|
In the world of computer and network security, there are myriad ways to launch an attack, which, from the perspective of
a network, can usually be defined as "traffic that has huge malicious intent." Firewall acts as one of the measure in order
to secure the device from incoming unauthorized data. There are infinite number of computer attacks that no firewall can
prevent, such as those executed locally on the machine by a malicious user. From the network's perspective, there are
numerous types of attack. All the attacks that degrade the effectiveness of data can be grouped into two types: brute force
and precision. The Firewall that belongs to Juniper has the capability to protect against both types of attack. Denial of
Service (DoS) attacks are one of the most well-known network security threats under brute force attacks, which is largely
due to the high-profile way in which they can affect networks. Over the years, some of the largest, most respected
Internet sites have been effectively taken offline by Denial of Service (DOS) attacks. A DoS attack typically has a
singular focus, namely, to cause the services running on a particular host or network to become unavailable. Some DoS
attacks exploit vulnerabilities in an operating system and cause it to crash, such as the infamous Win nuke attack. Others
submerge a network or device with traffic so that there are no more resources to handle legitimate traffic. Precision
attacks typically involve multiple phases and often involves a bit more thought than brute force attacks, all the way from
reconnaissance to machine ownership. Before a precision attack is launched, information about the victim needs to be
gathered. This information gathering typically takes the form of various types of scans to determine available hosts,
networks, and ports. The hosts available on a network can be determined by ping sweeps. The available ports on a
machine can be located by port scans. Screens cover a wide variety of attack traffic as they are configured on a per-zone
basis. Depending on the type of screen being configured, there may be additional settings beyond simply blocking the
traffic. Attack prevention is also a native function of any firewall. Juniper Firewall handles traffic on a per-flow basis.
We can use flows or sessions as a way to determine whether traffic attempting to traverse the firewall is legitimate. We
control the state-checking components resident in Juniper Firewall by configuring "flow" settings. These settings allow
you to configure state checking for various conditions on the device. You can use flow settings to protect against TCP
hijacking, and to generally ensure that the fire-wall is performing full state processing when desired. We take a case
study of attack on a network and perform study of the detection of the malicious packets on a Net screen Firewall. A new
solution for securing enterprise networks will be developed here.
|
