What is Firewall? Explain its types.
Firewalls are computer security systems that protect your office/home PCs or your network from hackers. Firewalls
are software programs or hardware devices that filter the traffic that flows into your PC or your network through an
internet connection.
A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls can be
implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent
unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All
messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those
that do not meet the specified security criteria.
A firewall can serve the following functions:

Limit Internet access to e-mail only, so that no other types of information can pass between the intranet and
the Internet

Control who can telnet into your intranet (a method of logging in remotely

Limit what other kinds of traffic can pass between your intranet and the Internet .
Common Firewall Techniques
Firewalls are used to protect both home and corporate networks. A typical firewall program or hardware device
filters all information coming through the Internet to your network or computer system. There are several types of
firewall techniques that will prevent potentially harmful information from getting through:
Packet Filter
Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet
filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP
spoofing.
Application Gateway
Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can
impose performance degradation.
Circuit-level Gateway
Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made,
packets can flow between the hosts without further checking.
Gopal Pd. Sharma, PUSET
Proxy Server
Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network
addresses.
Types of Firewall

Software firewalls
New generation Operating systems come with built in firewalls or you can buy a firewall software for the computer
that
accesses
the
internet
or
acts
as
the
gateway
to
your
home
network.

Hardware firewalls
Hardware firewalls are usually routers with a built in Ethernet card and hub. Your computer or computers
on your network connect to this router & access the web.
Firewall Rules
Firewalls rules can be customized as per your needs, requirements & security threat levels. You can create or disable
firewall filter rules based on such conditions as:

IP Addresses
Blocking off a certain IP address or a range of IP addresses, which you think are predatory. What is my IP
address? Where is an IP address located?

Domain names
You can only allow certain specific domain names to access your systems/servers or allow access to only some
specified types of domain names or domain name extension like .edu or .mil.

Protocols
A firewall can decide which of the systems can allow or have access to common protocols like IP, SMTP, FTP,
UDP,ICMP,Telnet or SNMP.

Ports
Blocking or disabling ports of servers that are connected to the internet will help maintain the kind of data flow
you want to see it used for & also close down possible entry points for hackers or malignant software.

Keywords
Firewalls also can sift through the data flow for a match of the keywords or phrases to block out offensive or
unwanted data from flowing in.
What is Cryptography?
Cryptography is the art and science of keeping information secure from unintended audiences, of
encrypting it. Modern cryptography uses secret keys to encrypt and decrypt data. Cryptography is used to
provide secrecy and integrity to our data
Gopal Pd. Sharma, PUSET
Types of Cryptography
There are three types of cryptography techniques :

