linux firewall management system (lfms)
TRANSCRIPT
Linux Firewall Management System (LFMS)
By:
Allen Gilliland IV Sunil Kumar Verma
Vishal Gulu Gurbuxani
THESIS
Submitted in Partial Fulfillment of the Requirements for the
Degree of Bachelor of Science in Computer Engineering in the School of Engineering of
Santa Clara University, 2002
Santa Clara, California
1
Table of Contents I. Abstract…….……………………………..…………………………………………………………………………………2 II. Executive Summary…….……………………………..………………………………………………………….…2 III. Introduction….……………………………..……………………………………………………………………….…4 IV. Background Information...............................................................................6
4.1) Linux....................................................................................................6 4.2) Firewall.................................................................................................9 4.3) Iptables ..............................................................................................10
V. Preliminary Research ..................................................................................11 5.1) Kernel Module......................................................................................11 5.2) Programming Languages.......................................................................11 5.3) Iptables Communication .......................................................................12
VI. Implementation ........................................................................................14 6.1) LFMS Server/Client...............................................................................14 6.2) LFMS Admin ........................................................................................17 6.3) Middleware..........................................................................................18
6.3.1) eXtensible Markup Language – XML..................................................18 6.3.2) XML is for structuring data ..............................................................18 6.3.4) XML is modular..............................................................................21 6.3.5) XML is license-free, platform-independent and well-supported.............22 6.3.6) Security........................................................................................22
6.4) Testing Procedures...............................................................................25 VII. Scenarios................................................................................................26
7.1) Global Area Network (GAN), Corporate Scenario ......................................26 7.2) Metropolitan Area Network (MAN), Internet Service Provider .....................27 7.3) Local Area Network (LAN), School Scenario .............................................29
VIII. Product Comparison ................................................................................30 8.1) Symantec Enterprise Firewall.................................................................31
IX. Contributors .............................................................................................32 9.1) Advisor ...............................................................................................32 9.2) Budget................................................................................................33 9.3) Participants .........................................................................................33 9.4) Open Source .......................................................................................33
X. Conclusion.................................................................................................33 XI. References ...............................................................................................35
XII. Appendix .............................................................................................36 11.1) LFMS-Admin...................................................................................36 11.2) LFMS-Client....................................................................................36 11.3) LFMS-Server ..................................................................................36 11.4) Middleware.....................................................................................36
Table of Figures
Figure 1......................................................................................................................... 26 Figure 2......................................................................................................................... 26 Figure 3......................................................................................................................... 26 Figure 4......................................................................................................................... 26 Figure 5......................................................................................................................... 26 Figure 6......................................................................................................................... 26
2
Linux Firewall Management System (LFMS) By: Allen Gilliland, Sunil Verma, Vishal Gurbuxani
I. Abstract This document details the functionality, design, and implementation of the
Linux Firewall Management System (LFMS) project. The purpose of LFMS is
to provide an application capable of easily administrating any number of
firewalls, and to provide this under an open source license. The LFMS project
will produce two components. The first one is the core process daemon,
which will run as a native Linux process and can be executed in either client
or server mode. The second component is a Graphical User Interface (GUI)
that will provide a simple and intuitive way to configure the firewall. The
central concept of the project is to use a client/server inheritance model to
make the firewall configuration process fast and simple.
II. Executive Summary The goal of the Linux Firewall Management System (LFMS) is to design a
system that allows its user to easily configure and manage many firewalls at
the same time. The key to this system is client/server inheritance. By setting
up an architecture through which a server or group of servers manages any
number of clients by automatically sending new firewall configurations to
each client, the system effectively eliminates the time used to configure each
firewall individually. Combine the functionality of this system with a simple
yet elegant GUI configuration interface and a very handy tool is at an
administrators’ disposal; but this is just the tip of the iceberg.
3
LFMS is packed full of necessary and desirable features. First and foremost is
security. Security is a huge issue in computing today, and it is a huge issue
with LFMS as well. The LFMS system will take advantage of every chance to
make itself secure, from securely encrypted transmissions over the Internet,
to secure user authentication and registration. Making the system secure is
at the very forefront of ideals for the LFMS system.
