High_level Network Security Using Packet Filtering

CHAPTER 1

INTRODUCTION

1. 1 Overview

Packet filtering is a network security mechanism that works by controlling

what data can flow to and from a network. We provide a very brief

introduction to high-level IP networking concepts (a necessity for

understanding packet filtering).

To transfer information across a network, the information has to be

broken up into small pieces, each of which is sent separately. Breaking the

information into pieces allows many systems to share the network, each

sending pieces in turn. In IP networking, those small pieces of data are

called packets. All data transfer across IP networks happens in the form of

packets.

A router has to make a routing decision about each packet it receives; it

has to decide how to send that packet on towards its ultimate destination. In

general, a packet carries no information to help the router in this decision,

other than the IP address of the packet's ultimate destination. The packet

tells the router where it wants to go, but not how to get there. Routers

communicate with each other using "routing protocols" such as the Routing

Information Protocol (RIP) and Open Shortest Path First (OSPF) to build

routing tables in memory to determine how to get the packets to their

destinations. When routing a packet, a router compares the packet's

destination address to entries in the routing table and sends the packet

1

onward as directed by the routing table. Often, there won't be a specific

route for a particular destination, and the router will use a "default route;"

generally, such a route directs the packet towards smarter or better-

connected routers. (The default routes at most sites point towards the

Internet.)

In determining how to forward a packet towards its destination, a normal

router looks only at a normal packet's destination address and asks only

"How can I forward this packet?" A packet filtering router also considers the

question "Should I forward this packet?" The packet filtering router answers

that question according to the security policy programmed into the router via

the packet filtering rules.

1. 2 Objective of the project

Project is concerned with analyzing all packets across LAN

Here filtering of packets is carried out by means of filtering rules

In first rule filtering is carried out by means of IP address.

In second rule filtering is by means of size of the packet.

In third rule filtering is carried out by means of data inside the packet.

2

1. 3 Existing system

Current filtering tools are not perfect

Despite the widespread availability of packet filtering in

various hardware and software packages, packet filtering is still not a perfect

tool. The packet filtering capabilities of many of these products share, to a

greater or lesser degree, common limitations:

Some protocols are not well suited to packet filtering

Even with perfect packet filtering implementations, you will

find that some protocols just aren't well suited to security via packet

filtering, for reasons we'll discuss later in this book. Such protocols include

the Berkeley "r" commands (rcp, rlogin, rdist, rsh, etc.) and RPC-based

protocols such as NFS and NIS/YP.

Some policies can't readily be enforced by normal packet filtering

routers

The information that a packet filtering router

has available to it doesn't allow you to specify some rules you might like to

have. For example, packets say what host they come from, but generally not

what user. Therefore, you can't enforce restrictions on particular users.

Similarly, packets say what port they're going to, but not what application;

when you enforce restrictions on higher-level protocols, you do it by port

number, hoping that nothing else is running on the port assigned to that

protocol. Malicious insiders can easily subvert this kind of control.

Filters are based on the contents of the individual packets.

Filter tools are OS specific (i.e.) platform dependent.

3

1.3.1 Limitation of existing system

Filters are based on the contents of the individual packets

Filter tools are OS specific(i.e) platform dependent

User needs detailed knowledge & time consuming

Do not provide follow up for updating the rules.

1.4 Proposed system

The proposed system is supposed to reduce the cost of expenses. It is

to be developed into a user-friendly environment & more understandable

output is to be produced. In the proposed system the simple filters are to be

combine to form very complex filters, so that more security measures are

taken to safeguard our data. The user may dynamically select the rules as per

their choice and manually configure the rules specification. The proposed

system is platform independent and can be run in a system irrespective of the

operating system or hardware configurations, cause we are using Java to

develop the system.

1.4.1 Advantages of proposed system

Reduced Cost.

User-friendly environment & understandable output.

Simple filters combined to form complex filters.

The user can select rules or their combination.

Platform Independent.

4

1.5 Organization of the thesis

The report of the software project is framed chapter-wise. The

development of the software product comprising of various phases is

reflected in the chapters given below. These chapters portray the detailed

information of each of the development activities of the software project.

The whole report gives a brief explanation about the various stages of the

software development life cycle. Any phase of software development can be

verified in the given report as it is framed in an orderly fashion in chapter-

wise format. The outlay of the report is summarized as follows:

Chapter 1: Introduction

This chapter gives the basic information of the software

product taken for development consideration and the information of the

organization that needs for the implementation of the finished software

product. The system overview and the information about the software

organization have been included in this section.

