ABSTRACT
The connection of an internal network to an
external network such as Internet has made it vulnerable to attacks. One class
of network attack is unauthorized penetration into network due to the openness
of networks. It is possible for an attacker or hackers to sum access to an
internal network, this pose great danger to the network and network resources.
Our objective and major concern of network design was to build a secured
network, based on software firewall that ensured the integrity and
confidentiality of information on the network. We proposed an Object-Oriented
Methodology and developed an improved software based solution that allows all
the inbound and outbound traffic to pass through the firewall. The firewall in
turn determines which traffic should be allowed in or out of the network. The firewall algorithm was
implemented using Java programming language, which was based on java security
architecture. It also utilizes the concept of XML and HTML programming which
enables network communication over the Internet.
Chapter 1: Introduction
- Introduction
Computer
network is the engineering discipline concerned with communication between
computer system and devices. The purposes of networking are exchange of data
and resources sharing. With network, large volume of data can be exchanged
through both short and long-range connections. Likewise computer resources such
as hardware (printers, scanner etc.) and software can be remotely shared among
network hosts.
With increase reliance on computer
network, calls for serious monitoring of the traffic in and out of the system
network. Attackeron the internet
could break into the network and do harm in a number of ways; they can steal or
damage important data, damage individuals computer or their entire network, and
use the internal network computer resources. Due to some of these security
threats, there was the need to build a defensive mechanism that ensures that
attackers and their likes are not allowed into the network. Firewalls are
designed to stop unwanted or suspected traffics from flowing into the internal
network. Sets of rules are applied to control the type of networking traffic
flowing in and out of the system. This would ensure that attackers have no
access to the internal network.
This thesis is
organized in four chapters. Chapter 2 provides theoretical background
information about firewalls, roles, controls and their impact in network
security; a comprehensive
literature review on how network traffic can be monitored in order to prevent
an unauthorized access to internal network. Chapter 3, we proposed and
developed an improved software based solution that allows all the inbound and
outbound traffic to pass through the firewall which, in turn determines which
traffic should be allowed in or out of the network using object-oriented
methodology. Chapter 4, Firewall security system was implementation using
software-based solution. The use of Java programming language and the concept
of xml and html programming were considered in order to achieve our objectives.
1.1 Statement of Problem
The problem to be solved is the
problem of organizations network. What can firms do to protect their network
over potential threats against the “resources” they share on the network?
1.2 Objectives
- To developed a firewall system to
block unauthorized access to the network and prevent malicious attack which
could lead to data loss
- To build a secured network, based on software
firewall to protect network resources and ensured the integrity and confidentiality
of information on the network are not compromised
1.3 Significance of the Study
The significance of this study is to
show how a firewall could prevent attack and protect network resources which
will make harder for an attacker to penetrate into the system. The system will
be able to offer online services. The probability of exploring vulnerability
will be reduced to low risk and the system will be more stable
Chapter 2: Literature
Review
2.0 Introduction
This
chapter describes what firewalls can do for network security, types of network
attack. What firewall needs to control and protect and the impact of firewall
in organisation network and users. A review on how network traffic can be monitored in order to
prevent an unauthorized access to internal network.
2.1 Theoretical Background
Firewalls are usually the first component of
network security. They separate networks in different security levels, by
utilizing network access control policies. The major function of the firewall
is to protect the private network from non-legitimate traffic.
Firewalls are located between the Internet and
private network. They can monitor the outgoing and incoming traffic; also they
can prevent the harmful traffic and attacks from Internet. They also can stop
the non-legitimate outgoing traffic. If a computer from the local network is
attacked by an intruder and generates non-legitimate traffic, the firewall can
prevent and detect the computer. Firewall can detect such succeeded attack, so
it can be recovered.
A firewall is the most effective way to connect a
network to the Internet and still protect that network [1]. Firewalls create a
separation between public networks (Internet) and private networks by examining
the traffic according to the predefined policy, and allowing only legitimate
traffic to pass between the public and private network. They help implementing
a larger security policy that defines the services and access to be permitted.
It is an implementation of that policy in terms of a network configuration, one
or more host systems and routers, and other security measures such as advanced
authentication in place of static passwords.
A firewall system can be a router, a personal
computer, a host, or a collection of hosts and/or routers, set up specifically
to shield a site or subnet from protocols and services that can be abused from
hosts outside the subnet [2]. Firewalls
must be installed at the choke points to control network traffic and implement
network security policy of the organization. Firewalls achieve this by
examining the all incoming and outgoing network traffic according to the
predefined firewall policy. All network traffic must pass through the firewall,
which ensures that only permitted traffic are allowed through [3]. Firewalls
have some advantage and disadvantages they are summarized below.
Advantages:
• Firewalls can stop non-legitimate traffic
at first point,
• Firewalls can filter protocols and services
that are either not necessary or that cannot be adequately secured from
exploitation [4],
• A firewall can “hide” names of internal
systems and internal network schema, thereby revealing less information to
outside hosts [4],
• Firewalls can concentrate extended logging
of network traffic on one system.
Disadvantages:
• Firewalls utilize manually configured set
of rules to differentiate legitimate traffic from non-legitimate traffic,
• Once a static policy is defined, the
firewall can’t react to a network attack – nor can it initiate effective
counter-measures [4],
• Firewalls only examine network packets that
pass through them, do not examine network traffic between any two inside hosts,
• Most firewalls do not analyse the contents
of the data packets that make up network traffic,
• Firewall policies can vary in effectiveness, depending on the expertise of the security manager and the complexity of the network environment.