Another key feature of LFMS is its GUI configuration interface. We wanted to
make the interface simple, powerful, flexible, and of course secure. The
interface is written in Java, which allows a great deal of flexibility. Java offers
the ability to take the configuration interface to any platform without
worrying about obtaining a different copy or having it work slightly different.
The configuration interface is also designed to work securely over the
Internet, thus allowing the administrator to configure firewalls in New York,
while at a conference in Prague. The logging capabilities of LFMS are
designed to provide as much information as possible to the administrator.
To best understand the uses of LFMS we provide this simple scenario. A boss
goes to his network administrator and details how the company is planning to
expand and they need higher network security and more firewalls. The
administrator grimaces for a second and then remembers that the LFMS
software he uses is great for adding and configuring firewalls. To add new
firewalls, all that needs to be done is to install the LFMS application on a new
computer, start it running in client mode, tell it what server to use, and now
4
he has another firewall up and running. Then, the administrator decides to
tighten security by removing some allowances in the firewall. So, he or she
fires up the LFMS GUI interface, logs into the LFMS server, a few clicks later
the changes have been made, and then, almost magically, all the client
firewalls are updated automatically as well. Job completed, time for lunch.
The purpose of computing is to make our lives at least a little bit easier, and
LFMS does just that. It takes a job that would normally be long and tedious,
and organizes it through a simple yet powerful system. With its powerful
features, great security, and elegant GUI interface, it can save hours of work
and hundreds of headaches.
III. Introduction With all eyes on security these days, cyber safety is among the top priorities
on the list. The purpose of this project is to produce a dynamic firewall that
will be easier, effective, and more powerful than any other open source
firewall available today. The purpose of a firewall is to block unwanted users
from entering a computer, while at the same time allowing people to surf
their internal network or the Internet. A key advantage of having a firewall
setup is that an administrator can configure the traffic that passes through
systems’ gateways.
The advantages of using our firewall over conventional hardware
implementations or other software is that our dynamic nature allows the
administrator to create one set of rules for the network, and then for the end
5
users to adapt those rules by inheriting them from the key server. This
feature allows each individual user to have its own firewall lessening up the
load on the main server. This saves time and the hassles of trouble
shooting each and every individual computer thus saving huge amounts of
effort on the administrator’s part and unmentionable amounts of money.
The scope of this project is to create the basic software needed to implement
the firewall on a PC using Linux. The software will include the firewall
algorithms used to check the packets validity and access, a GUI for users to
easily configure the firewall to their specifications, and logging features that
will allow the admin to know what is going on. Future enhancements are still
in the process of being determined.
A later section in this paper called Scenarios, covers some of the real world
issues that will show how LFMS works. The main network topologies that are
covered here are the WAN [wide area network], GAN/ISP [global area
network / internet service provider], and the LAN [local area network]. Each
of these networks has applications that make LFMS a key solution in
protecting the network.
6
IV. Background Information
4.1) Linux Linux, like Windows NT and Mac OS, is an operating system, or OS for short.
The OS is the application that the computer runs when it is first turned on,
and every computer has to have one or it won't be able to function. The OS
coordinates all of the computer's components into a single, integrated unit.
Many companies have proprietary operating systems, such as Microsoft's
Windows NT and Apple's Mac OS. Linux, however, is different. Most of it is
copyrighted by Linus Torvalds under a rather unusual copyright which states
that individuals must give acknowledgement to people whose code they have
used. The open source movement, which has taken the programming
community by storm, is aimed to develop software incrementally and by
anyone who is interested. Thousands of developers from around the world
are volunteering their free time to improve the Linux OS.
Why Use Linux:
Cost
The Linux OS is entirely cost and license free. The only
expenses involved are those of hardware and maintenance.
OS Stability
Linux almost never freezes under normal use. Linux has been
known to run some applications for months and years at a time;
these same applications normally cause Windows to freeze.
