This document discusses firewalls and their architecture. It covers common firewall threats like viruses, worms, and denial of service attacks. It explains the differences between internal and external threats and provides examples of common firewall rules. It also summarizes common firewall architectures like screening routers, screened hosts, and DMZ setups with one or two firewalls. Finally, it lists some common firewall attacks like DNS spoofing, session hijacking, and buffer overflows.

1. SETIA JULI IRZAL ISMAIL,
jul@tass.telkomuniversity.ac.id
TK 3193-KEAMANAN JARINGAN
Semester Ganjil 2015/2016
FIREWALLFIREWALL
Hanya dipergunakan untuk kepentingan pengajaran di lingkungan Telkom University

2. Tembok ApiTembok Api

3. AncamanAncaman
●Virus
●Worm
●DOS
●Cracker

4. Internal Vs ExternalInternal Vs External

5. Contoh RulesContoh Rules
● Blok paket masuk dari alamat pengirim/ penerima
tertentu
●Blok paket keluar dari alamat pengirim/ penerima
tertentu
●Blok paket berdasarkan isi paket
●Membuka akses ke internal resource tertentu
●Membuka koneksi ke jaringan internal
●Melaporkan semua aktifitas jaringan

6. UkuranUkuran
●Firewall personal
●Firewall unit
●Firewall perusahaan

7. IPTablesIPTables

8. IPTables (2)IPTables (2)

9. Contoh RulesContoh Rules
●Allow semua akses ke semua Website
●Allow outgoing email dari internal mail server
●Drop semua akses outgoing kecuali ke email dan website
●Drop semua incoming akses kecuali ke public web server
●Log semua akses ke website luar
●Log semua koneksi yang diblok Firewall

10. Contoh Rules (2)Contoh Rules (2)

11. ARSITEKTUR FIREWALL

12. SCREENING ROUTERSCREENING ROUTER
Row 1 Row 2 Row 3 Row 4
0
2
4
6
8
10
12
Column 1
Column 2
Column 3
•Paketfilter
•Allow Outgoing
•Filter Incoming
•2 Interface
•ACL
•Kekurangan Single Point
of Error (SPoE)

13. SCREENING ROUTER (2)SCREENING ROUTER (2)

14. Screened HostScreened Host

15. DMZ (De-Militerized Zone)DMZ (De-Militerized Zone)
•Zona Khusus
•Layanan Publik (Web
Server, Mail Server ,
DNS, FTP, VOIP)
•Melindungi Jaringan
Internal
•DMZ – Internal dibatasi
•DMZ – Internet

16. DMZ (2)DMZ (2)
•Konfigurasi security ancaman Eksternal
•Ancaman Internal (Sniffing & Spoofing)
•Proxy Server

17. DMZ – 1 FirewallDMZ – 1 Firewall
•3 Zone
•Single Point of Error

18. DMZ – SubnetDMZ – Subnet

19. DMZ – 2 FirewallDMZ – 2 Firewall
● Front –End
● Allow Traffic to DMZ
● Back End
● DMZ – Internal
● Lebih aman
● Multi Vendor
● Biaya

20. DMZ – MultipleDMZ – Multiple

21. DMZ – Multiple (2)DMZ – Multiple (2)

22. 2 Firewall – 2 DMZ2 Firewall – 2 DMZ

23. ANCAMANANCAMAN
● DOS
● IP Spoofing
›Tabel
● ARP Spoofing
›Statik
● Session Hijacking
● Buffer Overflow
● SQL Injection

24. REFERENSIREFERENSI
Buku Bacaan Wajib (BW)
1 Engebretson, P. (2011). The Basic of Hacking and Penetration
Testing: Ethical Hacking and Penetration Testing Made Easy.
Syngress.
2 Stallings, W. (2010). Network Security Essentials:Applications
and Standards 4th Edition. Prentice Hall.
Buku Bacaan Anjuran (BA)
3 Beale, J. (2007). Snort IDS and IPS Toolkit. Syngress.
4 Rash, M. (2007). Linux Firewalls: Attack Detection and
Response with Iptables, psad and fwsnort. No Starch.