Secret key Cryptography

Public key cryptography

Hash Functions
1. Secret Key Cryptography
This type of cryptography technique uses just a single key. The sender applies a key to encrypt a
message while the receiver applies the same key to decrypt the message. Since only single key is used
so we say that this is a symmetric encryption.
The biggest problem with this technique is the distribution of key as this algorithm makes use of single
key for encryption or decryption.
2. Public Key Cryptography
This type of cryptography technique involves two key crypto system in which a secure communication can
take place between receiver and sender over insecure communication channel. Since a pair of keys is
applied here so this technique is also known as asymmetric encryption.
Gopal Pd. Sharma, PUSET
In this method, each party has a private key and a public key. The private is secret and is not revealed
while the public key is shared with all those whom you want to communicate with. If Alice wants to send a
message to bob, then Alice will encrypt it with Bob’s public key and Bob can decrypt the message with its
private key.
3. Hash Functions
This technique does not involve any key. Rather it uses a fixed length hash value that is computed on the
basis of the plain text message. Hash functions are used to check the integrity of the message to ensure
that the message has not be altered,compromised or affected by virus.
Symmetric Key Encryption
Symmetric key encryption is also known as shared-key, single-key, secret-key, and private-key or one-key
encryption. In this type of message encryption, both sender and receiver share the same key which is used
to both encrypt and decrypt messages. Sender and receiver only have to specify the shared key in the
beginning and then they can begin to encrypt and decrypt messages between them using that key.
Examples include AES (Advanced Encryption Standard) and TripleDES (Data Encryption Standard).
Advantages
- Simple: This type of encryption is easy to carry out. All users have to do is specify and share the secret
key and then begin to encrypt and decrypt messages.
- Encrypt and decrypt your own files: If you use encryption for messages or files which you alone intend to
access, there is no need to create different keys. Single-key encryption is best for this.
- Fast: Symmetric key encryption is much faster than asymmetric key encryption.
- Uses less computer resources: Single-key encryption does not require a lot of computer resources when
compared to public key encryption.
Gopal Pd. Sharma, PUSET
- Prevents widespread message security compromise: A different secret key is used for communication
with every different party. If a key is compromised, only the messages between a particular pair of sender
and receiver are affected. Communications with other people are still secure.
Disadvantages
- Need for secure channel for secret key exchange: Sharing the secret key in the beginning is a problem in
symmetric key encryption. It has to be exchanged in a way that ensures it remains secret.
- Too many keys: A new shared key has to be generated for communication with every different party.
This creates a problem with managing and ensuring the security of all these keys.
- Origin and authenticity of message cannot be guaranteed: Since both sender and receiver use the same
key, messages cannot be verified to have come from a particular user. This may be a problem if there is a
dispute.
Asymmetric/Public Key Encryption
Also known as public key encryption, this method of encrypting messages makes use of two keys: a public
key and a private key.The public key is made publicly available and is used to encrypt messages by anyone
who wishes to send a message to the person that the key belongs to. The private key is kept secret and is
used to decrypt received messages. An example of asymmetric key encryption system is RSA.
Advantages
- Convenience: It solves the problem of distributing the key for encryption.Everyone publishes their public
keys and private keys are kept secret.
- Provides for message authentication: Public key encryption allows the use of digital signatures which
enables the recipient of a message to verify that the message is truly from a particular sender.
- Detection of tampering: The use of digital signatures in public key encryption allows the receiver to
detect if the message was altered in transit. A digitally signed message cannot be modified without
invalidating the signature.
- Provide for non-repudiation: Digitally signing a message is akin to physically signing a document. It is
an acknowledgement of the message and thus, the sender cannot deny it.
Disadvantages
- Public keys should/must be authenticated: No one can be absolutely sure that a public key belongs to the
person it specifies and so everyone must verify that their public keys belong to them.
Gopal Pd. Sharma, PUSET
- Slow: Public key encryption is slow compared to symmetric encryption. Not feasible for use in
decrypting bulk messages.
- Uses up more computer resources: It requires a lot more computer supplies compared to single-key
encryption.
- Widespread security compromise is possible: If an attacker determines a person's private key, his or her
entire messages can be read.
- Loss of private key may be irreparable: The loss of a private key means that all received messages cannot
be decrypted.
What is a digital signature?
A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file, etc.)
is authentic. Authentic means that you know who created the document and you know that it has not been altered in
any way since that person created it.
