Annexure

MSBTE 2
Solution App

A
MICRO PROJECT REPORT
ON

Submitted by

P
Student name

AP
Under the guidance of
n
tio
Sub teacher name
lu
So

Our clg logo

TE
SB

DEPARTMENT OF COMPUTER TECHNOLOGY

M

AMRUTVAHINI POLYTECHNIC, SANGAMNER -422 608

MSBTE
YEAR 2020-2021

Downloaded From MSBTE Solution App

 Annexure
MSBTE 2
Solution App

Course Name - Computer Technology

P
Course Code – CM5I

AP
Sub Name – OSY
Course Code – 22516
n
tio
lu
So

PROJECT TITLE
TE
SB

Internet security and firewall

M

Roll Name Enrollment no

Downloaded From MSBTE Solution App

 Annexure
MSBTE 2
Solution App

Prof.G.D

(Faculty & Signature)

P
AP
n
tio
lu
So
TE
SB

AMRUTVAHINI SHETI AND SHIKSHAN VIKAS SANSTHA’S

M

AMRUTVAHINI POLYTECHNIC, SANGAMNER

Downloaded From MSBTE Solution App

 Annexure
MSBTE 2
Solution App

CERTIFICATE
This is to certify that
Ms.

Ms.

Has satisfactorily completed Micro-project work entitled,

“INTERNET SECURITY AND FIREWALL”

P
As prescribed by MSBTE, Mumbai, as part of syllabus for the partial

AP
fulfillment in Diploma in Computer Technology of Subject-OSY for Academic
year 2020-2021
n
tio
lu

Prof. Prof.
So

(Subject Teacher) (H.O.D)

TE
SB

Micro-Project Report
M

INTERNET SECURITY AND FIREWALL

1.0 Rationale
Computer and network security has a wide range of applications
and most of the applications need ample security and access to the
network should be restricted from intruders and anomalies. Firewalls can
be considered as the best choice this process and in general the firewalls
provide some access restrictions to the incoming and outgoing traffic
across a network.

Downloaded From MSBTE Solution App

 Annexure
MSBTE 2
Solution App

2.0 Aim /Benefits

The aim of this Micro project is to perform the about the project is
Internet Security and firewall

3.0 Course Outcomes Achieved

a) Operate & Install operating system and configure it.
b) Explain the use of operating system tools to perform various functions.
c) Execute process commands for performing process management
operations.
d) Test different scheduling algorithms to calculate turnaround time and
average waiting time.
e) Test and calculate efficiency of different memory management

P
techniques and Use of file management techniques.

AP
4.0 Literature Review
The term firewall originally referred to a wall intended to confine a
n
tio
fire within a line of adjacent buildings. Later uses refer to similar
structures, such as the metal sheet separating the engine compartment of a
lu

vehicle or aircraft from the passenger compartment. The term was applied
So

in the late 1980s to network technology that emerged when the Internet
was fairly new in terms of its global use and connectivity. The
predecessors to firewalls for network security were routers used in the late
TE

1980s. Because they already segregated networks, routers could apply

filtering to packets crossing them.
SB

5.0 Actual Methodology followed

M

Internet Security
Internet security is a branch of computer security specifically
related to not only Internet, often involving browser security and the
World Wide
Web, but also network security as it applies to other applications or
operating systems as a whole. Its objective is to establish rules and
measures to use against attacks over the Internet.[1] The Internet
represents an insecure channel for exchanging information, which leads to
a high risk of intrusion or fraud, such as phishing, online viruses, Trojans,
worms and more.

Downloaded From MSBTE Solution App

 Annexure
MSBTE 2
Solution App

 Malicious software
An internet user can be tricked or forced into downloading software
that is of malicious intent onto a computer. Such software comes in many
forms, such as viruses, Trojan horses, spyware, and worms.
 Denial-of-service attacks
A denial-of-service attack (Do’s attack) or distributed denial-of
service attack (Didoes attack) is an attempt to make a computer resource
unavailable to its intended users. Another way of understanding Dados is
seeing it as attacks in cloud computing environment that are growing due
to the essential characteristics of cloud computing.[4] Although the means
to carry out, motives for, and targets of a DoS attack may vary, it
generally consists of the concerted efforts to prevent an Internet site or

P
service from functioning efficiently or at all, temporarily or indefinitely.

AP
 Network layer security
TCP/IP protocols may be secured with cryptographic methods and
n
security protocols. These protocols include Secure Sockets Layer (SSL),
tio
succeeded by Transport Layer Security (TLS) for web traffic, Pretty Good
lu

Privacy (PGP) for email, and IPsec for the network layer security.
So

 Internet Protocol Security (IPsec)

IPsec is designed to protect TCP/IP communication in a secure
TE

manner. It is a set of security extensions developed by the Internet Task

Force (IETF). It provides security and authentication at the IP layer by
SB

transforming data using encryption. Two main types of transformation

that form the basis of IPsec: the Authentication Header (AH) and ESP.
M

These two protocols provide data integrity, data origin authentication, and
interplay service. These protocols can be used alone or in combination to
provide the desired set of security services for the Internet Protocol (IP)
layer.

