Web server, mail….(traffic to Internet)

Web server, mail….(traffic to Internet)

PAT : Port Address Translation (I)

PAT : Port Address Translation (II)

• Connections are open from an exterior host

• Translation table

• Use of lesser public addresses

• Flexible management of server ports

Masking (I)

Masking (II)

• Connections are open by internal hosts

• Dynamic connection table (IP address + source port number)

• One single address is known outside (the FW address)

• Spare IP addresses

Hacking… and security tools (I)

• Network auditing (probing)

• Checks if the network presents security weaknesses (accessible ports, badly configured services, etc.)

• Network/Host Intrusion Detection Systems (NIDS/HIDS)

• NIDS can be put before the FW, on the DMZ, on the internal network
• NIDS are based on intrusion signatures and statistics (abnormal behavior)
• HIDS on sensitive hosts e.g. bastions, application servers