Chapter 2: Development Process and Solution Approach

This chapter deals with the project requirements of the

software. The Hardware and software requirements, functional and

nonfunctional requirements are analyzed here.

Chapter 3 : Core Of Project

5

This chapter deals with the core of the project (i.e) detailed

about the language description JAVA and also about the important aspects

about the filtering.

Chapter 4 : Result Analysis

This chapter deal about flow chart that means of Diagrammatic

Representation of server operation and client server connectivity.

Chapter 5 : Source code

This chapter deals with the action part (i.e) codings. It gives the

action to the project.

Chapter 6 : Testing

This chapter deals with the different kinds of testing that our

project involves.

Chapter 7 : Snap shots

This chapter deals with the input and output screens involve in

the project.

Chapter 8 : Conclusion

It concludes the project and gives some suggestion for its

future enhancements.

CHAPTER 2

6

2. DEVELOPMENT PROCESS AND DESIGN

This chapter deals with software development life cycle and

development strategies that can be adopted for the application system.

2.1 Requirement Analysis and Specification

This involves analyzing the system requirements for creating the

application and the specification should be feasible for implementing the

application.

2.1.1 Hardware Specification

Processor: Pentium

RAM: 64MB

Speed: 166 MHz

Resolution: 640 x 480 pixels

Hard Disk: 2 GB

Operating System: Platform independent

2.1.2 Software Specification

Front-End: JAVA

Design: Swings

Back-end: MS-ACCESS

2.1.3 Specific Requirements

7

This section describes about both the functional and nonfunctional

requirements of the system. The functional requirements section defines the

system’s requirement specifications from functionalities point of view. The

non-functional requirements section defines performance requirements,

design constraints, etc, which are dealt in detail in corresponding sub-

sections.

2.1.3.1 Functional requirements

Functional requirements of the system encompasses the following

set of operations

Provides a better, faster service for the users.

To view Network information.

To be more user friendly.

2.1.3.2 Non-functional requirements

a. Performance Requirements

Speed:

This is one of the most important factors, the system should respond in the

minimal response time to facilitate the user.

Storage:

The system should work at minimum storage space.

b. Attributes

1. Efficiency:

8

To make efficiency high, the size of computing code should be

less and the resources required by the program to perform its

functions should be low.

2. Ease of installation:

To achieve ease of installation, the effort required for

installing the system should be minimal.

3. Maintainability:

If the effort required for locating and fixing an error in a

program is less, maintainability is said to be easy.

4. Reliability:

If the program performs its intended function with required

precision it is said to have high reliability.

2.3

2.4 Testing

9

The project considered for development is tested for error-free

performance and is subjected to implementation by the concern. Once the

system has been efficiently developed and tested, it needs to be

implemented. Testing is the process of executing a program with the aim of

detecting errors. It is done manually or by automation using any tool.

Testing is considered as a destructive process that separates itself from other

stages of the system development.

The key objective of the testing process is to find errors in the program

developed for implementation in the organization. Therefore testing has to

be done on the program developed in order to locate error in coding and

logic that are contained within the program.

The various types of testing measures to be taken are:

Test to see if system requirement specification is taken care of.

Test to see the proper handling of the user inputs.

Test the robustness of the system.

Check for errors and validations of the inputs.

All the tests were done based on the sequence of modules. Each

module is tested uniquely to detect the error in the particular module and in

turn rectify it thus result in proper functioning of the application.

2.4.1 System Testing

Similar to the development of the project, testing also plays a

major role in the process of developing a software project. Moreover, this

10

system testing part is considered as the lengthiest process of the project.

Rather developing and coding the testing procedure is much more risky too.

In this project module, substantial flow of proper information and collection

of programs have been done. This includes the following various types of

working testing procedures.

2.4.2 Unit Testing

Each of the modules in the project is considered as a separate

unit and that particular unit is tested individually. In packet sensing each

sensing each information from the user agent string given related to number

of packets transferred are checked repeatedly.

2.4.3 Integration Testing

With results of the unit testing procedure the integration part of

testing begins. This integration unit is much more complex than the previous

one which gives complete data flow of the system. Apart from it, this is a

lengthy process of a system development. This integration process begins

with integrating one module at a time, to make it really work correctly.

