KULIAH X
FIREWALL
KOM 15008
Keamanan Jaringan
2012/2013
Firewall
• Firewall adalah komponen yang berada di antara dua jaringan.
• Firewall menyeleksi paket-paket yang boleh masuk ke dalam
suatu jaringan.
• A firewall is a hardware, software, or a combination of both
that monitors and filters traffic packets that attempt to either
enter or leave the protected private network
Firewall
Sebuah paket dapat diseleksi berdasarkan:
• Source IP
• Destination IP
• Source Port
• Destination Port
• Protokol (TCP/UDP/ICMP)
• TCP Flag (Syn / ACK)
Filtering Rules - Examples
Policy
Introduction
Firewall Setting
No outside Web access.
Drop all outgoing packets to
any IP address, port 80
External connections to
public Web server only.
Drop all incoming TCP SYN
packets to any IP except
222.22.44.203, port 80
Prevent IPTV from eating
up the available
bandwidth.
Drop all incoming UDP packets
- except DNS and router
broadcasts.
Prevent your network
from being used for a
Smurf DoS attack.
Drop all ICMP packets going
to a “broadcast” address (eg
222.22.255.255).
Prevent your network
from being tracerouted
Drop all outgoing ICMP
6
Access control lists
action
allow
allow
allow
allow
deny
source
address
dest
address
222.22/16
outside of
222.22/16
outside of
222.22/16
222.22/16
222.22/16
outside of
222.22/16
outside of
222.22/16
222.22/16
all
all
protocol
source
port
dest
port
flag
bit
any
TCP
> 1023
80
TCP
80
> 1023
ACK
UDP
> 1023
53
---
UDP
53
> 1023
----
all
all
all
all
Introduction
7
Demilitarized zone (DMZ)
Demilitarized Zone
• Sekumpulan server/komputer yang tetap dapat diakses dari
luar meskipun terdapat firewall di dalam jaringan
Demilitarized Zone (DMZ)
application
gateway
firewall
Internet
Internal
network
Web
server
FTP
server
DNS
server
Demilitarized zone
Introduction
10
Demilitarized zone (DMZ)
DMZ
Networks
Tugas:
• Setting IP Table di Linux
• Matikan dan Nyalakan port 80 dan 21
• Blokir akses dari IP tertentu
• Screenshot buktinya
Terima Kasih