Chapter 1: Introduction

1.  Introduction

Computernetwork is the engineering discipline concerned with communication betweencomputer system and devices. The purposes of networking are exchange of dataand resources sharing. With network, large volume of data can be exchangedthrough both short and long-range connections. Likewise computer resources suchas hardware (printers, scanner etc.) and software can be remotely shared amongnetwork hosts.

     With increase reliance on computernetwork, calls for serious monitoring of the traffic in and out of the systemnetwork. Attackeron the internetcould break into the network and do harm in a number of ways; they can steal ordamage important data, damage individuals computer or their entire network, anduse the internal network computer resources. Due to some of these securitythreats, there was the need to build a defensive mechanism that ensures thatattackers and their likes are not allowed into the network. Firewalls aredesigned to stop unwanted or suspected traffics from flowing into the internalnetwork. Sets of rules are applied to control the type of networking trafficflowing in and out of the system. This would ensure that attackers have noaccess to the internal network.

      This thesis isorganized in four chapters. Chapter 2 provides theoretical backgroundinformation about firewalls, roles, controls and their impact in networksecurity; a comprehensiveliterature review on how network traffic can be monitored in order to preventan unauthorized access to internal network. Chapter 3, we proposed anddeveloped an improved software based solution that allows all the inbound andoutbound traffic to pass through the firewall which, in turn determines whichtraffic should be allowed in or out of the network using object-orientedmethodology. Chapter 4, Firewall security system was implementation usingsoftware-based solution. The use of Java programming language and the conceptof xml and html programming were considered in order to achieve our objectives.

1.1 Statement of Problem

The problem to be solved is theproblem of organizations network. What can firms do to protect their networkover potential threats against the “resources” they share on the network?

1.2 Objectives

1. To developed a firewall system toblock unauthorized access to the network and prevent malicious attack whichcould lead to data loss
2. To build a secured network, based on softwarefirewall to protect network resources and ensured the integrity and confidentialityof information on the network are not compromised

1.3 Significance of the Study

The significance of this study is toshow how a firewall could prevent attack and protect network resources whichwill make harder for an attacker to penetrate into the system. The system willbe able to offer online services. The probability of exploring vulnerabilitywill be reduced to low risk and the system will be more stable

Chapter 2: LiteratureReview

2.0 Introduction

Thischapter describes what firewalls can do for network security, types of networkattack. What firewall needs to control and protect and the impact of firewallin organisation network and users. A review on how network traffic can be monitored in order toprevent an unauthorized access to internal network.

2.1 Theoretical Background

Firewalls are usually the first component ofnetwork security. They separate networks in different security levels, byutilizing network access control policies. The major function of the firewallis to protect the private network from non-legitimate traffic.

Firewalls are located between the Internet andprivate network. They can monitor the outgoing and incoming traffic; also theycan prevent the harmful traffic and attacks from Internet. They also can stopthe non-legitimate outgoing traffic. If a computer from the local network isattacked by an intruder and generates non-legitimate traffic, the firewall canprevent and detect the computer. Firewall can detect such succeeded attack, soit can be recovered.

A firewall is the most effective way to connect anetwork to the Internet and still protect that network [1]. Firewalls create aseparation between public networks (Internet) and private networks by examiningthe traffic according to the predefined policy, and allowing only legitimatetraffic to pass between the public and private network. They help implementinga larger security policy that defines the services and access to be permitted.It is an implementation of that policy in terms of a network configuration, oneor more host systems and routers, and other security measures such as advancedauthentication in place of static passwords.

A firewall system can be a router, a personalcomputer, a host, or a collection of hosts and/or routers, set up specificallyto shield a site or subnet from protocols and services that can be abused fromhosts outside the subnet [2].  Firewallsmust be installed at the choke points to control network traffic and implementnetwork security policy of the organization. Firewalls achieve this byexamining the all incoming and outgoing network traffic according to thepredefined firewall policy. All network traffic must pass through the firewall,which ensures that only permitted traffic are allowed through [3]. Firewallshave some advantage and disadvantages they are summarized below.

Advantages:

• Firewalls can stop non-legitimate trafficat first point,

• Firewalls can filter protocols and servicesthat are either not necessary or that cannot be adequately secured fromexploitation [4],

• A firewall can “hide” names of internalsystems and internal network schema, thereby revealing less information tooutside hosts [4],

• Firewalls can concentrate extended loggingof network traffic on one system.

Disadvantages:

• Firewalls utilize manually configured setof rules to differentiate legitimate traffic from non-legitimate traffic,

• Once a static policy is defined, thefirewall can’t react to a network attack – nor can it initiate effectivecounter-measures [4],

• Firewalls only examine network packets thatpass through them, do not examine network traffic between any two inside hosts,

• Most firewalls do not analyse the contentsof the data packets that make up network traffic,

• Firewall policies can vary in effectiveness, depending on the expertise of the security manager and the complexity of the network environment.