Hence any data loss in between the system fails with a warning error

message.

2.5 Maintainanace

Maintenance is a set of software engineering activities that occur after

software has been delivered to the customer. The maintenance phase forces

changes that is associated error correction and adoptions required as the

software environment evolves and changes due to enhancements brought out

by changing customer requirements. The maintenance phases reapply the

11

steps of the definition and development phase but do so in the context of

existing software. When the customer identifies any fault in the system

changes could be easily made as there would be very less chance for the

customer to face any problem with the application.

The application is developed in windows98 platform and the

application would work without any error in the windows98 platform. But

when the same application is to be used in some other environment of

windows family then suitable changes has to be made to the software to

accommodate itself to current environment on which it is been implemented.

Since this is an ongoing project in our organization and there are lot of

advanced modules to be completed before implementation. Hence, the

implementation cycle is forbidden from the report produce. This particular

implementation issues undergo a lots of changes in the system

CHAPTER 3

3.CORE OF PROJECT

3.1 ABOUT JAVA

3.1.1 INTRODUCTION TO JAVA

Java is a simple, object-oriented, distributed, interpreted, robust,

secure, architectural-neutral, portable, high-performance, multithreaded and

dynamic language.

12

3.1.1.1 Simple

Java is simpler to learn for programmers if they think in terms of

objects and methods. Java has eliminated the complexities present in C++.

Java supports garbage collection to further simply the language as it takes

the burden of the memory management off the programmer. Java does not

use header files and it eliminates the C processor. Constructs like struct and

union have been removed. Java also the operator overloading and multiple

inheritance features of other object oriented languages. Perhaps the most

important simplification, however is that java does not use pointers. Java

automatically handles the referencing and de-referencing of objects for you.

Thus it frees us from having to worry about dangling pointers, invalid

pointer references and memory leaks.

3.1.1.2 Object-Oriented:

Java is an object-oriented language. It mainly focuses on the data

in the application and methods that manipulate the data, rather than thinking

strictly in terms of procedures. Java comes with an extensive set of classes,

arranged, that you can use in your programs.

3.1.1.3 Distributed:

Java was built with network communication in mind. It had a

comprehensive library of routines for dealing with network protocols such as

13

TCP/IP, HTTP, and FTP. Hence it is easy to read a remote file or resources,

as it is to read a local file. Java applications are open and can be accessed

across the Internet.

3.1.1.4 Interpreted:

Java is an interpreted language. The Java compiler generates

byte-code for the JVM (Java Virtual Machine). This Java byte-code is

platform independent and the programs can be run on any platform the JVM

has been ported to.

3.1.1.5 Robust:

Java has been designed for writing reliable or robust software. It is

a strongly typed language, which allows for extensive compile time

checking for potential type mismatch problems. The lack of pointers and

pointer arithmetic features increases the robustness of Java programs by

abolishing the pointer related bugs. Exception handling is another feature in

Java that makes for more robust programs.

3.1.1.6 Secure:

Security is a critical part of the Java environment. Java allows us to

create virus-free programs and prevent malicious code security, which can

be achieved by a digital signature to Java code. The origin of the code can be

established in a cryptographically secure and unforgettable way.

3.1.1.7 Architectural-Neutral and Portable:

Because Java programs are compiled to an architecture neutral byte

code format, a Java application can run on any system, as long as that

14

system implements the JVM. Java’s primitive data types are consistent from

system to system. The class libraries include portable interfaces for each

platform on which the runtime environment is available.

3.1.1.8 High-Performance:

Java performance is impressive for an interpreted language,

mostly because of the development of “Just in Time” compilers that can

translate java byte-codes into machine code for a particular CPU at run time.

The performance of Java’s interpreted byte codes is much better than the

high-level scripting languages.

3.1.1.9 Multithreaded:

Java is a multithreaded language. It provides for multiple threads of

execution that can handle different tasks. An important benefit of

multithreading is that it improves the interactive performance of graphical

application for the user.

3.1.1.10 Exception and Exception Handling:

Exception handling is a significant feature of Java. An exception is

a signal that indicates some sort of exceptional condition has occurred. To

throw an exception, is to signal an exceptional condition. To catch an

exception is to take whatever actions are necessary to recover from it.

