Post on 01-Dec-2015
description
CHAPTER 1
INTRODUCTION
1. 1 Overview
Packet filtering is a network security mechanism that works by controlling
what data can flow to and from a network. We provide a very brief
introduction to high-level IP networking concepts (a necessity for
understanding packet filtering).
To transfer information across a network, the information has to be
broken up into small pieces, each of which is sent separately. Breaking the
information into pieces allows many systems to share the network, each
sending pieces in turn. In IP networking, those small pieces of data are
called packets. All data transfer across IP networks happens in the form of
packets.
A router has to make a routing decision about each packet it receives; it
has to decide how to send that packet on towards its ultimate destination. In
general, a packet carries no information to help the router in this decision,
other than the IP address of the packet's ultimate destination. The packet
tells the router where it wants to go, but not how to get there. Routers
communicate with each other using "routing protocols" such as the Routing
Information Protocol (RIP) and Open Shortest Path First (OSPF) to build
routing tables in memory to determine how to get the packets to their
destinations. When routing a packet, a router compares the packet's
destination address to entries in the routing table and sends the packet
1
onward as directed by the routing table. Often, there won't be a specific
route for a particular destination, and the router will use a "default route;"
generally, such a route directs the packet towards smarter or better-
connected routers. (The default routes at most sites point towards the
Internet.)
In determining how to forward a packet towards its destination, a normal
router looks only at a normal packet's destination address and asks only
"How can I forward this packet?" A packet filtering router also considers the
question "Should I forward this packet?" The packet filtering router answers
that question according to the security policy programmed into the router via
the packet filtering rules.
1. 2 Objective of the project
Project is concerned with analyzing all packets across LAN
Here filtering of packets is carried out by means of filtering rules
In first rule filtering is carried out by means of IP address.
In second rule filtering is by means of size of the packet.
In third rule filtering is carried out by means of data inside the packet.
2
1. 3 Existing system
Current filtering tools are not perfect
Despite the widespread availability of packet filtering in
various hardware and software packages, packet filtering is still not a perfect
tool. The packet filtering capabilities of many of these products share, to a
greater or lesser degree, common limitations:
Some protocols are not well suited to packet filtering
Even with perfect packet filtering implementations, you will
find that some protocols just aren't well suited to security via packet
filtering, for reasons we'll discuss later in this book. Such protocols include
the Berkeley "r" commands (rcp, rlogin, rdist, rsh, etc.) and RPC-based
protocols such as NFS and NIS/YP.
Some policies can't readily be enforced by normal packet filtering
routers
The information that a packet filtering router
has available to it doesn't allow you to specify some rules you might like to
have. For example, packets say what host they come from, but generally not
what user. Therefore, you can't enforce restrictions on particular users.
Similarly, packets say what port they're going to, but not what application;
when you enforce restrictions on higher-level protocols, you do it by port
number, hoping that nothing else is running on the port assigned to that
protocol. Malicious insiders can easily subvert this kind of control.
Filters are based on the contents of the individual packets.
Filter tools are OS specific (i.e.) platform dependent.
3
1.3.1 Limitation of existing system
Filters are based on the contents of the individual packets
Filter tools are OS specific(i.e) platform dependent
User needs detailed knowledge & time consuming
Do not provide follow up for updating the rules.
1.4 Proposed system
The proposed system is supposed to reduce the cost of expenses. It is
to be developed into a user-friendly environment & more understandable
output is to be produced. In the proposed system the simple filters are to be
combine to form very complex filters, so that more security measures are
taken to safeguard our data. The user may dynamically select the rules as per
their choice and manually configure the rules specification. The proposed
system is platform independent and can be run in a system irrespective of the
operating system or hardware configurations, cause we are using Java to
develop the system.
1.4.1 Advantages of proposed system
Reduced Cost.
User-friendly environment & understandable output.
Simple filters combined to form complex filters.
The user can select rules or their combination.
Platform Independent.
4
1.5 Organization of the thesis
The report of the software project is framed chapter-wise. The
development of the software product comprising of various phases is
reflected in the chapters given below. These chapters portray the detailed
information of each of the development activities of the software project.
The whole report gives a brief explanation about the various stages of the
software development life cycle. Any phase of software development can be
verified in the given report as it is framed in an orderly fashion in chapter-
wise format. The outlay of the report is summarized as follows:
Chapter 1: Introduction
This chapter gives the basic information of the software
product taken for development consideration and the information of the
organization that needs for the implementation of the finished software
product. The system overview and the information about the software
organization have been included in this section.
