07CE28

FIREWALL

FIREWALL

Prepared byAmrita Kaku Seminar Year: 2009/10

CITC(CE Dept)

07CE28

FIREWALL

SEMINAR REPORT ON FIREWALL

Prepared by:

Kaku Amrita M.
Guided by:

Mr.Vikram Bhogayta SUBMITTED AT:

U. & P. U. Patel Department of Computer Engineering, Charotar Institute of Technology- Changa

CITC(CE Dept)

07CE28

FIREWALL

CERTIFICATE
This is to certify that the Seminar entitled FIREWALL is a bonafied report of the work carried out by Ms. Amrita M Kaku(07CE28) under the guidance and supervision for the submission of 5th semester U.& P.U. Patel Computer Engineering at Charotar Institute of Technology -Changa. , Gujarat. To the best of my knowledge and belief, this work embodies the work of candidate herself, has duly been completed, fulfills the requirement of the ordinance relating to the Bachelor degree of the university and is up to the standard in respect of content, presentation and language for being referred to the examiner.

Guided By: Mr.Vikram Bhogayta Department of U & P.U. Patel Computer Engineering C.I.T.C., Gujarat Prof.Amit Ganatra Head of Department of U & P.U. Patel Computer Engineering Changa.

Charotar Institute of Technology-Changa

At: Changa, Ta: Petlad, Dist: Anand , Pin: 388421

CITC(CE Dept)

07CE28

FIREWALL

ACKNOWLEDGEMENT
We would firstly like to acknowledge our seminar guide Mr. Vikram Bhogayta and Mr. Kamal Sutariya who right from the selection of our seminar till the preparation of the final report was the guiding light. Their vast knowledge and experience has helped not only in adding value to our project but to ourselves too. We are grateful to our faculty members whose pedagogy has directly or indirectly helped us through out. We are also obliged to our friends and family. As we know that they are always behind us and helped us whenever they found something, which might be important for us.There remains some name unmentioned, but none remain unthanked.

CITC(CE Dept)

07CE28

FIREWALL

ABSTRACT
Firewalls are core elements in network security. However, managing firewall rules, particularly in multi-firewall enterprise networks, has become a complex and error-prone task. Firewall filtering rules have to be written, ordered and distributed carefully in order to avoid firewall policy anomalies that might cause network vulnerability. Therefore, inserting or modifying filtering rules in any firewall requires thorough intra- and inter-firewall analysis to determine the proper rule placement and ordering in the firewalls These firewalls establish a security perimeter that aims to block (or heavily restrict) both incoming and outgoing network communication. While still protecting information and computing resources behind the firewall, this firewall is less restrictive of outward information flow than the traditional model; can be easily deployed; and can give internal users the illusion of unrestricted e-mail, anonymous FTP, and WWW connectivity to the greater Internet.

CITC(CE Dept)

07CE28

FIREWALL

INDEX
Sr.No Title Page No

Acknowledgement.......................4 Abstract........5 1. Basic concept.......7 1.1 secure your computer using firewall..8 2. Cofiguration9 2.1 ip address...9 2.2 domain name.9 2.3 protocol..9 2.4 port.9 2.5 specific words and phrases..9 3. Types...10 3.1 hardware firewall..10 3.2 software firewall11 4. Techniques12 4.1 packet filter..12 4.2 port filter..12 4.3 stateful inspection13 5.advantages...............14 6. Disadvantages.............15 Conclusion..............16 Refrences............17

CITC(CE Dept)

07CE28

FIREWALL

1. BASIC CONCEPT
If you have been using the Internet for any length of time, and especially if you work at a larger company and browse the Web while you are at work, you have probably heard the term firewall used. For example, you often hear people in companies say things like, "I can't use that site because they won't let it through the firewall." If you have a fast Internet connection into your home (either a DSL connection or a cable modem), you may have found yourself hearing about firewalls for your home network as well. It turns out that a small home network has many of the same security issues that a large corporate network does. You can use a firewall to protect your home network and family from offensive Web sites and potential hackers.

Basic concept about Firewall Basically, a firewall is a barrier to keep destructive forces away from your property. In fact, that's why its called a firewall. Its job is similar to a physical firewall that keeps a fire from spreading from one area to the next. A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system. It is also a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all computer traffic between different security domains based upon a set of rules and other criteria. A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. However, they can come across some common problems while using Windows Firewall. These errors usually include inability to configure firewall, trouble in accessing games, Web or other server. Such irritating issues can only be fixed with the help of professional computer technicians holding good technical knowledge and armed with right tools. In addition to helping you with fixing issues with Windows Firewall, computer technicians can also get you the installation and configuration of your computer security products done.

