1.

INTRODUCTION
When you connect your computer to Internet,
then you have also connected every other computer on the
internet to your computer. This means that anyone on the Internet
has same type of direct access to your computer that you have
to the other computers on the Internet. This situation can be
equated with the analogy of
someone entering your house
without your permission.
During transfer of data from your computer to
Other through net , there may be possibility of hacking or cracking
. Hacking or cracking is nothing but stolening of stored data.
To avoid hacking or exploitation of data, Network security is
essential.
Nations without controlled borders can not ensure
Safety and security of their citizen. Simillarly network without
controlled borders can neither ensure security or privacy of
stored data nor can they keep their network resources from
being exploited by the hackers . The main aim is to secure our
own network from other networks. When you need to protect
your system from an external as well as from an internal attacks,
then you will find that there are 5 main security systems as
stated below :
1)
2)
3)
4)
5)

Firewall system
Intrusion Detection System (IDS)
Public Key Infrastructure (PKI)
Two Way Factor Authentication (TWFA)
Content Variation & Anti-Virus Solution (CVAS)

As Firewall is the basic and

unique method of security system which is applied in remaining 4
systems in broad manner, one who want to achieve network security
must have the basic knowledge about Firewall.

2.PROBLEM DEFINITION
Why would someone want to install a
Firewall The simple reason is that you would not want hackers ,
who just steal your sensitive data for profit. So you would definitely
want some of protection for your computer or network before you
provide public access to it. Hence, Firewall plays an important role
in order to protect your system.
2.1 Definition of Firewall:
and software
Firewalls are
allow only a
fence around

A Firewall can be defined as hardware

that intercepts data between internet and your computer.
simple devices that block all the traffic , then selectively
few well chosen items. In short , a Firewall is simply a
your network with a couple of well chosen gates.

2.2 Location:
A Firewall system is usually located at a
higher level gateway, such as a websites connection to the internet.
2.3 Features of Firewall :
A Firewall should have following minimum
features in order to provide an effective protection :
1) It should support your security policy.
2) It should be simple in design so that it is easy to understand and
maintain.
3) It should be flexible so that it should be able to accommodate
new services easily.
4) It should be designed in such a way that its strength &
correctness is verifiable.
One can consider a firewall as a point of
focus for all security decisions.

3. REQUIREMENT ANALYSIS
Requirement analysis is a software engineering
task that bridges the gap between system allocation & software
design.
The software requirement analysis is divided
into 5 areas of effort as follows:
1) Problem Definition
2) Evaluation & Synthesis
3) Modeling
4) Specification
5) Review
6)
The problem recognition contains what
actually the problem is ? For what we are trying to develop the
software ? Here the problem statement is very clear, we have to
achieve network security system. First study from where the
security could be broken:
3.1 Identify the assets and threats:
The first step to understand security is to
know what the potential risks are, or more specifically to determine
type & level of security risks for the company . Some of more
common security risks for the company are briefly described below :
3.1.1 Internal Risks :
Despite the notoriety of public external
attacks, more insidious threat to security comes from internal
sources. A Computer Crime & Security Survey conducted in 2001
by the Computer Security Survey(CSI) reports that 71% of the 643
respondents detected unauthorized access by insiders. Although the
internal threats are very real, many companies today are mainly
focussing their perimeter security to keep intruders out.
3.1.2 External Risks :
The external risks to a company have increased
exponentially with the expansion of the internet. In the past , firewalls

were like the Great wall of China which was designed to keep all
outsiders on the other side of the wall and insiders safe from any
intrusions. However, the internet has dramatically changed the playing
field, & corporations are forced to allow traffic in & out of the
corporate network.
Most companies use the facilities of mail but
this could also break their security system. Some malicious users may
mail their employee & get important records of company. So it is
necessary to check that who is sending mail to company employee &
what that mail contains.
During the evaluation & solution synthesis activity, in
an effort to better understand data & control flow, functional
processing & operation, one has to go through creation of model
system. The model serves as a software design & as the basis for
the creation of a specification for the software.
Specifications about network security policy
developed :
1.Determine who can use each resource
2.Determine who is authorised to grant access & approve usage for
each resource
3.Determine who should have system administration privileges
4.Determine the Users right & responsibilities.
Here the characteristics of software are, it is based
on Linux platform providing packet filtering firewall to ensure
security from external interface.
4. TYPES OF FIREWALL
There are 2 types of F irewall :
1) Packet F iltering Firewall
2) Proxy Based Firewall
4.1 Packet

Filtering

Firewall:

It was built up into the Linux kernel at

first . In this type, firewall decides which type of data to be
received from or entered within your computer based upon
security policy. That means whatever data you enter on your

computer, it can be automatically get filtered by this firewall &

then stored with more privacy . Thenafter data get transferred to
internet after decision of the firewall . If an unauthorised
entry is made, then it gives an alarm from which one can
easily understand that someone want to steal your data . Here you
are not supposed to do anything, because this firewall itself has a
capacity to resist such type of hacking.
This type may be useful when you want to
gain some information with privacy from internet to your computer
But it is not usefull to you when you want to send more
quantitative data to someone through internet as there is limitation
on size of data called as Packet size.Hence due to this, there
became necessity of development of another type of firewall, named
as Proxy Based Firewall.
4.2 Proxy

Based Firewall:

Whatever amount of data you want to send

or receive through internet , it can be easily accepted & stored in
Proxy server in the form of packet. Here Proxy acts as a
retaining wall by giving safety against hackers. The data sent by
you can be safely received to internet as an exact replica or
xerox of your sent data. There will not be any type of
modification occur within your data as in case of Packet filtering
firewall. Here you are free to decide the rules for firewall which
type of data you want to protect.
The diagramatic representation of the
Packet filtering & Proxy based types are as shown in fig. (a)
& (b) respectively.

5. ANALYSIS
Analysis gives the review of developed software.
Through analysis one can test efficiency of the system. The
efficiency of the system is based on memory required,
execution time & its usefulness. The advantages &
disadvantages of Packet filtering firerwall over Proxy based
firewall are as follows :
5.1 ADAVANTAGES:
1) It is cheap.
2) It is flexible.
3) It is more transperent to the user.
5.2 DISADVANTAGES:
1) It is too complex to understand the user as the rules &
regulations are already set within this firewall.
2) There may be confusion by the user as it does not allow to take
any type of decision to user during transfer of data.
3) It does not protect us from internal hacking.( Internal hacking is
the process of stolening of data by one of the company employee
itself.)
5.3 APPLICATION:
Most companies use Proxy based firewall
they have following advantages besides above stated:
1) It provides more flexibility in conducting business.
2) It gives company a much needed competitive edge.
3) It provides higher visibillity for company.

as

6. SOFTWARES AVAILABLE:
There is only one software available uptill
firewall as stated below:

now regarding

the

1) SOCKS5 :
This software is built up by Linux Operating System
(LOS). The type of firewall is of Proxy Based Firewall. One who
want to install a firewall has to go through following websites:
1)www.securityspace.com
2)www.socks.com

REFERENCES:
REFERENCE BOOK:
1) The Ultimate User Guide for Network Security
-By Lars Klander

MAGAZINES:
1) Computer Today - Year 2000, 2001,2002
2) Information Technology- Year 2001
WEBSITES:
1)www.hackers.com
2)www.altavista.com
3)www.socks.com
4)www.google.com
5)www.cora-justresearch.com