Chapter 2: Development Process and Solution Approach
This chapter deals with the project requirements of the
software. The Hardware and software requirements, functional and
nonfunctional requirements are analyzed here.
Chapter 3 : Core Of Project
5
This chapter deals with the core of the project (i.e) detailed
about the language description JAVA and also about the important aspects
about the filtering.
Chapter 4 : Result Analysis
This chapter deal about flow chart that means of Diagrammatic
Representation of server operation and client server connectivity.
Chapter 5 : Source code
This chapter deals with the action part (i.e) codings. It gives the
action to the project.
Chapter 6 : Testing
This chapter deals with the different kinds of testing that our
project involves.
Chapter 7 : Snap shots
This chapter deals with the input and output screens involve in
the project.
Chapter 8 : Conclusion
It concludes the project and gives some suggestion for its
future enhancements.
CHAPTER 2
6
2. DEVELOPMENT PROCESS AND DESIGN
This chapter deals with software development life cycle and
development strategies that can be adopted for the application system.
2.1 Requirement Analysis and Specification
This involves analyzing the system requirements for creating the
application and the specification should be feasible for implementing the
application.
2.1.1 Hardware Specification
Processor: Pentium
RAM: 64MB
Speed: 166 MHz
Resolution: 640 x 480 pixels
Hard Disk: 2 GB
Operating System: Platform independent
2.1.2 Software Specification
Front-End: JAVA
Design: Swings
Back-end: MS-ACCESS
2.1.3 Specific Requirements
7
This section describes about both the functional and nonfunctional
requirements of the system. The functional requirements section defines the
system’s requirement specifications from functionalities point of view. The
non-functional requirements section defines performance requirements,
design constraints, etc, which are dealt in detail in corresponding sub-
sections.
2.1.3.1 Functional requirements
Functional requirements of the system encompasses the following
set of operations
Provides a better, faster service for the users.
To view Network information.
To be more user friendly.
2.1.3.2 Non-functional requirements
a. Performance Requirements
Speed:
This is one of the most important factors, the system should respond in the
minimal response time to facilitate the user.
Storage:
The system should work at minimum storage space.
b. Attributes
1. Efficiency:
8
To make efficiency high, the size of computing code should be
less and the resources required by the program to perform its
functions should be low.
2. Ease of installation:
To achieve ease of installation, the effort required for
installing the system should be minimal.
3. Maintainability:
If the effort required for locating and fixing an error in a
program is less, maintainability is said to be easy.
4. Reliability:
If the program performs its intended function with required
precision it is said to have high reliability.
2.3
2.4 Testing
9
The project considered for development is tested for error-free
performance and is subjected to implementation by the concern. Once the
system has been efficiently developed and tested, it needs to be
implemented. Testing is the process of executing a program with the aim of
detecting errors. It is done manually or by automation using any tool.
Testing is considered as a destructive process that separates itself from other
stages of the system development.
The key objective of the testing process is to find errors in the program
developed for implementation in the organization. Therefore testing has to
be done on the program developed in order to locate error in coding and
logic that are contained within the program.
The various types of testing measures to be taken are:
Test to see if system requirement specification is taken care of.
Test to see the proper handling of the user inputs.
Test the robustness of the system.
Check for errors and validations of the inputs.
All the tests were done based on the sequence of modules. Each
module is tested uniquely to detect the error in the particular module and in
turn rectify it thus result in proper functioning of the application.
2.4.1 System Testing
Similar to the development of the project, testing also plays a
major role in the process of developing a software project. Moreover, this
10
system testing part is considered as the lengthiest process of the project.
Rather developing and coding the testing procedure is much more risky too.
In this project module, substantial flow of proper information and collection
of programs have been done. This includes the following various types of
working testing procedures.
2.4.2 Unit Testing
Each of the modules in the project is considered as a separate
unit and that particular unit is tested individually. In packet sensing each
sensing each information from the user agent string given related to number
of packets transferred are checked repeatedly.
2.4.3 Integration Testing
With results of the unit testing procedure the integration part of
testing begins. This integration unit is much more complex than the previous
one which gives complete data flow of the system. Apart from it, this is a
lengthy process of a system development. This integration process begins
with integrating one module at a time, to make it really work correctly.
Hence any data loss in between the system fails with a warning error
message.