Digital signatures rely on certain types of encryption to ensure authentication. Encryption is the process of taking
all the data that one computer is sending to another and encoding it into a form that only the other computer will be
able to decode. Authentication is the process of verifying that information is coming from a trusted source. These
two processes work hand in hand for digital signatures.
A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver
can be sure of the sender's identity and that the message arrived intact
What is VPN?
VPN gives extremely secure connections between private networks linked through the Internet. A virtual private
network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide
remote offices or individual users with secure access to their organization's network.
The virtual private network (VPN) technology included in Windows Server 2003 helps enable cost-effective, secure
remote access to private networks. VPN allows administrators to take advantage of the Internet to help provide the
functionality and security of private WAN connections at a lower cost. In Windows Server 2003, VPN is enabled
using the Routing and Remote Access service. VPN is part of a comprehensive network access solution that includes
support for authentication and authorization services, and advanced network security technologies.
There are two main strategies that help provide secure connectivity between private networks and enabling network
access for remote users.
Dial-up or leased line connections
A dial-up or leased line connection creates a physical connection to a port on a remote access server on a private
network. However, using dial-up or leased lines to provide network access is expensive when compared to the cost
of providing network access using a VPN connection.
Gopal Pd. Sharma, PUSET
1.
2.
3.
4.
5.
6.
7.
8.
VPN connections
VPN connections use either Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol/Internet
Protocol security (L2TP/IPSec) over an intermediate network, such as the Internet. By using the Internet as a
connection medium, VPN saves the cost of long-distance phone service and hardware costs associated with using
dial-up or leased line connections.
ADVANTAGES OF USING VPN
Enhanced security. When you connect to the network through a VPN, the data is kept secured and encrypted. In
this way the information is away from hackers’ eyes.
Remote control. In case of a company, the great advantage of having a VPN is that the information can be accessed
remotely even from home or from any other place. That’s why a VPN can increase productivity within a company.
Share files. A VPN service can be used if you have a group that needs to share files for a long period of time.
Online anonymity. Through a VPN you can browse the web in complete anonymity. Compared to hide IP software
or web proxies, the advantage of a VPN service is that it allows you to access both web applications and websites in
complete anonymity.
Unblock websites & bypass filters. VPNs are great for accessing blocked websites or for bypassing Internet filters.
This is why there is an increased number of VPN services used in countries where Internet censorship is applied.
Change IP address. If you need an IP address from another country, then a VPN can provide you this.
Better performance. Bandwidth and efficiency of the network can be generally increased once a VPN solution is
implemented.
Reduce costs. Once a VPN network is created, the maintenance cost is very low. More than that, if you opt for a
service provider, the network setup and surveillance is no more a concern.
Disadvantages of VPNs
1. VPNs require an in-depth understanding of public network security issues and proper deployment of
precautions.
2. The availability and performance of an organization's wide-area VPN (over the Internet in particular)
depends
on
factors
largely
outside
of
their
control.
3.
4.
VPN technologies from different vendors may not work well together due to immature standards.
VPNs need to accommodate protocols other than IP and existing ("legacy") internal network technology.
DNS
Domain Name Server, and is the system used to translate word-based addresses of systems (such as
WWW.EXAMPLE.COM) to the numerical IP (Internet Protocol) address of the computer or system that should be
located at that address. All computers and systems on the Internet use addresses that look similar to:5.8.15.16
For example, when a user is accessing the Computer Hope domain a user would enter the easy to remember domain:
computerhope.com. When entered that domain name is looked up on a Domain Name System to translate that name
into an IP address that can be better understood by computer, e.g. 69.72.169.241. Using that IP address the
computers can then find the computer containing the Computer Hope web page and forward that information to your
computer.
A DNS Record, also called a Resource Record, is the basic element in the DNS. Each record contains several
pieces of information, including a record type, expiration time limit, a class, and type-specific data. There are a large
number of record types, each describing the format of the data and an idea of the intended use of the record. When
Gopal Pd. Sharma, PUSET
being sent over an IP network, all DNS records conform to a format specified in RFC 1035 (contains a detailed
description of the domain system and protocol).
Without a server to resolve a domain name or the proper rights you'd have to know the IP address of each of the web
pages or computers you wanted to access.
SMTP (Simple Mail Transfer Protocol)
SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving e-mail. However, since it
is limited in its ability to queue messages at the receiving end, it is usually used with one of two other
protocols, POP3 or IMAP that let the user save messages in a server mailbox and download them periodically from
the server. SMTP usually is implemented to operate over Internet port 25.
It's a set of communication guidelines that allow software to transmit email over the Internet. Most email software
is designed to use SMTP for communication purposes when sending email, and It only works for outgoing
messages. When people set up their email programs, they will typically have to give the address of their Internet
service provider's SMTP server for outgoing mail. There are two other protocols - POP3 and IMAP - that are used
for retrieving and storing email.
DHCP
Dynamic Host Configuration Protocol works in a client/server mode. DHCP enables clients on an IP network to
obtain or lease IP address or configuration from a DHCP server. This reduces workload when managing a large
network.
DHCP (Dynamic Host Configuration Protocol) is a protocol that lets network administrators manage centrally and
automate the assignment of IP (Internet Protocol) configurations on a computer network. When using the Internet's
set of protocols (TCP/IP), in order for a computer system to communicate to another computer system it needs a
unique IP address. Without DHCP, the IP address must be entered manually at each computer system. DHCP lets a
network administrator supervise and distribute IP addresses from a central point. The purpose of DHCP is to provide
the automatic (dynamic) allocation of IP client configurations for a specific time period (called a lease period) and to
eliminate the work necessary to administer a large IP network.
HTTP
HTTP stands for Hypertext Transfer Protocol. It's a stateless, application-layer protocol for communicating between
distributed systems. HyperText Transfer Protocol, the underlying protocol used by the World Wide Web. HTTP
defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in
response to various commands. For example, when you enter a URL in your browser, this actually sends an HTTP
command to the Web server directing it to fetch and transmit the requested Web page.
Gopal Pd. Sharma, PUSET
The other main standard that controls how the World Wide Web works is HTML, which covers how Web pages are
formatted and displayed.
HTTP is called a stateless protocol because each command is executed independently, without any knowledge of the
commands that came before it. This is the main reason that it is difficult to implement Web sites that react
intelligently to user input.
It's a stateless request-response based communication protocol. It's used to send and receive data on the Web i.e.,
over the Internet. This protocol uses reliable TCP connections either for the transfer of data to and from clients
which are Web Browsers in this case. HTTP is a stateless protocol means the HTTP Server doesn't maintain the
contextual information about the clients communicating with it and hence we need to maintain sessions in case we
need that feature for our Web-applications.
FTP
File Transfer Protocol is defined as a network protocol that allows you to transfer files from one computer to the
other over the Internet. It is also a term that is sometimes used as a verb to refer to the process of copying files using
the FTP connection. Once a FTP connection is established, you can use it to send, receive, delete, rename or move
files.
FTP, File Transfer Protocol, is a protocol through which internet users can upload files from their computers to a
website or download files from a website to their PCs
How does FTP work?
The FTP client establishes a connection to a remote FTP server in the active or passive mode. Passive mode is used
when the client is behind a firewall and cannot accept TCP connections. Depending on the server settings, the client
connects to the server anonymously or with a user name and password. Separate control and data connections are
initiated in parallel between the client and the server. Once connected, the client sends and/or receives single files or
groups of files. The files are transferred in either stream mode, block mode or compressed mode. The client closes
the connection once the server indicates the end of the data transfer.
WWW - World Wide Web
The term WWW refers to the World Wide Web or simply the Web. The World Wide Web consists of all the public
Web sites connected to the Internet worldwide, including the client devices (such as computers and cell phones) that
access Web content. The WWW is just one of many applications of the Internet and computer networks.The World
Web is based on these technologies:
 HTML - Hypertext Markup Language
 HTTP - Hypertext Transfer Protocol
 Web servers and Web browsers
The World Wide Web is a network of computers that serve webpages. The World Wide Web is a major
component of the Internet, along with email, usenet, ftp, and some other minor protocols. The term "world wide"
refers to the global nature of the World Wide Web, and the term "web" refers to the interlinking of documents by
means of hypertext. In simple terms, this means that documents on the Web (or WWW for short) can reference, or
link to, other documents by simply stating on which machine they reside, and where on that machine. Computers
that serve documents on the World Wide Web are called servers, and the programs used to connect to servers and to
display webpages are called web browsers.
Gopal Pd. Sharma, PUSET