Professional Documents
Culture Documents
OSY Micro Project
OSY Micro Project
OSY Micro Project
MSBTE 2
Solution App
A
MICRO PROJECT REPORT
ON
Submitted by
P
Student name
AP
Under the guidance of
n
tio
Sub teacher name
lu
So
MSBTE
YEAR 2020-2021
P
Course Code – CM5I
AP
Sub Name – OSY
Course Code – 22516
n
tio
lu
So
PROJECT TITLE
TE
SB
Prof.G.D
P
AP
n
tio
lu
So
TE
SB
CERTIFICATE
This is to certify that
Ms.
Ms.
P
As prescribed by MSBTE, Mumbai, as part of syllabus for the partial
AP
fulfillment in Diploma in Computer Technology of Subject-OSY for Academic
year 2020-2021
n
tio
lu
Prof. Prof.
So
Micro-Project Report
M
P
techniques and Use of file management techniques.
AP
4.0 Literature Review
The term firewall originally referred to a wall intended to confine a
n
tio
fire within a line of adjacent buildings. Later uses refer to similar
structures, such as the metal sheet separating the engine compartment of a
lu
vehicle or aircraft from the passenger compartment. The term was applied
So
in the late 1980s to network technology that emerged when the Internet
was fairly new in terms of its global use and connectivity. The
predecessors to firewalls for network security were routers used in the late
TE
Internet Security
Internet security is a branch of computer security specifically
related to not only Internet, often involving browser security and the
World Wide
Web, but also network security as it applies to other applications or
operating systems as a whole. Its objective is to establish rules and
measures to use against attacks over the Internet.[1] The Internet
represents an insecure channel for exchanging information, which leads to
a high risk of intrusion or fraud, such as phishing, online viruses, Trojans,
worms and more.
Malicious software
An internet user can be tricked or forced into downloading software
that is of malicious intent onto a computer. Such software comes in many
forms, such as viruses, Trojan horses, spyware, and worms.
Denial-of-service attacks
A denial-of-service attack (Do’s attack) or distributed denial-of
service attack (Didoes attack) is an attempt to make a computer resource
unavailable to its intended users. Another way of understanding Dados is
seeing it as attacks in cloud computing environment that are growing due
to the essential characteristics of cloud computing.[4] Although the means
to carry out, motives for, and targets of a DoS attack may vary, it
generally consists of the concerted efforts to prevent an Internet site or
P
service from functioning efficiently or at all, temporarily or indefinitely.
AP
Network layer security
TCP/IP protocols may be secured with cryptographic methods and
n
security protocols. These protocols include Secure Sockets Layer (SSL),
tio
succeeded by Transport Layer Security (TLS) for web traffic, Pretty Good
lu
Privacy (PGP) for email, and IPsec for the network layer security.
So
These two protocols provide data integrity, data origin authentication, and
interplay service. These protocols can be used alone or in combination to
provide the desired set of security services for the Internet Protocol (IP)
layer.
Firewall
a)The first among the components is the “Internet Access Security
Policy” of an organization. This means that when the organization is
connecting to the internet what was the expected level of security at high
level. Without depending on the equipment that are used the security
policy must have a life time because it is not based on the techniques and
the technology that is implemented (Government of the Hong Kong,
2009). According to this statement, an instance for this type of security
policy is a corporate network of an organization is not accessed by the
external users that means they are not permitted use that network if not
they have unauthorized authentication. If an organization require
transferring its corporate information through the internet and if that
information is not available in the public domain then the information is
transferred in a confidential approach. And all the other external services
will be banned and only the corporate users are permitted to send e-mails
across the internet.
P
security policy on the procedures and technical designs, these procedures
AP
and technical designs on which the security policy is mapped must be
followed and implemented while connecting to the internet. During this
process the configuration of the system will be changed and the
n
information will be added as a fresh technology and so on. The usage of
tio
one-time passwords can be taken as example for the technical design
lu
The two policies are allowing any service except it is denied expressly or
deny any service except it is permitted expressly. The second one is the
TE
All the above components are very important and necessary for making a
firewall. A firewall is said to be not configured properly if there is no
Internet access security policy. There is no value for the policy if that is
not configured properly and also if is not enforced with worthy
procedures.
FIREWALLS TYPES
Packet filter
The first reported type of network firewall is called a packet filter,
which inspect packets transferred between computers. The firewall
maintains an access control list which dictates what packets will be
looked at and what action should be applied, if any, with the default
action set to silent discard. Three basic actions regarding the packet
consist of a silent discard, discard with Internet Control Message Protocol
or TCP reset response to the sender, and forward to the next hop. Packets
may be filtered by source and destination IP addresses, protocol, source
and destination ports. The bulk of Internet communication in 20th and
P
early 21st century used either Transmission Control Protocol (TCP) or
AP
User Datagram Protocol (UDP) in conjunction with well-known ports,
enabling firewalls of that era to distinguish between specific types of
n
traffic such as web browsing, remote printing, email transmission, file
tio
transfer.
lu
and developed a working model for their own company based on their
original first-generation architecture.
SB
M
Connection tracking
the two IP addresses are using at layer 4 (transport layer) of the OSI
model for their conversation, allowing examination of the overall
exchange between the node]s.
P
AP
7.0 Output of This Micro-Project- n
tio
lu
So
TE
SB
M
P
AP
• Internet security and firewall
n
tio
8.0 Skill Developed/Learning Outcome of this Micro-Project :-
lu
So
10