Beruflich Dokumente
Kultur Dokumente
INTRODUCTION
When you connect your computer to Internet,
then you have also connected every other computer on the
internet to your computer. This means that anyone on the Internet
has same type of direct access to your computer that you have
to the other computers on the Internet. This situation can be
equated with the analogy of
someone entering your house
without your permission.
During transfer of data from your computer to
Other through net , there may be possibility of hacking or cracking
. Hacking or cracking is nothing but stolening of stored data.
To avoid hacking or exploitation of data, Network security is
essential.
Nations without controlled borders can not ensure
Safety and security of their citizen. Simillarly network without
controlled borders can neither ensure security or privacy of
stored data nor can they keep their network resources from
being exploited by the hackers . The main aim is to secure our
own network from other networks. When you need to protect
your system from an external as well as from an internal attacks,
then you will find that there are 5 main security systems as
stated below :
1)
2)
3)
4)
5)
Firewall system
Intrusion Detection System (IDS)
Public Key Infrastructure (PKI)
Two Way Factor Authentication (TWFA)
Content Variation & Anti-Virus Solution (CVAS)
2.PROBLEM DEFINITION
Why would someone want to install a
Firewall The simple reason is that you would not want hackers ,
who just steal your sensitive data for profit. So you would definitely
want some of protection for your computer or network before you
provide public access to it. Hence, Firewall plays an important role
in order to protect your system.
2.1 Definition of Firewall:
and software
Firewalls are
allow only a
fence around
2.2 Location:
A Firewall system is usually located at a
higher level gateway, such as a websites connection to the internet.
2.3 Features of Firewall :
A Firewall should have following minimum
features in order to provide an effective protection :
1) It should support your security policy.
2) It should be simple in design so that it is easy to understand and
maintain.
3) It should be flexible so that it should be able to accommodate
new services easily.
4) It should be designed in such a way that its strength &
correctness is verifiable.
One can consider a firewall as a point of
focus for all security decisions.
3. REQUIREMENT ANALYSIS
Requirement analysis is a software engineering
task that bridges the gap between system allocation & software
design.
The software requirement analysis is divided
into 5 areas of effort as follows:
1) Problem Definition
2) Evaluation & Synthesis
3) Modeling
4) Specification
5) Review
6)
The problem recognition contains what
actually the problem is ? For what we are trying to develop the
software ? Here the problem statement is very clear, we have to
achieve network security system. First study from where the
security could be broken:
3.1 Identify the assets and threats:
The first step to understand security is to
know what the potential risks are, or more specifically to determine
type & level of security risks for the company . Some of more
common security risks for the company are briefly described below :
3.1.1 Internal Risks :
Despite the notoriety of public external
attacks, more insidious threat to security comes from internal
sources. A Computer Crime & Security Survey conducted in 2001
by the Computer Security Survey(CSI) reports that 71% of the 643
respondents detected unauthorized access by insiders. Although the
internal threats are very real, many companies today are mainly
focussing their perimeter security to keep intruders out.
3.1.2 External Risks :
The external risks to a company have increased
exponentially with the expansion of the internet. In the past , firewalls
were like the Great wall of China which was designed to keep all
outsiders on the other side of the wall and insiders safe from any
intrusions. However, the internet has dramatically changed the playing
field, & corporations are forced to allow traffic in & out of the
corporate network.
Most companies use the facilities of mail but
this could also break their security system. Some malicious users may
mail their employee & get important records of company. So it is
necessary to check that who is sending mail to company employee &
what that mail contains.
During the evaluation & solution synthesis activity, in
an effort to better understand data & control flow, functional
processing & operation, one has to go through creation of model
system. The model serves as a software design & as the basis for
the creation of a specification for the software.
Specifications about network security policy
developed :
1.Determine who can use each resource
2.Determine who is authorised to grant access & approve usage for
each resource
3.Determine who should have system administration privileges
4.Determine the Users right & responsibilities.
Here the characteristics of software are, it is based
on Linux platform providing packet filtering firewall to ensure
security from external interface.
4. TYPES OF FIREWALL
There are 2 types of F irewall :
1) Packet F iltering Firewall
2) Proxy Based Firewall
4.1 Packet
Filtering
Firewall:
Based Firewall:
5. ANALYSIS
Analysis gives the review of developed software.
Through analysis one can test efficiency of the system. The
efficiency of the system is based on memory required,
execution time & its usefulness. The advantages &
disadvantages of Packet filtering firerwall over Proxy based
firewall are as follows :
5.1 ADAVANTAGES:
1) It is cheap.
2) It is flexible.
3) It is more transperent to the user.
5.2 DISADVANTAGES:
1) It is too complex to understand the user as the rules &
regulations are already set within this firewall.
2) There may be confusion by the user as it does not allow to take
any type of decision to user during transfer of data.
3) It does not protect us from internal hacking.( Internal hacking is
the process of stolening of data by one of the company employee
itself.)
5.3 APPLICATION:
Most companies use Proxy based firewall
they have following advantages besides above stated:
1) It provides more flexibility in conducting business.
2) It gives company a much needed competitive edge.
3) It provides higher visibillity for company.
as
6. SOFTWARES AVAILABLE:
There is only one software available uptill
firewall as stated below:
now regarding
the
1) SOCKS5 :
This software is built up by Linux Operating System
(LOS). The type of firewall is of Proxy Based Firewall. One who
want to install a firewall has to go through following websites:
1)www.securityspace.com
2)www.socks.com
REFERENCES:
REFERENCE BOOK:
1) The Ultimate User Guide for Network Security
-By Lars Klander
MAGAZINES:
1) Computer Today - Year 2000, 2001,2002
2) Information Technology- Year 2001
WEBSITES:
1)www.hackers.com
2)www.altavista.com
3)www.socks.com
4)www.google.com
5)www.cora-justresearch.com