2.5 Maintainanace
Maintenance is a set of software engineering activities that occur after
software has been delivered to the customer. The maintenance phase forces
changes that is associated error correction and adoptions required as the
software environment evolves and changes due to enhancements brought out
by changing customer requirements. The maintenance phases reapply the
11
steps of the definition and development phase but do so in the context of
existing software. When the customer identifies any fault in the system
changes could be easily made as there would be very less chance for the
customer to face any problem with the application.
The application is developed in windows98 platform and the
application would work without any error in the windows98 platform. But
when the same application is to be used in some other environment of
windows family then suitable changes has to be made to the software to
accommodate itself to current environment on which it is been implemented.
Since this is an ongoing project in our organization and there are lot of
advanced modules to be completed before implementation. Hence, the
implementation cycle is forbidden from the report produce. This particular
implementation issues undergo a lots of changes in the system
CHAPTER 3
3.CORE OF PROJECT
3.1 ABOUT JAVA
3.1.1 INTRODUCTION TO JAVA
Java is a simple, object-oriented, distributed, interpreted, robust,
secure, architectural-neutral, portable, high-performance, multithreaded and
dynamic language.
12
3.1.1.1 Simple
Java is simpler to learn for programmers if they think in terms of
objects and methods. Java has eliminated the complexities present in C++.
Java supports garbage collection to further simply the language as it takes
the burden of the memory management off the programmer. Java does not
use header files and it eliminates the C processor. Constructs like struct and
union have been removed. Java also the operator overloading and multiple
inheritance features of other object oriented languages. Perhaps the most
important simplification, however is that java does not use pointers. Java
automatically handles the referencing and de-referencing of objects for you.
Thus it frees us from having to worry about dangling pointers, invalid
pointer references and memory leaks.
3.1.1.2 Object-Oriented:
Java is an object-oriented language. It mainly focuses on the data
in the application and methods that manipulate the data, rather than thinking
strictly in terms of procedures. Java comes with an extensive set of classes,
arranged, that you can use in your programs.
3.1.1.3 Distributed:
Java was built with network communication in mind. It had a
comprehensive library of routines for dealing with network protocols such as
13
TCP/IP, HTTP, and FTP. Hence it is easy to read a remote file or resources,
as it is to read a local file. Java applications are open and can be accessed
across the Internet.
3.1.1.4 Interpreted:
Java is an interpreted language. The Java compiler generates
byte-code for the JVM (Java Virtual Machine). This Java byte-code is
platform independent and the programs can be run on any platform the JVM
has been ported to.
3.1.1.5 Robust:
Java has been designed for writing reliable or robust software. It is
a strongly typed language, which allows for extensive compile time
checking for potential type mismatch problems. The lack of pointers and
pointer arithmetic features increases the robustness of Java programs by
abolishing the pointer related bugs. Exception handling is another feature in
Java that makes for more robust programs.
3.1.1.6 Secure:
Security is a critical part of the Java environment. Java allows us to
create virus-free programs and prevent malicious code security, which can
be achieved by a digital signature to Java code. The origin of the code can be
established in a cryptographically secure and unforgettable way.
3.1.1.7 Architectural-Neutral and Portable:
Because Java programs are compiled to an architecture neutral byte
code format, a Java application can run on any system, as long as that
14
system implements the JVM. Java’s primitive data types are consistent from
system to system. The class libraries include portable interfaces for each
platform on which the runtime environment is available.
3.1.1.8 High-Performance:
Java performance is impressive for an interpreted language,
mostly because of the development of “Just in Time” compilers that can
translate java byte-codes into machine code for a particular CPU at run time.
The performance of Java’s interpreted byte codes is much better than the
high-level scripting languages.
3.1.1.9 Multithreaded:
Java is a multithreaded language. It provides for multiple threads of
execution that can handle different tasks. An important benefit of
multithreading is that it improves the interactive performance of graphical
application for the user.
3.1.1.10 Exception and Exception Handling:
Exception handling is a significant feature of Java. An exception is
a signal that indicates some sort of exceptional condition has occurred. To
throw an exception, is to signal an exceptional condition. To catch an
exception is to take whatever actions are necessary to recover from it.