Exception propagated through the lexical block structure of a Java

method and then up the method call stack. If the exception is not caught by

the block of code, then it propagates to the next higher enclosing block of

15

data. If it is not caught there, it propagates up again. If an exception is never

caught, it propagates all the way to the main() method from which the

program started. An exception in Java is an object that is an instance of some

sub class of java.lang.Throwable. Throwable has two standard sub classes:

java.lang.Error and java.lang.Exception. Exceptions are objects and the

contain data and define methods.

The try/catch/finally statements are in Java’s exception handling

mechanism. try establishes a block of code that is to have its exceptions and

abnormal exists handled. The try block is followed by one or more catch

clauses that catch and handle specified types of exceptions. The catch

clauses are optionally followed by a finally block that contains “clean-up”

code. The statements of finally clause are guaranteed to be executed

regardless of how the code in the try block exists.

3.2 Overview of packet filtering

3.2.1 Why Packet Filtering?

Packet filtering lets you control (allow or disallow) data transfer

based on:

The address the data is (supposedly) coming from

The address the data is going to

The session and application protocols being used to transfer the data.

The main advantage of packet filtering is leverage: it allows you to provide,

in a single place, particular protections for an entire network. Consider the

16

Telnet service as an example. If you disallow Telnet by turning off the

Telnet server on all your hosts, you still have to worry about someone in

your organization installing a new machine (or reinstalling an old one) with

the Telnet server turned on. On the other hand, if your filtering router does

not allow Telnet, such a new machine would be protected right from the

start, regardless of whether or not its Telnet server was actually running.

Routers also present a useful choke point for all of the traffic entering

or leaving a network. Even if you have multiple routers for redundancy, you

probably have far fewer routers, under much tighter control, than you have

host machines.

Only filtering routers can provide certain protections, and then only if

they are deployed in particular locations in your network. For example, it's a

good idea to reject all packets that have internal source addresses - that is,

packets that claim to be coming from internal machines but that are actually

coming in from the outside - because such packets are usually part of

address-spoofing attacks. In such attacks, an attacker is pretending to be

coming from an internal machine. Decision-making of this kind can be done

only in a filtering router at the perimeter of your network. Only a filtering

router in that location (which is, by definition, the boundary between

"inside" and "outside") is able to recognize such a packet, by looking at the

source address and whether the packet came from the inside (the internal

network connection) or the outside (the external network connection).

3.2.2 Advantages of Packet Filtering:

17

Packet filtering has a number of advantages.

3.2.2.1 One screening router can help protect an entire network:

One of the key advantages of packet filtering is that a single,

strategically placed packet-filtering router can help protect an entire

network. If there is only one router that connects your site to the Internet,

you gain tremendous leverage on network security, regardless of the size of

your site, by doing packet filtering on that router.

3.2.2.2 Packet filtering doesn't require user knowledge or

cooperation:

Unlike proxying, Proxy Systems, packet filtering doesn't require

any custom software or configuration of client machines, nor does it require

any special training or procedures for users. When a packet filtering router

decides to let a packet through, the router is indistinguishable from a normal

router. Ideally, users won't even realize it's there, unless they try to do

something that is prohibited (presumably because it is a security problem)

by the packet filtering router's filtering policy.

This "transparency" means that packet filtering can be done

without the cooperation, and often without the knowledge, of users. The

18

point is not that you can do this subversively, behind your users' backs

(while actions like that are sometimes necessary - it all depends on the

circumstances - they can be highly political). The point is that you can do

packet filtering without their having to learn anything new to make it work,

and without your having to depend on them to do (or not do) anything to

make it work.

3.2.2.3 Packet filtering is widely available in many routers:

Packet filtering capabilities are available in many hardware and

software routing products, both commercial and freely available over the

Internet. Most sites already have packet-filtering capabilities available in the

routers they use.

Most commercial router products, such as the routers from

Livingston Enterprises and Cisco Systems, include packet-filtering

capabilities. Packet filtering capabilities are also available in a number of

packages, such as Drawbridge, Karl Bridge, and screened, that are freely

distributed on the Internet.

3.2.3 What Does a Packet Look Like?

To understand packet filtering, you first have to understand packets

and how they are handled at each layer of the TCP/IP protocol stack:

19

Application layer (e.g., FTP, Telnet, HTTP)

Transport layer (TCP or UDP)

Internet layer (IP)

Network access layer (e.g., Ethernet, FDDI, ATM)

Packets are constructed in such a way that layers for each protocol

used for a particular connection are wrapped around the packets, like the

layers of skin on an onion.