7
Support
Support for the Linux OS is entirely free. There are local Linux
users' groups (LUGs) one can contact for support. There are
chat channels on the Internet Relay Chat Network (IRC), which
provide live Linux support. Thousands of websites can be found
to help Linux users from novice to expert.
Portability
Linux was first developed for 386/486-based PCs. These days it
also runs on ARMs, DEC Alphas, SUN Sparcs, M68000 machines
(like Atari and Amiga), MIPS and PowerPCs, and others. So no
matter what the computer is, Linux will work on the hardware.
Power and Customization
Linux makes full use of the computer. Linux can be tailored to a
specific hardware and software configuration. It has the ability
to connect several different types of machines together; for
example, Linux can run both the Samba protocol (which
Windows understands), and AppleTalk (for Mac users), so it can
act as a Windows/Mac bridge, even though it is running on
SPARC hardware.
8
Disadvantages of Using Linux:
Interface
Windows and Mac OS use a native Graphical User Interface
(GUI). Traditionally, Linux (and other UNIXes) have used a
Command Line Interface (CLI), similar to DOS. Developers are
slowly changing this by making a GUI interface which will run on
Linux.
Interface Stability
Linux changes daily to reflect growing interest in new hardware
and software capabilities. However, it is up to the user to
upgrade to the latest OS.
Support
Since there are many Linux distributions running the same Linux
kernel, support is not centralized to one company. Several
companies are adding support sites to their distribution, but it
costs a lot of money at this time.
Maintenance
Some of the Linux’s programs are not well documented. It takes
an administrator’s patience and technical intuitiveness to
understand some Linux installations.
9
Technical Nature
Linux is not for everyone. It has many tools that require time to
learn. Of course, so does any other OS. Familiarity and curiosity
with the software development process are pluses.
Accountability
Use of Linux is entirely at one’s own risk. Businesses primarily
remained out of the Linux space because of this fact. However
in today’s economy, companies are realizing that Linux is
actually one of the best operating systems out there due to its
stability and cost.
4.2) Firewall
Essentially, a firewall operates between the OS and the network card. It
analyzes each network packet, by comparing it to a set of rules, which tell
the program if the packet is acceptable by the OS or not. Figure 1 shows a
network packet contents. The firewall goes through the five fields: Ethernet
header, IP header, ICMP header, user data, and Ethernet crc, checking on a
rule that has a ban specified. A firewall rule specifies the criteria for a packet
Figure 1
10
and a target. If the packet does not match, the next rule in the chain is then
examined; if it does match, then the next rule is specified by the value of the
target which can be the name of a user-defined chain, or one of the special
values ACCEPT, DROP, QUEUE, or RETURN. ACCEPT means to let the packet
through; DROP means to drop the packet; QUEUE means to pass the packet
to user space; RETURN means stop traversing this chain and resume at the
next rule in the previous (calling) chain. If the end of a built-in chain is
reached, or a rule in a built-in chain with target RETURN is matched, the
target specified by the chain policy determines the fate of the packet.
4.3) Iptables Iptables is a firewall program which comes standard on most popular Linux
distributions and is the firewall of choice by most Linux administrators. It is
used to set up, maintain, and inspect the tables of IP packet filter rules in the
Linux kernel. There are several different tables which may be defined, and
each table contains a number of built-in chains and may contain user-defined
chains. Each chain is a list of rules which can match a set of packets. Each
rule specifies what to do with a packet which matches. This is called a
`target', which may be a jump to a user-defined chain in the same table.
The program is open source, and is always being updated. We are using
Iptables as our firewall primarily because it comes with most Linux
distributions and is currently the firewall of choice by most Linux
administrators.
11
V. Preliminary Research
5.1) Kernel Module The first thought that came to our team's mind was to make the LFMS a
loadable kernel module that could easily communicate with aspects of the
kernel as well as communicate with our firewall. We researched the Internet
and found some great documents on how to write kernel modules and the
purpose of writing programs to run inside the kernel. To our surprise we
realized that the only reason we needed our program to run as a module was
in order to communicate with the firewall software, which is also a kernel
module. After more research, we found that there was really no need for us
to write our program as a kernel module because there was already an API
available for talking to the firewall software, and we didn't need to access the
hardware directly or make use of any other features of kernel code. At this
point, we decided to abandon writing our system as a kernel module and
instead decided to just write it as a process application.
