level Gateways CS-431 Dick Steflik Application Level Gateways Also called a Proxy Firewall Acts as a relay for application level traffic Typical applications: Telnet FTP SMTP HTTP More secure than packet filters Bad packets won't get through the gateway Only has to deal with application level packets Simplifies rules needed in packet filter Client connects Gateway does in depth inspection of the application level packet, if connection meets criteria on the gateway rule base packet will be proxied to the server Proxy firewall is directly between the client and the server on an application by application basis ALG Use Many application clients can be configured to use a specific ALG (proxy) by the end user Firefox-Options-Advanced-Network-Connections-Proxy WS/FTP-Connect-Firewall-Proxy Router can be set to forward all application packets to specific proxy Benefit is all user traffic is forced to a proxy User cannot bypass the proxy Additional ALG Benefits Privacy Outside world only sees the IP of the gateway not the IPs of the end users Prevents foreign hosts from harvesting user addresses for later use in SPAM Especially important for HTTP Ideal place to do logging Circuit Level Gateways Also known as a Stateful Inspection Firewall Session layer of OSI Shim between transport and application layer of TCP/IP Monitors handshake used to establish connections Hides information about internal network Breaks the TCP connection Proxies the TCP connection SOCKS (SOCKetS) RFC1928 Generic proxy protocol for TCP/IP Provides a framework for developing secure communications by easily integrating other security technologies Works for both TCP and UDP (ver. 5) How Does SOCKS Work Client wants to connect to an application server Connects to SOCKS proxy using SOCKS protocol SOCKS proxy connects to application server using SOCKS protocol To the application server the SOCKS server is the client SOCKS Client SOCKS App Server Application Transport Physical Physical .