Upload File

1 實驗九:建置網路安全閘道器 教師: 助教:. 2 outline background proxy – squid...

  • Home
  • Documents
  • 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN
10
1 實實實 實實實實實實實實實 實實實實

Upload: marylou-sharp

Post on 02-Jan-2016

230 views

Category:

Documents


13 download

Report

TRANSCRIPT

Page 1: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

1

實驗九:建置網路安全閘道器

教師:助教:

Page 2: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

2

Outline

Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment

Internet gatewayFirewallVPN network

Page 3: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

3

Background (1/2)

Proxy Acts as a gateway between a local area network and the Internet Transparent Proxy

Clients forced to pass through proxy for monitoring purpose Security control

ACL (Access-Control-List) A list of permissions attached to a URL or a website

ICP (Internet Control Protocol ) Tracks the internet address of nodes, routes outgoing messages, and recognizes incoming messages

Firewall Use static policies to filter specific traffic types Filter parameters consist of

Source and target address Ports Direction Protocols

Page 4: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

4

Background (2/2)

VPN A VPN can send data across secured and encrypted private channels

between two points over a public network. Used to provide secure communication

TunnelingEncryption & DecryptionKey management IPSec

Page 5: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

5

Proxy – Squid

The most popular open-source proxy server Support

ICP (Internet Control Protocol) Transparent Proxy

Page 6: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

6

Firewall – IPTables

Rule-based packet filter Three types chain of rules

Input chain – Input packet rule control chain Output chain – Output packet rule control chain Forwarding chain – IP masquerade packet rule control chain

Three types chain of rules on NAT table Prerouting chain – Rule control chain before routing packets Postrouting chain – Rule control chain after routing packets Output chain – Rule control chain for output packets

Page 7: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

7

VPN – OpenVPN

A famous VPN software of Linux Support IPSec technique Support to separate multiple tunnels Client-Server based

Through VPN software

Page 8: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

8

Experiment – Internet gateway

Configure security gateway to manage traffic Add three rules

Adult websites Denial of a part of a computer’s connections Denial of downloading

Environment setup

Our Linux gateway

Page 9: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

9

Experiment – Firewall

Prevent hackers’ attacks Use IPTable’s rules to filter the attack packets Deny the ping packets from outside

Environment setup

Page 10: 1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline Background Proxy – Squid Firewall – IPTables VPN – OpenVPN Experiment Internet gateway Firewall VPN

10

Experiment – VPN Network

Connect two networks using VPN Install the VPN software on two linux servers Configure the tunnel parameters Build security connections between LANs

Environment setup


Nokia Firewall VPN Appliances

Firewall VPN

RV120W Wireless-N VPN Firewall

VPN- Next-Generation Firewall (NGFW)forum.alliedtelesis.ru/MY/Presentations/2016/... · Next-Generation ARxxx AlliedWare NGFW AR3050S/AR4050S VPN Firewall AR2010V/AR2050V AlliedWare

Firewall/VPN PDF

VPN Firewall User’s Manual - support.aboway.com.twsupport.aboway.com.tw/products/firewall/fw550/FW550_Eng_Manual… · VPN 153 IPSec Autokey 154 PPTP Server 231 PPTP Client 237

Endian Firewall & TheGreenBow VPN Client

Le firewall Technofutur. Table des matières Schémas du réseau Routage sans VPN Routage avec VPN Le NAT Le firewall

Industry Firewall with VPN Router Industry Network Storageebook.nexcom.com/Catalog/2016_Industry_Firewall_with_VPN_Rout… · Industry Firewall with VPN Router Industry Network Storage

Cisco PIX Firewall and VPN Configuration Guide

Juniper Networks Integrated Firewall/VPN Platforms

IFA 3610 - Router/ VPN/ Firewall - Data Respons IFA 3610 - Router/ VPN/ Firewall Author Nexcom Subject IFA 3610 - Industrielle Firewall und Router mit VPN Keywords IFA 3610, Router,

CISCO PIX 506e Firewall and VPN Manual

SuSE Linux Firewall on CD — VPN Editionleotardi.ddns.info/html/lan/download/USE Linux Firewall VPN Manual.pdf · SuSE Linux Firewall on CD ... 3.3 New Installation of the SuSE Linux

Network Planning Guide for ProSafe VPN Firewall Router …support.netgear.cn/Upfilepath_sc/fvx538_planning_guide.pdf · Network Planning Guide for ProSafe VPN Firewall Router FVX538

NETGEAR CONFIDENTIAL FVS338 ProSafe VPN Firewall 50

LinkTrust Firewall/UTM X3-X5 VPN Router & GreenBow IPSec VPN Client Software Configuration

What is a Firewall? Firewall, VPN, Firewall, VPN, IDS ...abc/teaching/bbs677/slides/...Firewall, VPN, Firewall, VPN, IDS/IPSIDS/IPS Ahmet Burak Can Hacettepe University [email protected]

Industrial secure routers with firewall/NAT/VPN

Manual NETGEAR prosafe_fvs338 (VPN firewall).pdf

Configure the VPN Firewall for Internet Access · ProSafe Wireless N VPN Firewall FVS318N Follow these instructions to set up your VPN firewall. • For cable modem service. You must

OC VPN Firewall-1

Nokia Firewall/VPN Appliances with Check Point VPN-1 NGX R65commoncriteriaportal.org/files/epfiles/st_vid10137-st.pdf · governed by the firewall. Nokia Firewall/VPN Appliances combine

SECURE FIREWALL AND VPN - Deerfieldftp.deerfield.net/marcom/winroute_firewall/WinRoute...Kerio WinRoute Firewall 6 is an integrated firewall, VPN Server, anti-virus and content filter

Configuration Guide SOPHOS XG Firewall - TheGreenBow · 1.4 SOPHOS XG Firewall VPN Gateway Our tests and VPN configuration have been conducted with SOPHOS XG Firewall version 5.5

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual · Advanced VPN Support for Both IPsec and SSL ... ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual v1.0,

Juniper Networks Firewall/VPN Buyers Guide

ISDN DSL Firewall VPN - AVM Deutschland

NETGEAR CONFIDENTIAL FVX538 ProSafe VPN Firewall 200

Alcatel-Lucent Alcatel-Lucent VPN Firewall Bricks 150, … · The Alcatel-Lucent Virtual Private Network (VPN) Firewall ... 2008 Alcatel-Lucent VPN Firewall ... Virtual Local Area

Package Contents Configure the VPN Firewall for Internet ...€¦ · Installation Guide ProSafe 8-Port Gigabit VPN Firewall FVS318G Follow these instructions to set up your VPN firewall

[Peerates.net] - eBook - LINUX - SUSE - Firewall VPN Manual

Брошюра UserGate Proxy & Firewall VPN GOST

Firewall/VPN Symantec Modèles 100 / 200 / 200Rfoxclan69.free.fr/eBook/Symantec/Symantec_FireWall_VPN_100_200… · Firewall/VPN Symantec Modèles 100 / 200 / 200R Guide d’installation

Cisco Pix Firewall and VPN Configuration Guide 6.3