firewall full report - Printable Version +- Free Academic Seminars And Projects Reports (https://easyreport.in) +-- Forum: Project Ideas And Disscussion (https://easyreport.in/forumdisplay.php?fid=32) +--- Forum: Engineering Project Ideas (https://easyreport.in/forumdisplay.php?fid=33) +---- Forum: Computer Science Project Ideas (https://easyreport.in/forumdisplay.php?fid=36) +---- Thread: firewall full report (/showthread.php?tid=29728) |
firewall full report - jubin - 08-17-2017 [attachment=2432] FIREWALL MINI PROJECT REPORT- 2006 by: Submitted by: ijesh.P.S AMRITA SHANKAR ANJU P ALIAS SATHU G RAJAN VIDYA RADHAKRISHNAN Synopsis We presented the design and implementation of the FIREWALL that features high scalability, a variety of scanning methods, easy deployment and extension, distribution of intelligence and compatibility with existing network management systems. It implements a distributed architecture that consists of various-level entities, such as sensors, collectors and analyzers. Collectors gather the audit data and analyzers inspect them for intrusive behavior. Collectors are composed of a controller and a number of sensors. The sensors are lightweight processes that perform the actual data collection. The gathered data is stored in a data repository and is transmitted to the zers through the SNMP protocol. The IDS MIB contains the audit data as well as the sensors' configuration information'. The CPU load is divided among the nodes of the system and audit information is aggregated as it -:-e> from lower-level entities to higher-level ones. The controller itself performs a preliminary analysis of the data, based on elementary rules specified in the MIB. The analyzers consist of a communications module, a data repository, a rule base, a network topology base, an inference engine aad a visualization module. The system can currently detect UDP or TCP packet flooding, TCP and UDP port scanning, attempts to retrieve various Sjrstem files containing sensitive information, unauthorized zone transfers, CONTENTS 1.INTRODUCTION 2. REQUIREMENT ANALYSIS 2.1 .LANGUAGE REQUIREMENTS ' 2.2.FEATURES OF VB.NET 2.3.SYSTEM REQUIREMENTS 2.3.1 .HARDWARE SPECIFICATION 2.3.2.SOFTWARE SPECIFICATION 3.DESIGN MODULES 3.1.SYSTEM DESIGN 3.2.PACKET MONITORING 3.3 .ALERTING 3.4.PACKET SNIFFING 4DE5IGN FORMS 4.1 .PACKET MONITORING FORM.. 4.2.PACKET SNIFFING FORM ZONCLUSION itlMBLIOGRAPHY AND WEBLIOGRAPHY \ INTRODUCTION JDW&ftft gV%V%VLJlM COLL<Eg<E OT <ENgi'm(E<RJ!Hg, 'KJKDA(YI<RP(P^V The Project "firewall" can be used as a server or a client side application which is in this context used by the systems administrator for surveying the systems on the network that are presently connected and vulnerable to attack Firewall is a software application that watches the traffic in between the server and host machine and examines against the patterns of suspicious activity. Typical port scanner software requires a separate installation and a highly specific and dedicated system to watch packets traveling across a single network segment. The system only monitors the network segment it is installed on. All firewall systems which were tested were found to be susceptible to packet spoofing which tricks the server into thinking packets have come from a trusted host, or into using its intrusion-detection counter measures to cut connectivity to legitimate sites. Detection mainly via sending packets (requests) and collecting responses from client machines about packets and thereby getting a detail report about the port to which the packet was send across the Network. When one machine sends its request, the request is encapsulated in an 'IP packet'. The 'IP packet' consists of two parts, i.e. header and data part. The header part consists of all information of data i.e. the 'Source IP Address' and 'Destination IP Addresses', the send time and checksums. This can be used for analyzing data integrity. wfn. yymjietA90i gv<Rjo%x>LjiM coLL<Eg<E oTKwgim.'EWNg, KAcDjmnivUQW The 'TCP-IP Protocol Suit' is responsible for converting low-level Network Frames into Packets and Segments. TCP is an independent, general-purpose protocol. Since TCP makes very few assumptions about the underlying network, it is possible to use it over a single network like an Ethernet as well as over a complex Internet, It is a communication protocol. A connection consists of virtual circuit between two application programs. TCP defines an end point to be a pair of integers (host, port). It defines various protocols they are TCP, UDP, ICMP, IGMP TCP TCP is a connection oriented reliable protocol. For sniffing purpose like sniffing the details of a packet based on 'TCP' protocol. It would list out the following details of the packet. Source IP, Destination IP, Source Port, Destination Port, Sequence, Acknowledgement UDP For sniffing purpose like sniffing the details of a packet based on 'UDP' protocol. UDP is a connectionless unreliable protocol. It would list out the following details of the packet. Source IP, Destination IP, Source Port, Destination Port, LENGTH J^DIWm gV'Rp'KVLJtM COLL(Eg<E OT <EWgiMM;<RJWg ICMP For sniffing purpose like sniffing