CITC(CE Dept)

07CE28

FIREWALL

1.1 SECURE YOUR COMPUTER WITH FIREWALL You can easily see how a firewall helps protect computers inside a large company. Let's say that you work at a company with 500 employees. The company will therefore have hundreds of computers that all have network cards connecting them together. In addition, the company will have one or more connections to the Internet through something like T1 or T3 lines. Without a firewall in place, all of those hundreds of computers are directly accessible to anyone on the Internet. A person who knows what he or she is doing can probe those computers, try to make FTP connections to them, try to make telnet connections to them and so on. If one employee makes a mistake and leaves a security hole, hackers can get to the machine and exploit the hole. With a firewall in place, the landscape is much different. A company will place a firewall at every connection to the Internet. The firewall can implement security rules. For example, one of the security rules inside the company might be: Out of the 500 computers inside this company, only one of them is permitted to receive public FTP traffic. Allow FTP connections only to that one computer and prevent them on all others. A company can set up rules like this for FTP servers, Web servers, Telnet servers and so on. In addition, the company can control how employees connect to Web sites, whether files are allowed to leave the company over the network and so on. A firewall gives a company tremendous control over how people use the network.

CITC(CE Dept)

07CE28

FIREWALL

2. CONFIGURATION
Firewalls are customizable. This means that you can add or remove filters based on several conditions. Some of these are: 2.1 IP ADDRESS - Each machine on the Internet is assigned a unique address called an IP address. IP addresses are 32-bit numbers, normally expressed as four "octets" in a "dotted decimal number." A typical IP address looks like this: 216.27.61.137. For example, if a certain IP address outside the company is reading too many files from a server, the firewall can block all traffic to or from that IP address. 2.2 DOMAIN NAMES - Because it is hard to remember the string of numbers that make up an IP address, and because IP addresses sometimes need to change, all servers on the Internet also have human-readable names, called domain names. For example, it is easier for most of us to remember www.howstuffworks.com than it is to remember 216.27.61.137. A company might block all access to certain domain names, or allow access only to specific domain names. 2.3 PROTOCOL - The protocol is the pre-defined way that someone who wants to use a service talks with that service. The "someone" could be a person, but more often it is a computer program like a Web browser. Protocols are often text, and simply describe how the client and server will have their conversation. The http in the Web's protocol. Some common

2.3.1 Protocols that you can set firewall filters for include
IP - the main delivery system for information over the Internet TCP - used to break apart and rebuild information that travels over the Internet HTTP (Hyper Text Transfer Protocol) - used for Web pages FTP (File Transfer Protocol) - used to download and upload files UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video ICMP (Internet Control Message Protocol) - used by a router to exchange the information with other routers SMTP (Simple Mail Transport Protocol) - used to send text-based information (e-mail) SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer. Telnet - used to perform commands on a remote computer A company might set up only one or two machines to handle a specific protocol and ban that protocol on all other machines.

2.4

PORT- Any server machine makes its services available to the Internet using numbered ports, one for each service that is available on the server (see How Web Servers Work for details). For example, if a server machine is running a Web (HTTP) server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. A company might block port 21 accesses on all machines but one inside the company. 2.5 SPECIFIC WORDS AND PHRASES- This can be anything. The firewall will sniff (search through) each packet of information for an exact match of the text listed in the filter. For example, you could instruct the firewall to block any packet with the word "X-rated" in it. The key here is that it has to be an exact match. The "X-rated" filter would not catch "X rated" (no hyphen). But you can include as many words, phrases and variations of them as you need. CITC(CE Dept) 9

07CE28

FIREWALL

3. TYPES
3.1 HARDWARE FIREWALL With a hardware firewall, the firewall unit itself is normally the gateway. A good example is the Linksys Cable/DSL router. It has a built-in Ethernet card and hub. Computers in your home network connect to the router, which in turn is connected to either a cable or DSL modem. You configure the router via a Web-based interface that you reach through the browser on your computer . You can then set any filters or additional information. Hardware firewalls are incredibly secure and not very expensive. Home versions that include a router, firewall and Ethernet hub for broadband connections can be found for well under $100.

Hardware firewalls are important because they provide a strong degree of protection from most forms of attack coming from the outside world. In most cases, they can be effective with little or no configuration, and they can protect every machine on a local network.