At each layer, a packet has two parts: the header and the body.

The header contains protocol information relevant to that layer, while the

body contains the data for that layer which often consists of a whole packet

from the next layer in the stack. Each layer treats the information it gets

from the layer above it as data, and applies its own header to this data. At

each layer, the packet contains all of the information passed from the higher

layer; nothing is lost. This process of preserving the data while attaching a

new header is known as encapsulation.

At the application layer, the packet consists simply of the data to be

transferred (for example, part of a file being transferred during an FTP

session). As it moves to the transport layer, the Transmission Control

Protocol (TCP) or the User Datagram Protocol (UDP) preserves the data

from the previous layer and attaches a header to it. At the next layer, IP

considers the entire packet (consisting now of the TCP or UDP header and

20

the data) to be data, and now attaches its own IP header. Finally, at the

network access layer, Ethernet or another network protocol considers the

entire IP packet passed to it to be data, and attaches its own header.

At the other side of the connection, this process is reversed. As the

data is passed up from one layer to the next higher layer, each header (each

skin of the onion) is stripped off by its respective layer. For example, the

Internet layer removes the IP header before passing the encapsulated data up

to the transport layer (TCP or UDP).

In trying to understand packet filtering, the most important

information from our point of view is in the headers of the various layers.

The sections below look at several examples of different types of packets

and show the contents of each of the headers that packet-filtering routers

will be examining. We assume certain knowledge of TCP/IP fundamentals,

and concentrate on discussing the particular issues related to packet filtering.

21

CHAPTER 5

5 SOURCE CODE

5.1 Server side

5.1.1 Server login

import java.awt.*;

import java.awt.event.*;

import javax.swing.*;

class serverlogin extends JDialog

{

public static JButton exitbutton,loginbutton;

private JLabel uname_label,pwd_label;

22

private JTextField uname_tf;

private JPasswordField pwd_tf;

private int x1=10,y1=10,x2=150,y2=30;

serverlogin()

{

Container c=getContentPane();

c.setLayout(new BorderLayout());

setTitle("SERVER LOGIN");

JLabel s_pan1=new JLabel(new ImageIcon("login.jpg"));

s_pan1.setLayout(null);

s_pan1.setBounds(0,0,300,200);

uname_label=new JLabel("UserName");

uname_label.setForeground(Color.blue);

uname_label.setBounds(x1,y1,x2,y2);

s_pan1.add(uname_label);

uname_tf=new JTextField();

uname_tf.setBounds(x1+110,y1,x2,y2);

s_pan1.add(uname_tf);

y1+=60;

pwd_label=new JLabel("PassWord");

pwd_label.setForeground(Color.blue);

pwd_label.setBounds(x1,y1,x2,y2);

s_pan1.add(pwd_label);

pwd_tf=new JPasswordField();

pwd_tf.setBounds(x1+110,y1,x2,y2);

s_pan1.add(pwd_tf);

y1+=60;

23

loginbutton=new JButton("Login");

loginbutton.addActionListener(new ActionListener()

{

public void actionPerformed(ActionEvent ae)

{

char pwd[]=pwd_tf.getPassword();

if(uname_tf.getText().equals("admin")&&String.valueOf(pwd).equals

("admin"))

{

dispose();

msgbox.showmsg("Successfully loged in");

serverconfig sc=new serverconfig();

}

else

{

msgbox.showmsg("Invalid Username and PassWord");

}

}

});

loginbutton.setBounds(x1,y1,x2-50,y2);

s_pan1.add(loginbutton);

exitbutton=new JButton("Exit");

exitbutton.addActionListener(new ActionListener()

{


24

{

System.exit(0);

}

});

exitbutton.setBounds(x1+140,y1,x2-50,y2);

s_pan1.add(exitbutton);

c.add(s_pan1,"Center");

setDefaultCloseOperation(0);

setResizable(false);

setLocation(x2,50);

setSize(300,200);

show();

}

}

class server

{

public static void main(String arg[])

{

serverlogin slogin=new serverlogin();

}

}

class print

{

public static void showmsg(String r_msg)

{

25

System.out.println(r_msg);

}

}

class msgbox

{

public static void showmsg(String r_msg)

{

javax.swing.JOptionPane.showMessageDialog(new javax.swing.JFrame(),r_msg);