Exception propagated through the lexical block structure of a Java
method and then up the method call stack. If the exception is not caught by
the block of code, then it propagates to the next higher enclosing block of
15
data. If it is not caught there, it propagates up again. If an exception is never
caught, it propagates all the way to the main() method from which the
program started. An exception in Java is an object that is an instance of some
sub class of java.lang.Throwable. Throwable has two standard sub classes:
java.lang.Error and java.lang.Exception. Exceptions are objects and the
contain data and define methods.
The try/catch/finally statements are in Java’s exception handling
mechanism. try establishes a block of code that is to have its exceptions and
abnormal exists handled. The try block is followed by one or more catch
clauses that catch and handle specified types of exceptions. The catch
clauses are optionally followed by a finally block that contains “clean-up”
code. The statements of finally clause are guaranteed to be executed
regardless of how the code in the try block exists.
3.2 Overview of packet filtering
3.2.1 Why Packet Filtering?
Packet filtering lets you control (allow or disallow) data transfer
based on:
The address the data is (supposedly) coming from
The address the data is going to
The session and application protocols being used to transfer the data.
The main advantage of packet filtering is leverage: it allows you to provide,
in a single place, particular protections for an entire network. Consider the
16
Telnet service as an example. If you disallow Telnet by turning off the
Telnet server on all your hosts, you still have to worry about someone in
your organization installing a new machine (or reinstalling an old one) with
the Telnet server turned on. On the other hand, if your filtering router does
not allow Telnet, such a new machine would be protected right from the
start, regardless of whether or not its Telnet server was actually running.
Routers also present a useful choke point for all of the traffic entering
or leaving a network. Even if you have multiple routers for redundancy, you
probably have far fewer routers, under much tighter control, than you have
host machines.
Only filtering routers can provide certain protections, and then only if
they are deployed in particular locations in your network. For example, it's a
good idea to reject all packets that have internal source addresses - that is,
packets that claim to be coming from internal machines but that are actually
coming in from the outside - because such packets are usually part of
address-spoofing attacks. In such attacks, an attacker is pretending to be
coming from an internal machine. Decision-making of this kind can be done
only in a filtering router at the perimeter of your network. Only a filtering
router in that location (which is, by definition, the boundary between
"inside" and "outside") is able to recognize such a packet, by looking at the
source address and whether the packet came from the inside (the internal
network connection) or the outside (the external network connection).
3.2.2 Advantages of Packet Filtering:
17
Packet filtering has a number of advantages.
3.2.2.1 One screening router can help protect an entire network:
One of the key advantages of packet filtering is that a single,
strategically placed packet-filtering router can help protect an entire
network. If there is only one router that connects your site to the Internet,
you gain tremendous leverage on network security, regardless of the size of
your site, by doing packet filtering on that router.
3.2.2.2 Packet filtering doesn't require user knowledge or
cooperation:
Unlike proxying, Proxy Systems, packet filtering doesn't require
any custom software or configuration of client machines, nor does it require
any special training or procedures for users. When a packet filtering router
decides to let a packet through, the router is indistinguishable from a normal
router. Ideally, users won't even realize it's there, unless they try to do
something that is prohibited (presumably because it is a security problem)
by the packet filtering router's filtering policy.
This "transparency" means that packet filtering can be done
without the cooperation, and often without the knowledge, of users. The
18
point is not that you can do this subversively, behind your users' backs
(while actions like that are sometimes necessary - it all depends on the
circumstances - they can be highly political). The point is that you can do
packet filtering without their having to learn anything new to make it work,
and without your having to depend on them to do (or not do) anything to
make it work.
3.2.2.3 Packet filtering is widely available in many routers:
Packet filtering capabilities are available in many hardware and
software routing products, both commercial and freely available over the
Internet. Most sites already have packet-filtering capabilities available in the
routers they use.
Most commercial router products, such as the routers from
Livingston Enterprises and Cisco Systems, include packet-filtering
capabilities. Packet filtering capabilities are also available in a number of
packages, such as Drawbridge, Karl Bridge, and screened, that are freely
distributed on the Internet.
3.2.3 What Does a Packet Look Like?
To understand packet filtering, you first have to understand packets
and how they are handled at each layer of the TCP/IP protocol stack:
19
Application layer (e.g., FTP, Telnet, HTTP)
Transport layer (TCP or UDP)
Internet layer (IP)
Network access layer (e.g., Ethernet, FDDI, ATM)
Packets are constructed in such a way that layers for each protocol
used for a particular connection are wrapped around the packets, like the
layers of skin on an onion.
At each layer, a packet has two parts: the header and the body.
