The Futility of Common Firewall Policies James E. Ries, M.S. NLM Predoctoral Fellow March 7, 2000.
-
Upload
gabriel-caldwell -
Category
Documents
-
view
219 -
download
0
description
Transcript of The Futility of Common Firewall Policies James E. Ries, M.S. NLM Predoctoral Fellow March 7, 2000.
The Futility of Common The Futility of Common Firewall PoliciesFirewall Policies
James E. Ries, M.S.NLM Predoctoral FellowMarch 7, 2000
AbstractAbstractMany organizations utilize firewalls to protect their networks from being accessed by unauthorized external entities. These same firewalls are also often configured to deny access to certain external services from within the internal network. The latter policy can be subverted through a protocol "tunneling" strategy, which has been implemented as a set of programs called "Firehole". Organizations should be aware of this kind of technology, and should examine their true goals in denying external services to their users.
OverviewOverviewIntroduction and CreditsWhat are firewalls?Common firewall policiesWhat is “Firehole”?Why did we create Firehole?Future Directions
Overview (cont.)Overview (cont.)ConclusionsReferences
IntroductionIntroductionInformation Systems Security is a
timely issue (see recent DOS attacks).
Healthcare organizations have especially sensitive information, and thus should pay close attention to security policies.
Controversial (I hope).
CreditsCredits“Firehole” project began as a term
project for CECS 383.Development team:
– Jim Ries, M.S., HMI/CECS– Phil Asaro, M.D., HMI– Arturo Guillen, CECS– Jordanka Ivanova, CECS
What are firewalls?What are firewalls?Barrier between secure intranet and
open Internet.Barrier may range from impermeable
to porous, but likely at least somewhat porous.
Barrier typically configured to selectively allow in-bound and/or out-bound traffic.
What are firewalls? (cont.)What are firewalls? (cont.)Screening Routers
What are firewalls? (cont.)What are firewalls? (cont.)Proxies
Common firewall policiesCommon firewall policiesAllow only connection-oriented
traffic which was initiated internally.– This prevents external entities from
accessing internal resources, but allows most client applications to enjoy unrestricted usage.
Common firewall policies (cont.)Common firewall policies (cont.)As above, but also restrict TCP/IP
ports (e.g., HTTP [80], Telnet [23], etc.)– Prevents unknown or “custom”
applications from functioning.– Still allows unfettered internal use
for most applications.
Common firewall policies (cont.)Common firewall policies (cont.)As above, but require all traffic to go
through a proxy.– Provides finer control (e.g., URL filtering).– Facilitates logging (which may give rise
to privacy issues).– Extremely common example is to allow
only HTTP traffic through proxy, thus denying all other applications.
Common firewall policies (cont.)Common firewall policies (cont.)So, why limit internal access to external
resources?– Employees waste time
• Isn't this a job performance issue?– Employees use company resources for
personal reasons.• Isn't this really a benefit?
Will internal limits do any good anyway?
What is “Firehole”?What is “Firehole”?Combination client and server
application which encapsulates arbitrary traffic in HTTP.
Enables arbitrary traffic (e.g., email) to travel through an HTTP proxy.
Requires a server deployed on the open Internet, and a client deployed on the intranet.
What is Firehole? (cont.)What is Firehole? (cont.)
FireHole
Server
FireHole
Client
80
25
119
ClientApplication
Netscape,Outlook
25 119
25
119
80
80
HTTPHTTP
POPSMTP
NNTP
POPSMTP
NNTP
FireWall &
Proxy
Server
News
Server
What is Firehole? (cont.)What is Firehole? (cont.)Performance
Why did we create Firehole?Why did we create Firehole?Make administrators aware of this
technology.Argue for properly motivated access
policies.Aren’t you guys really just a bunch of
hackers?– What if we called it an “Email
Gateway”?
Future DirectionsFuture DirectionsAdd encryption.
– Prevents internal “eavesdropping”.– May thus make Firehole useful even for
native HTTP traffic.– Prevents external eavesdropping.
Improve performance.– Support persistent connection.– Support anticipated response.
Future Directions (cont.)Future Directions (cont.)Support asynchronous applications
through polling (e.g., Telnet).– Polling raises additional security
concerns.Direct Microsoft Outlook plug-in.
– Seamless client configuration.
Future Directions (cont.)Future Directions (cont.)Consider commercial subscription-
based server.– Provide server on open Internet for
annual fee; give client away.– Legal issues?
Maybe give the thing away entirely to make our points.
ConclusionsConclusionsFirewalls can block external access
to internal resources, and this is appropriate.
Firewalls are often overly restrictive in limiting internal access to external resources.
Conclusions (cont.)Conclusions (cont.)Internal access to the Internet in
ANY form can be utilized to achieve arbitrary access to the Internet.
Administrators should be aware of this fact, and should consider their motivation for limiting access.
ReferencesReferencesFirehole home page http://riesj.hmi.
missouri.edu/Firehole/“Firewalls” by Chapman, Zwicky
http://www.sunworld.com/swol-01-1996/swol-01-firewall.html
Internet Firewalls and Network Security by Siyan, Hare, New Riders Publishing, 1995.