}

}

5.1.2 Server Configuration

import java.io.*;

import java.awt.*;



class serverconfig extends JFrame

{

JButton exitbutton,configbutton,dispbutton,startbutton;

JLabel pkt_label,time_label;

JTextField pkt_tf,time_tf;

public static int timeval=0,pktsize=0;

int x1=20,y1=30,x2=150,y2=30;

public static FileOutputStream fout;

26

serverconfig()

{

setTitle("Server Rules");

Container c=getContentPane();

c.setLayout(null);

pkt_label=new JLabel("Packet Size:");

pkt_tf=new JTextField();

time_label=new JLabel("Time per Message:");

time_tf=new JTextField();

configbutton=new JButton("Apply Rules");

dispbutton=new JButton("Report");

exitbutton = new JButton("Down");

startbutton = new JButton("Start Server");

Font f=new Font("Arial",0,20);

configbutton.setFont(f);

dispbutton.setFont(f);

exitbutton.setFont(f);

startbutton.setFont(f);

x1=x1+50;

pkt_label.setBounds(x1,y1,x2,y2);

pkt_tf.setBounds(x1+170,y1,x2,y2);

y1+=40;

time_label.setBounds(x1,y1,x2,y2);

time_tf.setBounds(x1+170,y1,x2,y2);

y1+=40;

x1=x1-50;

exitbutton.setBounds(x1,y1,x2,y2);

27

configbutton.setBounds(x1+160,y1,x2,y2);

dispbutton.setBounds(x1+320,y1,x2,y2);

y1+=40;

startbutton.setBounds(x1+160,y1,x2,y2);

startbutton.setEnabled(false);

configbutton.addActionListener(new ActionListener()

{


{

if(!time_tf.getText().equals("")&&!pkt_tf.getText().equals(""))

{

try

{

timeval=Integer.parseInt(time_tf.getText());

pktsize=Integer.parseInt(pkt_tf.getText());

time_tf.setEditable(false);

pkt_tf.setEditable(false);

configbutton.setEnabled(false);

startbutton.setEnabled(true);

}

catch (Exception ex)

{

msgbox.showmsg("Number format Exception");

}

}

else

28

{

msgbox.showmsg("Invalid TextField");

}

}

});

exitbutton.addActionListener(new ActionListener()

{


{

System.exit(0);

}

});

dispbutton.addActionListener(new ActionListener()

{


{

report r=new report();

}

});

startbutton.addActionListener(new ActionListener()

{


{

try

{

29

if(!configbutton.isEnabled())

{

File file=new File("report\\report.txt");

fout=new FileOutputStream(file);

String out="\nServer is started At="+new java.util.Date();

fout.write(out.getBytes());

new serverlisten();

startbutton.setEnabled(false);

msgbox.showmsg("Server started");

}

else

{

msgbox.showmsg("Server not started");

}

}


{

msgbox.showmsg("Server not started");

}

}

});

c.add(pkt_label);

c.add(time_label);

c.add(pkt_tf);

c.add(time_tf);

c.add(exitbutton);

c.add(configbutton);

30

c.add(dispbutton);

c.add(startbutton);

setDefaultCloseOperation(3);

setSize(500,250);

setResizable(false);

show();

}

public static void main(String a[])

{

serverconfig sc=new serverconfig();

}

}

5.1.3 Server listener

import java.io.*;

import java.net.*;

import java.sql.*;

class serverlisten extends Thread

{

private ServerSocket sersoc;

private Socket soc;

private Connection con;

serverlisten()

{

31

start();

}

public void run()

{

try

{

Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");

String mycon="jdbc:odbc:Driver={Microsoft Access Driver

(*.mdb)};DBQ=iptracer.mdb";

con=DriverManager.getConnection(mycon);

con.setAutoCommit(true);

print.showmsg("Database Connected");

sersoc=new ServerSocket(5555);

print.showmsg("Server is waiting");

Statement stmt=con.createStatement();

stmt.executeUpdate("delete * from portregister");

while(true)

{

String rep="";

soc=sersoc.accept();

print.showmsg("accepted");

String receiv=(String)new

ObjectInputStream(soc.getInputStream()).readObject();

String received[]=receiv.split("#");

String out="Server is accepted from ip="+received[0];

32

serverconfig.fout.write(out.getBytes());