the details of a packet based on 'ICMP' protocol. It would list out the following details of the packet. Source IP, Destination IP, Source Port, Destination Port IGMP For sniffing purpose like sniffing the details of a packet based on 'ICMP' protocol. It would list out the following details of the packet.Source IP, Destination IP, Source Port, Destination Port. Firewall policies must be realistic and reflect the level of security in the entire network .For a firewall to work, it must be a part of a consistent overall organizational security architecture. A firewall cannot replace security-consciousness on the part of your users. Firewall is a software/hardware which functions in a networked environment to prevent unauthorized access. Its goal is to provide controlled connectivity between internet and internal network. This is acquired by enforcing a security policy .A firewall is that it implements an access control policy .A firewall is a system or group of systems that enforces an access control policy between two or more networks . TYPES OF FIREWALLS There are three basic types of firewalls depending on: -> Whether the communication is being done between a single node and the artwork, or between two or more networks. -^Whether the communication is intercepted at the network layer, or at the :ri.n layer. Whether the communication state is being tracked at the firewall or not. .1 Yjim gWRVKVLJUM COLLKgZ OT <ENgiWE<E<RJNg, XACDfl'Yiq&qmJ MAJOR FIREWALLS -^NETWORKING FIREWALLS-normally running on a dedicated network device or computer positioned on the boundary of two or more networks or DMZs (demilitarized zones). Such a firewall filters all traffic entering or leaving the connected networks. ->PERSONAL FIREWALLS-a software application which normally filters traffic entering or leaving a single computer. NETWORK LAYER FIREWALLS Network layer firewalls operate at a (relatively) low level of the TCP/TP protocol stack as IP-Packet filters. They do not allowing packets to pass through the firewall unless they match the rules .The firewall administrator may define the rules .In some inflexible firewall systems, default built-in rules can be applied. Another way is by allowing any packet to pass the filter as long as it does not match one or more "negative-rules", : : "deny rules". Today network firewalls are built into most computer cperating system and network appliances. APPLICATION LAYER FIREWALLS Application-layer firewalls work on the application level of the TCP IP stack. It may intercept all packets traveling to or from an application. They block other packets, usually dropping them without acknowledgement to the sender. In principle, application firewalls can . ent all unwanted outside traffic from reaching protected machines. For a packet of information to be received by a computer across the internet, the packet must include a port number. This identifies the artwork service required to receive the packet. For example if a computer is running an FTP network application ,it can receive packets containing the FTP port number. If no FTP network application is running the computer .: - receive FTP packets. All network applications are assigned a port number. FTP uses port 21,TELNET uses port 23 and so on. There are a total of 64000 ports.A computer receiving a packet must determine which application uses the port amber or service. If there is a network service running that can receive the packet ,the computer can receive information on that port. A common first Step to gaining access to a computer is to run a port scanning program against the computer. The port attempts to communicate with the computer _ r ; vh communications port and reports back the port that receive aafermation. Knowing which ports receive information lets an intruder know wrnch network service can be used to access the computer. \9/xmji gVwJuVLjiM coLL%g% oi 'EKgimmwifQ \ / REQUIREMENT ANALYSIS / \ - ' .j ri%3 gvwtiVrjiM coLL<Eg<E ot <ENgim,<E$jNg Language requirements Considering the nature and complexity of the project it must be implemented in a language that has the following characteristics 1 Automatic memory management-The CLR provides the garbage collection feature for managing the life time of an object. 2.Standard Type System- The CLR provides a formal specification called the common type system(CTS). The CTS is an important part of the support provided the CLR for cross-language integration because it provide a type system that is common across all languages. 3. Language Interoptability -Language Interoptability is an ability of an application written in different programming language. It helps maximize code reuse . 