The header contains protocol information relevant to that layer, while the
body contains the data for that layer which often consists of a whole packet
from the next layer in the stack. Each layer treats the information it gets
from the layer above it as data, and applies its own header to this data. At
each layer, the packet contains all of the information passed from the higher
layer; nothing is lost. This process of preserving the data while attaching a
new header is known as encapsulation.
At the application layer, the packet consists simply of the data to be
transferred (for example, part of a file being transferred during an FTP
session). As it moves to the transport layer, the Transmission Control
Protocol (TCP) or the User Datagram Protocol (UDP) preserves the data
from the previous layer and attaches a header to it. At the next layer, IP
considers the entire packet (consisting now of the TCP or UDP header and
20
the data) to be data, and now attaches its own IP header. Finally, at the
network access layer, Ethernet or another network protocol considers the
entire IP packet passed to it to be data, and attaches its own header.
At the other side of the connection, this process is reversed. As the
data is passed up from one layer to the next higher layer, each header (each
skin of the onion) is stripped off by its respective layer. For example, the
Internet layer removes the IP header before passing the encapsulated data up
to the transport layer (TCP or UDP).
In trying to understand packet filtering, the most important
information from our point of view is in the headers of the various layers.
The sections below look at several examples of different types of packets
and show the contents of each of the headers that packet-filtering routers
will be examining. We assume certain knowledge of TCP/IP fundamentals,
and concentrate on discussing the particular issues related to packet filtering.
21
CHAPTER 5
5 SOURCE CODE
5.1 Server side
5.1.1 Server login
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
class serverlogin extends JDialog
{
public static JButton exitbutton,loginbutton;
private JLabel uname_label,pwd_label;
22
private JTextField uname_tf;
private JPasswordField pwd_tf;
private int x1=10,y1=10,x2=150,y2=30;
serverlogin()
{
Container c=getContentPane();
c.setLayout(new BorderLayout());
setTitle("SERVER LOGIN");
JLabel s_pan1=new JLabel(new ImageIcon("login.jpg"));
s_pan1.setLayout(null);
s_pan1.setBounds(0,0,300,200);
uname_label=new JLabel("UserName");
uname_label.setForeground(Color.blue);
uname_label.setBounds(x1,y1,x2,y2);
s_pan1.add(uname_label);
uname_tf=new JTextField();
uname_tf.setBounds(x1+110,y1,x2,y2);
s_pan1.add(uname_tf);
y1+=60;
pwd_label=new JLabel("PassWord");
pwd_label.setForeground(Color.blue);
pwd_label.setBounds(x1,y1,x2,y2);
s_pan1.add(pwd_label);
pwd_tf=new JPasswordField();
pwd_tf.setBounds(x1+110,y1,x2,y2);
s_pan1.add(pwd_tf);
y1+=60;
23
loginbutton=new JButton("Login");
loginbutton.addActionListener(new ActionListener()
{
public void actionPerformed(ActionEvent ae)
{
char pwd[]=pwd_tf.getPassword();
if(uname_tf.getText().equals("admin")&&String.valueOf(pwd).equals
("admin"))
{
dispose();
msgbox.showmsg("Successfully loged in");
serverconfig sc=new serverconfig();
}
else
{
msgbox.showmsg("Invalid Username and PassWord");
}
}
});
loginbutton.setBounds(x1,y1,x2-50,y2);
s_pan1.add(loginbutton);
exitbutton=new JButton("Exit");
exitbutton.addActionListener(new ActionListener()
{
public void actionPerformed(ActionEvent ae)
24
{
System.exit(0);
}
});
exitbutton.setBounds(x1+140,y1,x2-50,y2);
s_pan1.add(exitbutton);
c.add(s_pan1,"Center");
setDefaultCloseOperation(0);
setResizable(false);
setLocation(x2,50);
setSize(300,200);
show();
}
}
class server
{
public static void main(String arg[])
{
serverlogin slogin=new serverlogin();
}
}
class print
{
public static void showmsg(String r_msg)
{
25
System.out.println(r_msg);
}
}
class msgbox
{
public static void showmsg(String r_msg)
{
javax.swing.JOptionPane.showMessageDialog(new javax.swing.JFrame(),r_msg);
}
}
5.1.2 Server Configuration