ResultSet rs=stmt.executeQuery("select * from portregister where

machineip='"+received[0]+"' and port="+Integer.parseInt(received[1])

+"");

if(!rs.next())

{

if(stmt.executeUpdate("insert into portregister

values('"+received[0]+"',"+Integer.parseInt(received[1])+")")>0)

{

rep="ok";

out="\nServer is Registered from ip="+received[0];


server_client_communicat scc=new

server_client_communicat(con,soc,received[0],Integer.parseInt(received[1])

);

}

else

rep="no";

}

else

{

rep="already";

}

new ObjectOutputStream(soc.getOutputStream()).writeObject(rep);

}

}

33


{

print.showmsg("exception in run"+ex);

try

{

new ObjectOutputStream(soc.getOutputStream()).writeObject("no");

soc.close();

}

catch (Exception ex1)

{

}

}

}

}

5.1.4 Server-Client Communication

import java.io.*;

import java.net.*;

import java.sql.*;

class server_client_communicat extends Thread

{

private Socket sc_soc;

34

private Connection sc_con;

private String ip;

private int port;

server_client_communicat(Connection tcon,Socket tsoc,String ip,int

port)

{

this.sc_con=tcon;

this.sc_soc=tsoc;

this.ip=ip;

this.port=port;

start();

}

public void run()

{

try

{

while(true)

{

packet receiv=(packet)new

ObjectInputStream(sc_soc.getInputStream()).readObject();

print.showmsg("received action"+receiv.getAction());

if(receiv.getAction().equals("online"))

{

java.util.Vector online=new java.util.Vector();

Statement stm=sc_con.createStatement();

ResultSet rss=stm.executeQuery("select distinct(machineip) from

35

portregister");

while(rss.next())

{

online.add(rss.getString(1));

}

stm.close();

new

ObjectOutputStream(sc_soc.getOutputStream()).writeObject(online);

}

else if(receiv.getAction().equals("message"))

{

java.util.Date dd=new java.util.Date();

long eltime=dd.getTime()-Long.parseLong(receiv.getTime());

print.showmsg("Elapsed Time="+eltime);

if(receiv.getPacket_size()<=serverconfig.pktsize&&eltime<=serverco

nfig.timeval)

{

Socket tsoc=new Socket(receiv.getDest_ip(),receiv.getDest_Port());

String out="\nServer is Received packet= "+receiv.getPacket_no()+"

from ip="+receiv.getSource_ip();


new

ObjectOutputStream(tsoc.getOutputStream()).writeObject(receiv);

tsoc.close();

}

else

{

36

String out="\nServer is discarded packet= "+receiv.getPacket_no()+"

from ip="+receiv.getSource_ip();


print.showmsg("packet has been discarded");

}

}

else

{

java.util.Vector online=new java.util.Vector();

Statement stm=sc_con.createStatement();

ResultSet rss=stm.executeQuery("select port from portregister where

machineip='"+receiv.getAction()+"'");

while(rss.next())

{

online.add(rss.getString(1));

}

stm.close();

new

ObjectOutputStream(sc_soc.getOutputStream()).writeObject(online);

}

}

}


{

try

{

print.showmsg("Exception in server_client_communicat"+ex);

37

Statement stm1=sc_con.createStatement();

stm1.executeUpdate("delete * from portregister where

machineip='"+ip+"' and port="+port+"");

}

catch (Exception ex1)

{

}

}

}

}

5.1.5 Packet Conversion

import java.io.*;

class packet implements java.io.Serializable

{

int dport,tot_pkt,pkt_no,pkt_size;

String data,dip,sip,action,time;

public void setAction(String act)

{

this.action=act;

}

public String getAction()

38

{

return action;

}

public void setData(String data)

{

this.data=data;

}

public String getData()

{

return data;

}

public void setDest_Port(int port)

{

this.dport=port;

}

public int getDest_Port()

{

return dport;

}

public void setDest_ip(String ip)

{

this.dip=ip;

}

public String getDest_ip()

39

{

return dip;

}

public void setSource_ip(String sip)

{

this.sip=sip;

}

public String getSource_ip()

{

return sip;

}

public void setTotal_pkt(int pkt)

{

this.tot_pkt=pkt;

}

public int getTotal_pkt()

{

return tot_pkt;

}

public void setPacket_no(int pktno)

{

this.pkt_no=pktno;

}

40

public int getPacket_no()

{

return pkt_no;

