Студопедия

Главная страница Случайная страница

Разделы сайта

АвтомобилиАстрономияБиологияГеографияДом и садДругие языкиДругоеИнформатикаИсторияКультураЛитератураЛогикаМатематикаМедицинаМеталлургияМеханикаОбразованиеОхрана трудаПедагогикаПолитикаПравоПсихологияРелигияРиторикаСоциологияСпортСтроительствоТехнологияТуризмФизикаФилософияФинансыХимияЧерчениеЭкологияЭкономикаЭлектроника






Scan the text and mark the sentences about






- the principles of classification of firewalls;

- the most advantageous method of prevention access to undesirable internet-resources and blocking external attacks;

- how information exchange between driver and application program is realized.

Text 1. Personal firewall.

Problem of information security in global network is very important today because a lot of personal computers have connection to Internet. This problem can be solved by means of using personal firewall. Firewall is a system which allows dividing network by several parts, and realizing a set of rules determining conditions of information between these parts.

Firewalls can be classified by implementation as software, hardware and mixed type; or by component model as local and distributed. But classification by function layer is the most useful. Here we can determine three types of firewalls: packet filters, application layer servers and session layer gateways.

Session layer gateway represents system translating connections outside. User process connects to firewall when access is gaining. Then firewall connects to outside hub. During the work firewall duplicates incoming and outgoing information. Such system is low efficient and doesn’t grant new network services protection.

Application layer server representsmediator between user process and required service. It passes through all traffic and takes a decision about its safety according to security policy. Such firewall is also low efficient and very expensive.

Packet filtering lies in taking decision of gating or not one or another packet on basis of information about IP-address, source and destination port numbers, flags. Administrator’s task involves charting table of filtering rules. This system has high speed of packet proceeding and low cost.

But independently from type firewall must block all known attacks types. Also it must prevent information outflow if harmful code has already penetrated into computer. Control of access to internet-resources is the best way to save labour time of staff.

The most convenient way to prevent access to undesirable internet-resources and to block external attacks lies in packet filtering. Packet filter is configured to filter incoming and outgoing packets on the basis of information containing in TCP and IP headers. This technology is used because rules of filtering can be configured flexible and speed of packet processing is high. Main disadvantage of packet filter is visibility of net configuration from the internet. But this fact is not relevant for personal computer.

There are two methods of traffic filtering. First method lies in developing user application without creating network protocol driver. Such filters are simple in realization, but they don’t grant adequate protection.

Another method of traffic filtering adverts directly to core. There are several technologies in this group, but we’ve chosen TDI-filter. Such personal firewall represents packet filter and consists of driver and application program.

Driver realizes functions of Transport Data Interface (TDI) and intercepts all addresses to original TCP driver to store information about existing connections. Transport Data Interface represents unified program interface for interconnection between transport drivers (TCP driver, for example) and TDI-clients (servers, network interfaces emulators, redirectors). TDI makes TDI-clients independent from used transport protocols.

Application program reflects information about rules and packets and realizes simple user interface. This program receives information about blocked packets from driver. Information exchange between driver and application program is realized by means of standard functions of Win32 Application Programming Interface.






© 2023 :: MyLektsii.ru :: Мои Лекции
Все материалы представленные на сайте исключительно с целью ознакомления читателями и не преследуют коммерческих целей или нарушение авторских прав.
Копирование текстов разрешено только с указанием индексируемой ссылки на источник.