import java.io.*;
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
class serverconfig extends JFrame
{
JButton exitbutton,configbutton,dispbutton,startbutton;
JLabel pkt_label,time_label;
JTextField pkt_tf,time_tf;
public static int timeval=0,pktsize=0;
int x1=20,y1=30,x2=150,y2=30;
public static FileOutputStream fout;
26
serverconfig()
{
setTitle("Server Rules");
Container c=getContentPane();
c.setLayout(null);
pkt_label=new JLabel("Packet Size:");
pkt_tf=new JTextField();
time_label=new JLabel("Time per Message:");
time_tf=new JTextField();
configbutton=new JButton("Apply Rules");
dispbutton=new JButton("Report");
exitbutton = new JButton("Down");
startbutton = new JButton("Start Server");
Font f=new Font("Arial",0,20);
configbutton.setFont(f);
dispbutton.setFont(f);
exitbutton.setFont(f);
startbutton.setFont(f);
x1=x1+50;
pkt_label.setBounds(x1,y1,x2,y2);
pkt_tf.setBounds(x1+170,y1,x2,y2);
y1+=40;
time_label.setBounds(x1,y1,x2,y2);
time_tf.setBounds(x1+170,y1,x2,y2);
y1+=40;
x1=x1-50;
exitbutton.setBounds(x1,y1,x2,y2);
27
configbutton.setBounds(x1+160,y1,x2,y2);
dispbutton.setBounds(x1+320,y1,x2,y2);
y1+=40;
startbutton.setBounds(x1+160,y1,x2,y2);
startbutton.setEnabled(false);
configbutton.addActionListener(new ActionListener()
{
public void actionPerformed(ActionEvent ae)
{
if(!time_tf.getText().equals("")&&!pkt_tf.getText().equals(""))
{
try
{
timeval=Integer.parseInt(time_tf.getText());
pktsize=Integer.parseInt(pkt_tf.getText());
time_tf.setEditable(false);
pkt_tf.setEditable(false);
configbutton.setEnabled(false);
startbutton.setEnabled(true);
}
catch (Exception ex)
{
msgbox.showmsg("Number format Exception");
}
}
else
28
{
msgbox.showmsg("Invalid TextField");
}
}
});
exitbutton.addActionListener(new ActionListener()
{
public void actionPerformed(ActionEvent ae)
{
System.exit(0);
}
});
dispbutton.addActionListener(new ActionListener()
{
public void actionPerformed(ActionEvent ae)
{
report r=new report();
}
});
startbutton.addActionListener(new ActionListener()
{
public void actionPerformed(ActionEvent ae)
{
try
{
29
if(!configbutton.isEnabled())
{
File file=new File("report\\report.txt");
fout=new FileOutputStream(file);
String out="\nServer is started At="+new java.util.Date();
fout.write(out.getBytes());
new serverlisten();
startbutton.setEnabled(false);
msgbox.showmsg("Server started");
}
else
{
msgbox.showmsg("Server not started");
}
}
catch (Exception ex)
{
msgbox.showmsg("Server not started");
}
}
});
c.add(pkt_label);
c.add(time_label);
c.add(pkt_tf);
c.add(time_tf);
c.add(exitbutton);
c.add(configbutton);
30
c.add(dispbutton);
c.add(startbutton);
setDefaultCloseOperation(3);
setSize(500,250);
setResizable(false);
show();
}
public static void main(String a[])
{
serverconfig sc=new serverconfig();
}
}
5.1.3 Server listener
import java.io.*;
import java.net.*;
import java.sql.*;
class serverlisten extends Thread
{
private ServerSocket sersoc;
private Socket soc;
private Connection con;
serverlisten()
{
31
start();
}
public void run()
{
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
String mycon="jdbc:odbc:Driver={Microsoft Access Driver
(*.mdb)};DBQ=iptracer.mdb";
con=DriverManager.getConnection(mycon);
con.setAutoCommit(true);
print.showmsg("Database Connected");
sersoc=new ServerSocket(5555);
print.showmsg("Server is waiting");
Statement stmt=con.createStatement();
stmt.executeUpdate("delete * from portregister");
while(true)
{
String rep="";
soc=sersoc.accept();
print.showmsg("accepted");
String receiv=(String)new
ObjectInputStream(soc.getInputStream()).readObject();
String received[]=receiv.split("#");
String out="Server is accepted from ip="+received[0];
32
serverconfig.fout.write(out.getBytes());
ResultSet rs=stmt.executeQuery("select * from portregister where
machineip='"+received[0]+"' and port="+Integer.parseInt(received[1])
+"");
if(!rs.next())
{
if(stmt.executeUpdate("insert into portregister
values('"+received[0]+"',"+Integer.parseInt(received[1])+")")>0)
{
rep="ok";
out="\nServer is Registered from ip="+received[0];
serverconfig.fout.write(out.getBytes());
