Name: N.

Rajeeva 11B91D4006

Firewall Proxy Server Relationship between Proxy Server and Firewall Types of Firewalls Hardware requirements Software requirements Conclusion

A computer firewall is a router or other communications device which filters access to a protected network. Firewall is also a program that screens all incoming traffic and protects the network from unwelcome intruders.

Firewalls can also be used as access control measures to only allow certain people within the organization access to the Internet. Many firewalls now contain features to control, authenticate and secure users who may want to access a company internal data from the Internet or even another company.

Proxy Server is a computer program that acts as an intermediary between a web browser and a web server. To give users rapid access to popular web destinations

Part of an overall Firewall strategy Sits between the local network and the external network
Originally used primarily as a caching strategy to minimize outgoing URL requests and increase perceived browser performance Primary mission is now to insure anonymity of internal users
Still used for caching of frequently requested files Also used for content filtering

Acts as a go-between, submitting your requests to the external network

Requests are translated from your IP address to the Proxys IP address E-mail addresses of internal users are removed from request headers Cause an actual break in the flow of communications

Internet Service Providers use proxy servers as "holding bins" to store frequently requested pages, rather than going out and fetching them repeatedly from the Net Proxy server is also used to control and monitor outbound traffic

Proxy Server is associated with firewall and also caching program The functions of proxy, firewall, and caching can be in separate server programs or combined in a single package. Proxy Server can be installed in the firewall to get a kind of proxy firewall

 Packet

Filtering Firewalls Proxy Server Firewalls

Packet Filtering is the type of firewall built into the Linux kernel A filtering firewall works at the network level. Data is only allowed to leave the system if the firewall rules allow it. As packets arrive they are filtered by their type, source address, destination address, and port information contained in each packet Many network routers have the ability to perform some firewall services. Filtering firewalls can be thought of as a type of router

Application Proxy SOCKS Proxy

As you telnet to the outside world the client send you to the proxy first. The proxy then connects to the server you requested (the outside world) and returns the data to you

SOCKS is networking proxy protocol that enables hosts on one side of a SOCKS server to gain full access to hosts on the other side of the SOCKS server without requiring direct IP reachability. SOCKS redirects connection requests from hosts on opposite sides of a SOCKS server. The SOCKS server authenticates and authorizes the requests, establishes a proxy connection, and relays data

Packet Filtering Firewalls Proxy Server Firewalls

Filtering firewalls don't require fancy hardware. They are little more then simple routers a 486-DX66 with 32 meg of memory a 250m hard disk (500 recommended) network connections (LAN Cards, Serial Ports, Wireless?) monitor and keyboard

If you need a proxy server firewall to handle lots of traffic, you should get the largest system you can afford a Pentium II with 64meg of memory a two gig hard disk to store all the logs two network connections monitor and keyboard

 Packet

Filtering Firewalls Proxy Server Firewalls

To create a filtering firewall, you don't need any special software. Linux will do The built-in Linux firewall has changed several times, for the newer 2.4 kernel there is a new firewall utility with more features

If you want to setup a proxy server you will need one of these packages Squid The TIS (Trusted Information System) Firewall Toolkit (FWTK) SOCKS

Squid is a great package and works with Linux's Proxy feature

The TIS Internet Firewall Toolkit is a set of programs and configuration practices designed to facilitate the building of network firewalls. The toolkit software is designed to run on UNIX systems

SOCKS can be installed both in NT system and UNIX system RFC 1928 Not a true application layer proxy SOCKS protocol provides a framework for developing secure communications by easily integrating other security technologies

SOCKS includes two components SOCKS server

implemented at the application layer

SOCKS client
implemented between the application and transport layers

The basic purpose of the protocol is to enable hosts on one side of a SOCKS server to gain access to hosts on the other side of a SOCKS Server, without requiring direct IPreachability.

Both firewall and proxy server are used for net work security and facility Proxy server can be a part of firewall