CITC(CE Dept)

10

07CE28

FIREWALL

SOFTWARE FIREWALL A software firewall can be installed on the computer in your home that has an Internet connection. This computer is considered a gateway because it provides the only point of access between your home network and the Internet. For individual home users, the most popular firewall choice is a software firewall. Software firewalls are installed on your computer and you can customize it; allowing you some control over its function and protection features. A software firewall will protect your computer from outside attempts to control or gain access your computer, and, depending on your choice of software firewall, it could also provide protection against the most common Trojan programs or e-mail worms.

3.2

CITC(CE Dept)

11

07CE28

FIREWALL

4. TECHNIQUES
4.1 PACKET FILTER: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules.which examines the header of a packet to determine its source and destination addresses. This information is compared to a set of predefined and/or user-created rules that determine whether the packet is to be forwarded or dropped. BENEFITS Packet Filter Firewalls provide: Speed Simplicity Packet Filter Firewalls shall be able to filter outbound traffic. Outbound filtering should be employed on IP addresses, ports, protocols and application traffic to block unauthorized users, internal and external, from connecting to sensitive systems. 4.2 PORT FILTERING

Port filtering As you probably know, TCP/IP communications occur over ports. The easiest way to understand the concept of a port. For example, if port filtering were applied to TCP port 21, then FTP communications would be allowed, but no other types of communications would be allowed over that port. Port filtering can also deny access to a packet originating from an IP address that the administrator has chosen to block. Port filtering works by examining the packets header and looking at things such as the source address, destination address, port number, etc. The problem with port filtering is that a packets header can be spoofed. A sender can fake their IP address or just about anything else stored in the header. CITC(CE Dept) 12

07CE28

FIREWALL

To get around this problem, there is another type of filtering that some firewalls do called stateful packet inspections (also called dynamic packet filtering). 4.3 STATEFUL INSPECTION A newer method that doesn't examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, and then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

5. ADVANTAGES
CITC(CE Dept) 13

07CE28

FIREWALL

A firewall prevents unauthorized use and access to your network. It ignores information that comes from unsecured, unknown or suspicious locations. A firewall is to carefully analyze data entering and exiting the network based on your configuration. A firewall plays an important role on any network as it provides a protective barrier against most forms of attack coming from the outside world. Relatively inexpensive or free for personal use. All firewalls can be tested for effectiveness by using products that test for leaks or probe for open ports.

CITC(CE Dept)

14

07CE28

FIREWALL

6. DISADVANTAGES
Always on" connections created by Cable and DSL connections create major problems for firewalls. This can be compared to leaving your car running with the keys in it and the doors unlocked which a thief may interpret as an invitation to "Please steal me". Firewalls offer weak defense from viruses so antiviral software and an IDS (intrusion detection system) which protects against Trojans and port scans should also complement your firewall in the layering defense. Cost varies. There are some great free firewalls available to the PC User but there are also a few highly recommended products, which can only be purchased. The difference may be just the amount of support or features that a User can get from a free product as opposed to a paid one and how much support that user thinks he or she will require. A firewall protection is limited once you have an allowable connection open. This is where another program should be in place to catch Trojan horse viruses trying to enter your computer as unassuming normal traffic.

CITC(CE Dept)

15

07CE28

FIREWALL

CONCLUSION
Firewall systems obviously do not provide absolute security--on the contrary. Firewalls only offer protection inasmuch as all outgoing communications systematically pass through them and they are correctly configured. Accesses to the external network that circumvent the firewall are also security weaknesses. This is notably the case of connections made from the internal network by way of a modem or any other means of connection that avoids the firewall. Similarly, adding external storage media to internal network computers or laptops can greatly harm the overall security policy. In order to guarantee a maximum level of protection, a firewall plays an important role on any network as it provides a protective barrier against most forms of attack coming from the outside world. A firewall should be run on the computer and its activity log should be monitored in order to be able to detect intrusion attempts and anomalies. Moreover, security should be monitored (e.g. by signing up for CERT's security alerts) in order to modify the parameters of the firewall device according to published alerts. Setting up a firewall must be done in conjunction with a true security policy.

REFERENCES
CITC(CE Dept) 16

07CE28

FIREWALL

https://service.real.com/help/library/guides/helixuniversalproxy/htmfiles/firewall.htm http://www.windowsnetworking.com/articles_tutorials/Firewalls-101.html http://en.wikipedia.org/wiki/Firewall http://www.webopedia.com/TERM/f/firewall.html http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci212125,00.html http://www.programmerworld.net/articles/networking/firewall.php

CITC(CE Dept)

17