server_client_communicat scc=new
server_client_communicat(con,soc,received[0],Integer.parseInt(received[1])
);
}
else
rep="no";
}
else
{
rep="already";
}
new ObjectOutputStream(soc.getOutputStream()).writeObject(rep);
}
}
33
catch (Exception ex)
{
print.showmsg("exception in run"+ex);
try
{
new ObjectOutputStream(soc.getOutputStream()).writeObject("no");
soc.close();
}
catch (Exception ex1)
{
}
}
}
}
5.1.4 Server-Client Communication
import java.io.*;
import java.net.*;
import java.sql.*;
class server_client_communicat extends Thread
{
private Socket sc_soc;
34
private Connection sc_con;
private String ip;
private int port;
server_client_communicat(Connection tcon,Socket tsoc,String ip,int
port)
{
this.sc_con=tcon;
this.sc_soc=tsoc;
this.ip=ip;
this.port=port;
start();
}
public void run()
{
try
{
while(true)
{
packet receiv=(packet)new
ObjectInputStream(sc_soc.getInputStream()).readObject();
print.showmsg("received action"+receiv.getAction());
if(receiv.getAction().equals("online"))
{
java.util.Vector online=new java.util.Vector();
Statement stm=sc_con.createStatement();
ResultSet rss=stm.executeQuery("select distinct(machineip) from
35
portregister");
while(rss.next())
{
online.add(rss.getString(1));
}
stm.close();
new
ObjectOutputStream(sc_soc.getOutputStream()).writeObject(online);
}
else if(receiv.getAction().equals("message"))
{
java.util.Date dd=new java.util.Date();
long eltime=dd.getTime()-Long.parseLong(receiv.getTime());
print.showmsg("Elapsed Time="+eltime);
if(receiv.getPacket_size()<=serverconfig.pktsize&&eltime<=serverco
nfig.timeval)
{
Socket tsoc=new Socket(receiv.getDest_ip(),receiv.getDest_Port());
String out="\nServer is Received packet= "+receiv.getPacket_no()+"
from ip="+receiv.getSource_ip();
serverconfig.fout.write(out.getBytes());
new
ObjectOutputStream(tsoc.getOutputStream()).writeObject(receiv);
tsoc.close();
}
else
{
36
String out="\nServer is discarded packet= "+receiv.getPacket_no()+"
from ip="+receiv.getSource_ip();
serverconfig.fout.write(out.getBytes());
print.showmsg("packet has been discarded");
}
}
else
{
java.util.Vector online=new java.util.Vector();
Statement stm=sc_con.createStatement();
ResultSet rss=stm.executeQuery("select port from portregister where
machineip='"+receiv.getAction()+"'");
while(rss.next())
{
online.add(rss.getString(1));
}
stm.close();
new
ObjectOutputStream(sc_soc.getOutputStream()).writeObject(online);
}
}
}
catch (Exception ex)
{
try
{
print.showmsg("Exception in server_client_communicat"+ex);
37
Statement stm1=sc_con.createStatement();
stm1.executeUpdate("delete * from portregister where
machineip='"+ip+"' and port="+port+"");
}
catch (Exception ex1)
{
}
}
}
}
5.1.5 Packet Conversion
import java.io.*;
class packet implements java.io.Serializable
{
int dport,tot_pkt,pkt_no,pkt_size;
String data,dip,sip,action,time;
public void setAction(String act)
{
this.action=act;
}
public String getAction()
38
{
return action;
}
public void setData(String data)
{
this.data=data;
}
public String getData()
{
return data;
}
public void setDest_Port(int port)
{
this.dport=port;
}
public int getDest_Port()
{
return dport;
}
public void setDest_ip(String ip)
{
this.dip=ip;
}
public String getDest_ip()
39
{
return dip;
}
public void setSource_ip(String sip)
{
this.sip=sip;
}
public String getSource_ip()
{
return sip;
}
public void setTotal_pkt(int pkt)
{
this.tot_pkt=pkt;
}
public int getTotal_pkt()
{
return tot_pkt;
}
public void setPacket_no(int pktno)
{
this.pkt_no=pktno;
}
40
public int getPacket_no()
{
return pkt_no;
}
public void setPacket_size(int pktsize)
{
this.pkt_size=pktsize;
}
public int getPacket_size()
{
return pkt_size;
}
public void setTime(String tim)
{
this.time=tim;
}
public String getTime()
{
return time;
}
}
5.1.6 Server Report
41
import java.io.*;
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
class report extends JDialog
{
JTextArea ta;
JButton closebutton,refreshbutton;
report()
{
setTitle("Server Reports");
getContentPane().setLayout(new BorderLayout());
ta=new JTextArea();
ta.setEditable(false);
getContentPane().add(new JScrollPane(ta),"Center");