}

public void setPacket_size(int pktsize)

{

this.pkt_size=pktsize;

}

public int getPacket_size()

{

return pkt_size;

}

public void setTime(String tim)

{

this.time=tim;

}

public String getTime()

{

return time;

}

}

5.1.6 Server Report

41

import java.io.*;

import java.awt.*;



class report extends JDialog

{

JTextArea ta;

JButton closebutton,refreshbutton;

report()

{

setTitle("Server Reports");

getContentPane().setLayout(new BorderLayout());

ta=new JTextArea();

ta.setEditable(false);

getContentPane().add(new JScrollPane(ta),"Center");

JPanel pan=new JPanel(new FlowLayout());

refreshbutton=new JButton("Refresh");

Font f=new Font("Arial",0,20);

refreshbutton.setFont(f);

refreshbutton.addActionListener(new ActionListener()

{


{

displyreport();

42

}

});

pan.add(refreshbutton);

closebutton=new JButton("close");

closebutton.setFont(f);

closebutton.addActionListener(new ActionListener()

{


{

dispose();

}

});

pan.add(closebutton);

getContentPane().add(pan,"South");

setSize(500,500);

show();

displyreport();

}

public void displyreport()

{

try

{

File file=new File("report\\report.txt");

if(file.exists())

{

FileInputStream fin=new FileInputStream(file);

43

byte b[]=new byte[fin.available()];

fin.read(b);

ta.setText(new String(b));

fin.close();

}

else

{

msgbox.showmsg("The Report file is not existed");

}

}catch(Exception er)

{

msgbox.showmsg("Exception is="+er);

}

CHAPTER 6

RESULT ANLYSIS

6.1 Input Design

6.1.1 Server login screen

44

Server login

figure 6.1

login message

figure 6.2

This is the screen through which the server is logged on. Once

the username and pass word is correct then msg box will appear

as above.

6.1.1 Setting Server Rules

Server rules

45

Figure 6.3

Server started

Figure 6.4

This has to be entered in the server side these are the

rules by which the packets are filtered. These are the server side rules.

6.1.1 Client Registration

Client port registration

46

Figure 6.5

Register message

Figure 6.6

This is to register the client. For the registration purpose the IP

address and port number are to be given. These details are

stored in the database.

6.1.1 Main Client Form

47

main client form

figure 6.7

This is to send the data. Here we have to specify the packet size

as per which the data has been converted to data packets.

6.1.1 Setting Client Rules

48

Client Rules

Figure 6.8

This form is for applying the rules. The rules are based on IP

address, size of the packets and the data present in the packets.

This is the resultant of filter implementation module.

49

6.2Output Design

6.2.1 Server Report

Server Report

Figure 6.9

Here the report is generated for the server side. This is resultant of report

generation module.

6.2.1Client Report

50

Received Packets

Figure 6.10

This is to view the packets received or discarded in the client side.

51

CHAPTER 7

7 Conclusion

7.1 Conclusion

The system is supposed to reduce the cost of expenses. It is

to be developed into a user-friendly environment & more understandable

output is to be produced. In the proposed system the simple filters are to be

combine to form very complex filters, so that more security measures are

taken to safeguard our data. The user may dynamically select the rules as per

their choice and manually configure the rules specification. The proposed

system is platform independent and can be run in a system irrespective of the

operating system or hardware configurations, cause we are using Java to

develop the system.

In this package user-friendly interface has been developed. It provides the following features.

There is a graphical display which will enable the user to have a

very clear idea as to what the system is performing

Routines are written in such a way that any person going

through it will be able to understand and use it for further

enhancement.

7.2 Future Enhancement

Security forms the major concern over the evolving softwares

in the world. As our project is concern about the security we are

52

concentrating more to provide security. In future we are going to perform the

same operation over the internet so it will be widely used all over the world.

we are now going to work on how to filter the packets over the internet?

Surely we believe that we will succeed our task in future. We need all your

support to carry our work in future.

Reference

[1]. David Flanagan(1996),JAVA in A nutshell, O’Reilly & Associates.

53

[2] Herbert Schidilt, The Complete Reference JAVA 2 fifth edition, Tata

McGraw-Hill Edition

[3] Robert Orfali & Dan Harkey ,The Essential Client/Server Survival

Model.

54

High_level Network Security Using Packet Filtering

Documents

Transcript of High_level Network Security Using Packet Filtering