4-Platform Independence- When you compile a program developed in a language that targets a CLR. the compiler translates the code into an intermediate language 5.Security Management- The traditional operating system security model provides permissions to access resources, memory and data based on user accounts. This approach is useful in the context of application that are installed from physical media such as a CD-ROM 6.Type Safety- This feature ensures that objects are always accessed in compactable ways Therefore the CLR will prohibit a code from assigning a 10-Byte value to an object that occupies &-bytes ' Features ofVB.NET 1. VB.NET is a powerful robust object oriented language and comes bundeled with a rich set of namespaces in .net framework from Microsoft, 2. Inheritance-It is possible to create a base class in any language and inherit its properties in a derived class created using another language.This feature provides advantage of code reusability across lanauases. 3. Oveiioading-It allows to have multiple implementations of a method. 4. Overriding-It provides a new implementation of an inherited member in a derived class. 5. Structured Exception Handling-It supports exception handling that consists of protected blocks of code and filters for possible exceptions that can be raised by the program 6. Multithreading-It provides full support for creating multithreaded applications. v*3f nrjaw gvouuicucjiM. collieq<e or (ENgiWEcE%wg, xftcDAraqyumpv seamless Deployment With VISUAL BASIC .NET and new auto - wnload deployment, Windows - based applications can be installed and executed simply by pointing a Web browser to a URL. More Robust Code VISUAL BASIC .NET delivers the feature most requested by existing Visual Basic developers - fewer bugs in the code they wnte. Features in the new Visual Studio.NET IDE, such as the real - time background compiler and the task list, keep Visual basic developers up - to - date on any coding errors as they occur, enabling quick and effective error resolution. Enhancement to the Visual Basic language, such as strict type checking and structured exception handling, enable developers to write code that is more robust maintainable, and less prone to run - time errors. Powerful Windows - based Applications Visual Basic .NET is the most productive tool for constructing powerful Microsoft Windows - based applications. gVtRVlOJLJlM COLC<Eg<E OT cENgi!NlEcE<RJNg, tKA<DJL<n%p<P<PV Complete, Direct Access to the Platform VISUAL BASIC NET provides complete, direct access to the Microsoft. NET Framework, enabling Visual Basic developers to quickly access the registry, event log, performance counters, and file system. Simplified Component Creation VISUAL BASIC NET brings RAD to component development. Developers can use non-visual toolbox and server explores components to easily incorporate resources and performance counters into their applications without writing a single line of code. Enhanced Control Creation VISUAL BASIC .NET provides unprecedented flexibility in building customized user controls. Developers can easily extend pre existing user controls and Windows Forms controls as well as design their own controls that generate custom user interfaces Integrated Reporting with Crystal Reports Upgrading to Visual Studio. NET Professional Edition provides Visual Basic developers with the power of Crystal Reports directly within the IDE. Crystal Reports delivers the most productive, 97* . WJ1LL integrated, and RAD experience for creating highly graphical and interactive relational data reports. These reports can be generated for the entire array of VISUAL BASIC .NET application types, including Windows, Web and mobile applications. Easy Web - based Application Development VISUAL BASIC .NET delivers "Visual Basic for the Web". Using new Web Forms, we can easily build true thin - client Web - based applications that intelligently render on any browser and on any platform. Web Forms deliver the RAD programming experience of Visual Basic 6.0 forms with the full power of VISUAL BASIC .NET rather than limited scripting capacity. SYSTEM REQUIREMENTS Hardware Specification Requirements vary for different combinations of components within Visual Studio .NET 2003. Review the table below to determine the num system requirements for running Visual Studio .NET 2003. Processor : Pentium 4 RAM :256 GB Hard disk : 10 GB or above Scftwire Specification Development tools : Microsoft Visual Studio 2003. Operating system : Windows 2000,Windows XP ucwwc* gzWKVfjiM coLL<Eg<E Q&wfgim&wwg f&WYjlNjl gVldUXVLJUM COCL'Eg'E OT 'ENgiWE'E'RJNg SYSTEM DESIGN System design deals with the user interactive part of the Firewall. Firewall project consist of 3 phases. They are Packet monitoring Alerting Packet sniffing (packet monitoring phase deals with checking of data coming from one computer to another computer. Data transfer takes place in the form of small packets. These packets are captured and monitored in tins phase. jLCerting phase consist of checking all the coming from other computer for intruder, if any intruder is detected then an alert message is flashed to the user. Packet sniffing deals with revealing of a packet about its properties if the user wants to see itThese phases displayed in forms, 1 .Packet monitoring form 2.Packet sniffing form PACKET MONITORING Packet, in computer communications , the basic unit of data over a network such as Internet .A message to be transferred the network is broken up into small units, or packets .by the sending ter. The packets , which travel independently of one another are with the sender's address , destination address , and other pertinent - ivon . including data about any errors introduced during the transfer, the packets arrive at the receiving computer, they are reassembled. transfer through Internet ill mformation is transmitted across the Internet in small units of data called Software on the sending computer divides a large document into packets for transmission; software on the receiving computer regroups packets into the original documents. Similar to a post card each two parts: a packet header specifying the computer to which the should be delivered and a packet pay load containing the data being The header also specify how the data in the packet should be combined data in other packets by recording which piece of a document is in the packet. A series of rules known as computer communication protocols how packet headers are formed and bow packet processed. The set of used for the Internet are named TCP/TP after the two most protocols in the set: the Transmission Control Protocol and the Protocol. Hardware devices that connect networks in the Internet are IP routers because they follow the IP protocol when forwarding A router examines the header in each packet that arrives to the packet's destination- The router either delivers the packet to ion computer across a local network or forwards the packet to router that is closer to the final destination. Thus, a packet travels router to router as it passes through the internet. TCP IP protocols enable the Internet to automaticalK detect and transmission problems For example, if any network or device s. protocols detect the failure and automatically find an e path for packets to avoid the malfunction Protocol software ahe ens .res mat data arrives complete and intact. If any packets are tds Jf damaged, protocol software on the receiving computer r est5 mat the source resend them Only when the data has arrived cocretlh does the protocol software make it available to the receiving iTTOcarjoo program, and therefore to the user. To be connected to the Internet, a computer must be resigned a unique number, known as its fP(Internet Protocol) address. packet sent over the Internet contains the IP address of the computer to it is being sent. Internet routers use the address to determine how to die packet Users almost never need to enter or view IP address Instead, to make it easier for users, each computer is also assigned a name: software automatically translates domain names into - ess. C em Server Architecture Internet applications , such as the web, are based on the concept of cheat sers er architecture. In a client/server architecture some application act as information providers^servers), while other application act as information receivers(clients).Tbe chent/server architecture one-to-one. That is a single client can access many different servers single server can accessed by a number of clients. Usually , a user runs application such as a Web browser, that contacts one server at a time wo obtain information. Because it only need to access one server at a time , dm software can run on almost any computer, including small handheld devices such as personal organizers and cellular telephone^these devices are called Web appliances) To supply information to others , a must run a server application. Although server software can run on ft computer most companies choose large ,powerful computers to run software because the company expects many clients to be in contact > server at any given time. A faster computer enables the server 10 return information with less delay. .%HttW QVXUKVCJXM COrjLKgKOT<ENG19fE<E<1U9X; ' ALERTING ' Alerting phase deals with the user interactive part of the firewall .It is to make the user aware of the coming intruder .It gives the user an alert box saying that there is an intruder , who is trying to hack the data without the prior knowledge of the user or administrator .This phase also deals with the unauthorized access to a computer ,that is , preventing the unauthorized access to the computer. In the initial phase ,we scan the packets of data coming from other computer .Here the packets are checked for any intruder based on their IP address. A set of valid IP addresses are compared with the coming IP addresses. Mismatching addresses are considered as an intruder. An alerting message is displayed on the window to inform about the intruder to the user. A common method of attacking involves imitating the address of a trusted host in order to gain access to protected recourses. When spoofing an IP to crack into a protected network, we can detect an IP spoofing by monitoring the packets. If a packet on the external interface that has both ,the source and destination address in the local domain then alert the user that someone is tampering with the system. :: ' I'VjimyiJOi gv<faJ%%)Lj[M coLL<Eg<E oT<E!HgiN]E,<E<Rj!Kg, %AWYI<rp<P<PV PACKET SNIFFING Sniffing involves observing and gathering compromising information about network traffic in a passive way. Any node on a non-switched Ethernet can do this . Sometimes . Aork problems require a sniffer to find out which packets are hitting a system. It