JPanel pan=new JPanel(new FlowLayout());
refreshbutton=new JButton("Refresh");
Font f=new Font("Arial",0,20);
refreshbutton.setFont(f);
refreshbutton.addActionListener(new ActionListener()
{
public void actionPerformed(ActionEvent ae)
{
displyreport();
42
}
});
pan.add(refreshbutton);
closebutton=new JButton("close");
closebutton.setFont(f);
closebutton.addActionListener(new ActionListener()
{
public void actionPerformed(ActionEvent ae)
{
dispose();
}
});
pan.add(closebutton);
getContentPane().add(pan,"South");
setSize(500,500);
show();
displyreport();
}
public void displyreport()
{
try
{
File file=new File("report\\report.txt");
if(file.exists())
{
FileInputStream fin=new FileInputStream(file);
43
byte b[]=new byte[fin.available()];
fin.read(b);
ta.setText(new String(b));
fin.close();
}
else
{
msgbox.showmsg("The Report file is not existed");
}
}catch(Exception er)
{
msgbox.showmsg("Exception is="+er);
}
CHAPTER 6
RESULT ANLYSIS
6.1 Input Design
6.1.1 Server login screen
44
Server login
figure 6.1
login message
figure 6.2
This is the screen through which the server is logged on. Once
the username and pass word is correct then msg box will appear
as above.
6.1.1 Setting Server Rules
Server rules
45
Figure 6.3
Server started
Figure 6.4
This has to be entered in the server side these are the
rules by which the packets are filtered. These are the server side rules.
6.1.1 Client Registration
Client port registration
46
Figure 6.5
Register message
Figure 6.6
This is to register the client. For the registration purpose the IP
address and port number are to be given. These details are
stored in the database.
6.1.1 Main Client Form
47
main client form
figure 6.7
This is to send the data. Here we have to specify the packet size
as per which the data has been converted to data packets.
6.1.1 Setting Client Rules
48
Client Rules
Figure 6.8
This form is for applying the rules. The rules are based on IP
address, size of the packets and the data present in the packets.
This is the resultant of filter implementation module.
49
6.2Output Design
6.2.1 Server Report
Server Report
Figure 6.9
Here the report is generated for the server side. This is resultant of report
generation module.
6.2.1Client Report
50
Received Packets
Figure 6.10
This is to view the packets received or discarded in the client side.
51
CHAPTER 7
7 Conclusion
7.1 Conclusion
The system is supposed to reduce the cost of expenses. It is
to be developed into a user-friendly environment & more understandable
output is to be produced. In the proposed system the simple filters are to be
combine to form very complex filters, so that more security measures are
taken to safeguard our data. The user may dynamically select the rules as per
their choice and manually configure the rules specification. The proposed
system is platform independent and can be run in a system irrespective of the
operating system or hardware configurations, cause we are using Java to
develop the system.
In this package user-friendly interface has been developed. It provides the following features.
There is a graphical display which will enable the user to have a
very clear idea as to what the system is performing
Routines are written in such a way that any person going
through it will be able to understand and use it for further
enhancement.
7.2 Future Enhancement
Security forms the major concern over the evolving softwares
in the world. As our project is concern about the security we are
52
concentrating more to provide security. In future we are going to perform the
same operation over the internet so it will be widely used all over the world.
we are now going to work on how to filter the packets over the internet?
Surely we believe that we will succeed our task in future. We need all your
support to carry our work in future.
Reference
[1]. David Flanagan(1996),JAVA in A nutshell, O’Reilly & Associates.
53
[2] Herbert Schidilt, The Complete Reference JAVA 2 fifth edition, Tata
McGraw-Hill Edition
[3] Robert Orfali & Dan Harkey ,The Essential Client/Server Survival
Model.
54
55