Firewall
a)The first among the components is the “Internet Access Security
Policy” of an organization. This means that when the organization is
connecting to the internet what was the expected level of security at high
level. Without depending on the equipment that are used the security

Downloaded From MSBTE Solution App

 Annexure
MSBTE 2
Solution App

policy must have a life time because it is not based on the techniques and
the technology that is implemented (Government of the Hong Kong,
2009). According to this statement, an instance for this type of security
policy is a corporate network of an organization is not accessed by the
external users that means they are not permitted use that network if not
they have unauthorized authentication. If an organization require
transferring its corporate information through the internet and if that
information is not available in the public domain then the information is
transferred in a confidential approach. And all the other external services
will be banned and only the corporate users are permitted to send e-mails
across the internet.

b) The other component in making the firewalls is mapping of the

P
security policy on the procedures and technical designs, these procedures

AP
and technical designs on which the security policy is mapped must be
followed and implemented while connecting to the internet. During this
process the configuration of the system will be changed and the
n
information will be added as a fresh technology and so on. The usage of
tio
one-time passwords can be taken as example for the technical design
lu

considering the authentication of an organizational network. Generally the

technical designs depends on one security policy among the two polices.
So

The two policies are allowing any service except it is denied expressly or
deny any service except it is permitted expressly. The second one is the
TE

most secure among the two security policies.

SB

c)The third one is firewall system which is a combination of both

software and hardware that means the both the software and hardware
M

components can make the firewall. Generally a firewall system is made

up of an “IP packet filtering router” and a host computer sometimes it is
also called as application gateway or a bastion host which will run
authentication software and application filtering.

All the above components are very important and necessary for making a
firewall. A firewall is said to be not configured properly if there is no
Internet access security policy. There is no value for the policy if that is
not configured properly and also if is not enforced with worthy
procedures.

Downloaded From MSBTE Solution App

 Annexure
MSBTE 2
Solution App

FIREWALLS TYPES

 Packet filter
The first reported type of network firewall is called a packet filter,
which inspect packets transferred between computers. The firewall
maintains an access control list which dictates what packets will be
looked at and what action should be applied, if any, with the default
action set to silent discard. Three basic actions regarding the packet
consist of a silent discard, discard with Internet Control Message Protocol
or TCP reset response to the sender, and forward to the next hop. Packets
may be filtered by source and destination IP addresses, protocol, source
and destination ports. The bulk of Internet communication in 20th and

P
early 21st century used either Transmission Control Protocol (TCP) or

AP
User Datagram Protocol (UDP) in conjunction with well-known ports,
enabling firewalls of that era to distinguish between specific types of
n
traffic such as web browsing, remote printing, email transmission, file
tio
transfer.
lu

The first paper published on firewall technology was in 1987 when

engineers from Digital Equipment Corporation (DEC) developed filter
So

systems known as packet filter firewalls. At AT&T Bell Labs, Bill

Cheswick and Steve Beloved continued their research in packet filtering
TE

and developed a working model for their own company based on their
original first-generation architecture.
SB
M

 Connection tracking

From 1989–1990, three colleagues from AT&T Bell

Laboratories, Dave Presotto, Jamadar Sharma, and Kshitij Nigam,
developed the second generation of firewalls, calling them circuit-
level gateways.

Second-generation firewalls perform the work of their first

generation predecessors but also maintain knowledge of specific
conversations between endpoints by remembering which port number

Downloaded From MSBTE Solution App

 Annexure
MSBTE 2
Solution App

the two IP addresses are using at layer 4 (transport layer) of the OSI
model for their conversation, allowing examination of the overall
exchange between the node]s.

6.0 Actual Resource Used

Sr Name of Resource / Specification Qty. Remarks

No. Material
1) Laptop Intel (R) Core i5- 4GB 1 -
RAM
2) Operating System Windows 10 1 -

P
AP
7.0 Output of This Micro-Project- n
tio
lu
So
TE
SB
M

Downloaded From MSBTE Solution App

 Annexure
MSBTE 2
Solution App

P
AP
• Internet security and firewall
n
tio
8.0 Skill Developed/Learning Outcome of this Micro-Project :-
lu
So

1) Learn about Internet Security and firewalls.

2) Understand the basic types of internet security.
TE
SB

9.0 Applications of this Micro-Project

M

1. An application-level gateway acts as a relay node for the application

level traffic. They intercept incoming and outgoing packets, run proxies
that copy and forward information across the gateway, and function as a
proxy server, preventing any direct connection between a trusted server
or client and an untrusted host.
2. A firewall is a network security device that monitors incoming and
outgoing network traffic and decides whether to allow or block specific
traffic based on a defined set of security rules.

10

Downloaded From MSBTE Solution App