helps to solve network problems especially if a source or destination address is already known. Firewall does not prevent people from sniffing the external network, however. The firewall keeps external from breaking into the internal network , this effectively prevents rternal people from running sniffers on the internal network. Sniffing the packets individually from the monitored packets to get all the necessary information about the selected packet. The information includes packet delay,time to live,source i: cess, destination address etc. ->:: ' ''Vow gv<RVnVLjiM COLLET, oT<E!HgiWE(E<Rj!xg forms monitors all the packets transferred across the network. Along with the packets destination address and source address in nbc monitored packets Time of sending, protocol .length of the are also noticed. PACKET SNIFFING FORM -..a This form displays the properties of a sniffed packets. Packets destination address .source address .throughput, ly Dme to live etc are captured via sniffing. CONCLUSION The Firewall project is a comprehensive effort towards real time network applications. It effectively detects the packets send through a network and is rejected or accepted as desired. The package we've prepared cannot be said to be perfect. But we've put the best of our efforts to make this project fool proof. We welcome all those who can offer valuable suggestion and creation in this package to make the project industry quality software. Before we conclude, once again we thank all those who have helped us bring about this endeavor. S$f <E NJI'RA'XZNJI gVOiVKVLJlM COLL%gE 0<F 'ENgiWE'EWNg BIBLIOGRAPHY AND WEBLIOGRAPHY w Troelsen -Visual Basic.Net and .Net Platform" hes "Firewalls-A complete guide*" JLAadrew . S . Tanenbuam "Computer Networks' Lhotka "Professional VB.NET" SGary Cornell, Jonathan Morrison "Programming VB.NET:A Gaide for experienced programmers" PmHSES ON THE INTERNET tap^/ms dn.microsoftvbbasic hup j Avww.gotdotnet.com hdp 'J / vbw ire.com hop :'/ww .zdnet.com hnp :/ webped ia.com firewall full report - alisha - 08-17-2017 [attachment=14629] Introduction A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls can perform basic routing functions. Firewalls are by far the most common prevention systems from a network security perspective as they can (if properly configured) shield access to internal network services, and block certain kinds of attacks through packet filtering. If you have been using the Internet for any length of time, and especially if you work at a larger company and browse the Web while you are at work, you have probably heard the term firewall used. For example, you often hear people in companies say things like, "I can't use that site because they won't let it through the firewall." If you have a fast Internet connection into your home (either a DSL connection or a cable), you may have found yourself hearing about firewalls for your home network as well. It turns out that a small home network has many of the same security issues that a large corporate network does. You can use a firewall to protect your home network and family from offensive Web sites and potential hackers. Basically, a firewall is a barrier to keep destructive forces away from your property. In fact, that's why it s called a firewall. Its job is similar to a physical firewall that keeps a fire from spreading from one area to the next. here we will learn more about firewalls, how they work and what kinds of threats they can protect you from. Importance of Firewalls There are many creative ways that unscrupulous people use to access or abuse unprotected computers: Remote login - When someone is able to connect to your computer and control it in some form. This can range from being able to view or access your files to actually running programs on your computer. Application backdoors - Some programs have special features that allow for remote access. Others contain bugs that provide a backdoor, or hidden access, that provides some level of control of the program. SMTP session hijacking - SMTP is the most common method of sending e-mail over the Internet. By gaining access to a list of e-mail addresses, a person can send unsolicited junk e-mail (spam) to thousands of users. This is done quite often by redirecting the e-mail through the SMTP server of an unsuspecting host, making the actual sender of the spam difficult to trace. Operating system bugs - Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that an experienced hacker can take advantage of. Denial of service - You have probably heard this phrase used in news reports on the attacks on major Web sites. This type of attack is nearly impossible to counter. What happens is that the hacker sends a request to the server to connect to it. When the server responds with an acknowledgement and tries to establish a session, it cannot find the system that made the request. By inundating a server with these unanswerable session requests, a hacker causes the server to slow to a crawl or eventually crash. E-mail bombs - An e-mail bomb is usually a personal attack. Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages. Spam - Typically harmless but always annoying, spam is the electronic equivalent of junk mail. Spam can be dangerous though. Quite often it contains links to Web sites. Be careful of clicking on these because you may accidentally accept a cookie that provides a backdoor to your computer. Redirect bombs - Hackers can use ICMP (Internet Control Message Protocol) to change (redirect) the path information takes by sending it to a different router. This is one of the ways that a denial of service attack is set up. Source routing - In most cases, the path a packet travels over the Internet (or any other network) is determined by the routers along that path. But the source providing the packet can arbitrarily specify the route that the packet should travel. Hackers sometimes take advantage of this to make information appear to come from a trusted source or even from inside the network! Most firewall products disable source routing by default. Some of the items in the list above are hard, if not impossible, to filter using a firewall. While some firewalls offer virus protection, it is worth the investment to install anti-virus software on each computer. And, even though it is annoying, some spam is going to get through your firewall as long as you accept e-mail. The level of security you establish will determine how many of these threats can be stopped by your firewall. The highest level of security would be to simply block everything. Obviously that defeats the purpose of having an Internet connection. But a common rule of thumb is to block everything, then begin to select what types of traffic you will allow. You can also restrict traffic that travels through the firewall so that only certain types of information, such as e-mail, can get through. This is a good rule for businesses that have an experienced network administrator that understands what the needs are and knows exactly what traffic to allow through. For most of us, it is probably better to work with the defaults provided by the firewall developer unless there is a specific reason to change it. One of the best things about a firewall from a security standpoint is that it stops anyone on the outside from logging onto a computer in your private network. While this is a big deal for businesses, most home networks will probably not be threatened in this manner. Still, putting a firewall in place provides some peace of mind. firewall full report - shruk56 - 08-17-2017 [attachment=15058] Firewalls Effective means of protection a local system or network of systems from network-based security threats while affording access to the outside world via WAN s or the Internet Firewall Design Principles Information systems undergo a steady evolution (from small LAN s to Internet connectivity) Strong security features for all workstations and servers not established Firewall Design Principles The firewall is inserted between the premises network and the Internet Aims: Establish a controlled link Protect the premises network from Internet-based attacks Provide a single choke point Firewall Characteristics Design goals: All traffic from inside to outside must pass through the firewall (physically blocking all access to the local network except via the firewall) Only authorized traffic (defined by the local security police) will be allowed to pass Firewall Characteristics Design goals: The firewall itself is immune to penetration (use of trusted system with a secure operating system) Firewall Characteristics Four general techniques: Service control Determines the types of Internet services that can be accessed, inbound or outbound Direction control Determines the direction in which particular service requests are allowed to flow Firewall Characteristics User control Controls access to a service according to which user is attempting to access it Behavior control Controls how particular services are used (e.g. filter e-mail) Types of Firewalls Three common types of Firewalls: Packet-filtering routers Application-level gateways Circuit-level gateways (Bastion host) Types of Firewalls Packet-filtering Router Types of Firewalls Packet-filtering Router Applies a set of rules to each incoming IP packet and then forwards or discards the packet Filter packets going in both directions The packet filter is typically set up as a list of rules based on matches to fields in the IP or TCP header Two default policies (discard or forward) Types of Firewalls Advantages: Simplicity Transparency to users High speed Disadvantages: Difficulty of setting up packet filter rules Lack of Authentication Types of Firewalls Possible attacks and appropriate countermeasures IP address spoofing Source routing attacks Tiny fragment attacks Types of Firewalls Application-level Gateway Types of Firewalls Application-level Gateway Also called proxy server Acts as a relay of application-level traffic Types of Firewalls Advantages: Higher security than packet filters Only need to scrutinize a few allowable applications Easy to log and audit all incoming traffic Disadvantages: Additional processing overhead on each connection (gateway as splice point) Types of Firewalls Circuit-level Gateway Types