1. Firewall and mikrotik in blocking the site
Advances in technology in the field of information technology is currently growing rapidly, especially in the field of networking. These technological advances encourage companies to increase access control of every part of the company. One example is when the IT Manager creates a user account for each user in order to process the access they have. From this can threaten the security of the system and data from the company contained in the system. One example is when a user on a LAN (Local Area Network) network accesses a website / server that contains bad content on the Internet and then downloads it that the file contains viruses, worms, trojans and so on.
Thus, an attacker can enter and even damage a system that can be bad for the company. Therefore, the need for a software or hardware that can be used as a barrier for the attacker to enter into the system. The following is software or hardware that a network administrator can use to secure the network from outside attacks:
A firewall is a computer network security system that is used to protect computers from several types of external attacks. Firewalls can be implemented in hardware or software or even both. In general, the firewall separates the public network from private networks. Firewalls work by filtering network traffic using IP addresses, port numbers, and protocols. For linux, IP Tables are used for firewalls. Iptables is a tool in a linux operating system that serves as a tool for filtering traffic.
Conceptually, Firewall is divided into two namely:
a. Network Level
This Network Level firewall works based on decisions on the source address, destination address, and port contained in each packet. Network Level Firewall works very quickly and transparently for its users.
b. Application Level
Firewall Application Level is a host that runs as a proxy server which does not allow traffic between networks and can login and auditing any traffic through it. This Application Level Firewall provides more detailed audit reports.
Here are some examples of free Firewall:
a. Ipchains
Ipchains is a user-space portion of the latest Linux package filter code introduced in kernel version 2.1.102.
b. Falcon Project
The Falcon consists of three main modules: the modified proxy Falcon (written in Perl), 3rd-party proxy (squid / qmail / BIND8) for the chroot environment and the general concept for OS hardening.
c. Juniper
Juniper is designed to work on dual homed bastion hosts that do not forwar packets between interfaces. Juniper implements a transparent proxy facility to enable internal machines to access the Internet in a transparent manner as if connected directly to the Internet.
d. Floppyfw
Floppyfw uses basic Linux firewall capabilities that have a simple packaging system. It is suitable for securing the network on ADSL and cables using static IP and DHCP.
e. T.Rex Open Source Firewall
T.Rex Open Source Firewall runs on Linux, Solaris, and AIX. The features offered by T.Rex include support for VPNs (Virtual Private Network), NAT (Network Address Translation), and high proxy applications such as web caching, workload balancing, content filtering, high availability, SOCKS support, and so on.
While below is an example Firewall with commercial version:
a. Checkpoint Firewall-1
Checkpoint Firewall-1 is a suite of security products that support enterprise security, access control, authentication, content security, NAT, Reporting Module, VPN, Intrusion Detection, High Availability, LDAP User Account Management and Third Party Security Device Management.
b. Raptor
Raptor is based on a proxy-based architecture that monitors all traffic at the application level as well as scans all the applications and protocols that are in and out of the network.
c. Xsentry
XSentry 1.1 Firewall consists of XSentry Administration Client and XSentry Firewall Server.
Here are some criteria that are calculated for a firewall to allow a packet of data to pass or not:
a. The IP address of the source
b. TCP / UDP source port
c. The IP address of the destination computer
d. TCP / UDP port destination data on destination computer
e. Information from headers stored in data packets.
2. Configure mikrotik to block certain sites
Step block web address on mikrotik
For example in this Mikrotik with Interface named LAN and WAN . The WAN IP Address is 192.168.42.75 and the LAN IP Address is 192.168.1.1 . More details can be seen in the picture below:
To start Firewall configuration, we select menu : IP - & gt; FIREWALL. Next we can add Firewall settings in Logic .
MAKE A FIREWALL TO BUILD INTERNET ACCESS FROM CLIENT TO A NEW WEB SITES PROHIBITED.
·
Create New Firewall Rules , in "GENERAL" Option , choose Chain: "FORWARD".
·
Lalu kita pilih /
isi Destination Address dengan IP Address dari
websites yang akan kita Block. Misalnya Websites http://www.facebook.com dengan IP Public : 208.87.35.103.
·
Out Interface kita isi dengan interface : WAN.
·
Selanjutnya pada
Option “ACTION”, kita pilih : “DROP”.
- Jadi
Firewall ini berarti : “Jika ada Client dari jaringan LAN kita yang akan
mengakses Websites http://www.facebook.com dengan
IP Public : 208.87.35.103 dengan OUTGOING melalui Interface WAN, maka koneksi ini akan di DROP oleh Mikrotik.
3. Menguji
hasil konfigurasi blok situs tertentu
Buka web browser pada
komputer klien dan ketikkan situs yang telah diblok pada mikrotik dan lihat
hasilnya jika kita masih bisa masuk ke link situs tersebut maka berarti kita
masih belum berhasil memblok situs tersebut, akan tetapi jika kita tidak berhasil
masuk ke situs tersebut maka berarti kita talah berhasil memblok situs
tersebut.
Tidak ada komentar:
Posting Komentar
Keting Komentar Anda disini :