of Firewalls Circuit-level Gateway Stand-alone system or Specialized function performed by an Application-level Gateway Sets up two TCP connections The gateway typically relays TCP segments from one connection to the other without examining the contents Types of Firewalls Circuit-level Gateway The security function consists of determining which connections will be allowed Typically use is a situation in which the system administrator trusts the internal users An example is the SOCKS package firewall full report - ashwinishitole123 - 08-17-2017 Firewalls [attachment=16843] .Sits between two networks Used to protect one from the other Places a bottleneck between the networks All communications must pass through the bottleneck this gives us a single point of control .Protection Methods .Packet Filtering Rejects TCP/IP packets from unauthorized hosts and/or connection attempts bt unauthorized hosts .Network Address Translation (NAT) Translates the addresses of internal hosts so as to hide them from the outside world Also known as IP masquerading .Proxy Services Makes high level application level connections to external hosts on behalf of internal hosts to completely break the network connection between internal and external hosts Proxies Address seen by the external network is the address of the proxy Everything possible is done to hide the identy if the internal user e-mail addresses in the http headers are not propigated through the proxy10 Doesn t have to be actual part of the Firewall, any server sitting between the two networks and be used Virtual Private Networks (VPN) .Used to connect two private networks via the internet Provides an encrypted tunnel between the two private networks Usually cheaper than a private leased line but should be studied on an individual basis Once established and as long as the encryption remains secure the VPN is impervious to exploitation For large organizations using VPNs to connect geographically diverse sites, always attempt to use the same ISP to get best performance. Try to avoid having to go through small Mom-n-Pop ISPs as they will tend to be real bottlenecks firewall full report - Sairam - 08-17-2017 ABSTRACT Network security comprises the measures a company takes to protect its computer system, and it is a prime concern for every company that uses computers. Compromised network security means a hacker or competitor may gain access to critical or sensitive data, possibly resulting in data loss, or even complete destruction of the system. Appropriate network security is achieved when a user has to go through several layers of security before being able to access the desired network. The more layers the system has, the more secure it is. You may sprout a question, what is network? The networks are computer networks, both public and private, that are used every day to conduct transactions and communications among businesses, government agencies and individuals. The networks are comprised of "nodes", which are "client" terminals (individual user PCs), and one or more "servers" and/or "host" computers. Today, most companies' host computers can be accessed by their employees whether in their offices over a private communications network, or from their homes or hotel rooms while on the road through normal telephone lines. One of the most interesting parts of our paper is the research work we have done on the top 10 viruses and the PC s affected by them. We have also exposed the threat levels. Network security comprises of many areas like risk management, firewalls, secure network devices, network threats etc Our paper mainly focuses on tantalizing feature of network security,(i.e.) FIREWALLS which is a software or hardware used for security purpose in our present technological world. We discussed the topics about types of firewalls, features, what it protects u from etc . firewall full report - annabobic - 08-17-2017 Firewall End-to-End Network Access Protection for System i A solution which secures every type of access to and from System i, within & outside the organization Market Need Hacking Open TCP/IP environment has increased System i risks Many remote activities are now easy Initiating commands Installing programs Changing data Moving files Limited ability to log/block unauthorized access Internal Fraud FBI Study: the most significant threat to an organization's information systems comes from inside Control and follow-up on user access - a necessity Firewall Features Airtight protection from both internal and external threats Covers more exit points than any other product Protection from User Level to Object Level Protects both incoming and outgoing IP addresses Unique layered architecture - easy to use and maintain Excellent performance - especially in large environments User-friendly Wizards streamline rule definitions Historical data statistics enable effective rule definition Best-Fit feature formulates rule to suit each security event Detailed log of all access and actions Simulation Mode Tests existing Firewall rules Enables defining rules based on the simulation Reports in various formats: e-mail, print-out, HTML/PDF/CSV |