5.2) Programming Languages We weren't too sure what programming languages we wanted to use to
create our system. We knew that there were many possibilities and each had
its own advantages and disadvantages. At first, we were looking at writing 3
programs: the application process, the interface, and the traffic generator for
testing. The application process is the core of the system and it runs on each
firewall in one of two modes-- client or server. We decided to keep the client
and server applications together in one application to provide the most
12
flexibility possible. We thought about using C for everything at first, but
many challenges quickly arose. We wanted to write the process in C, but it
seemed that the interface and traffic generator would be much more
cumbersome to write in C. At this point, we turned to Java, which had many
benefits to offer. While we liked the idea of using Java for everything, again
we met some strong disadvantages to that approach as well. Eventually we
decided to use C to write our process application. This decision came because
C is a more native language to Linux. It offers better performance than Java,
and most importantly was the fact that the Iptables firewall interface API was
already written in C. We then considered using Tcl/Tk to write our interface
because we read that C and Tcl/Tk work well together. However, in the end
we decided to use Java for the interface. Java offered more advantages than
Tcl/Tk and C for the interface: first, it is portable, so the interface could run
on any platform; second, all of our team members are proficient Java
programmers, not true with C and Tcl/Tk; third, it provides a nicer set of
built in GUI options to make our interface look nicer. We then decided to
make the traffic generator in Java as well because it didn't really matter what
language that was in, but making it in Java would be the easiest. So, we
have an application process written in C, a GUI interface written in Java, and
a traffic generator also written in Java.
5.3) Iptables Communication One of the key challenges in our project is to find an adequate way for our
process to communicate with the firewall. In the Linux case, the firewall is
13
Iptables. At first, we thought this communication would have to come
through the use of a Linux kernel module, but some research quickly proved
us wrong. What we discovered instead was that the Iptables writer had also
written an Iptables API that would allow other processes to communicate
with Iptables and pass information. This library is written in C and is called
libiptc. It was the key research element of our project. It provides key
functionality to our process and is the backbone of our system. Using this
API, we wrote our process so that it knows how to query Iptables for its
configuration, and is able to update Iptables with configuration changes.
14
VI. Implementation
6.1) LFMS Server/Client The server application is the component that delivers what this project
proposes. This component will be a single application capable of running in
one of two possible modes: client or server. In server mode the application
becomes responsible for delivering firewall configurations to any client that
request a configuration. While running in client mode the process will
periodically check its designated server for a possible configuration change,
and if a change has occurred then the new configuration is retrieved. The
interval is set during LFMS-Client installation.
The LFMS Server process has a great deal of features to make it robust,
secure, and useful. The most important feature is security. LFMS is a network
Figure 2 – A typical view of the LFMS System
15
based application, and therefore security is a very important issue. All
connections made by the process will be done using secure protocols. The
process will also support well documented logging features to help aid
system administrators. Although a firewall is only capable of having a single
configuration at any given time, LFMS will provide a feature that allows the
storing of multiple configurations on any server. This will allow a single
server to host a wide range of different firewalls, which can all have their
own unique configuration. This component will be running native to Linux and
is implemented using the C programming language.
The LFMS Server receives an XML configuration file from the LFMS GUI
component, after a successful authentication has been achieved (via SSL).
The LFMS Server parses through the XML file and insures that the XML file is
valid and authentic. The LFMS Server is now ready to receive connections
from any allowed LFMS Client.
The LFMS Client connects to the LFMS Server at a set interval determined
during installation. The Client connects to the Server via SSL and IP address.
After the LFMS Server has authenticated the Client’s IP address and SSL key,
the Server checks to see if the firewall configuration on the Client is up to
date. If the configuration is old, the Server logs it appropriately and sends
the Client the new rules. If the configuration is up to date, the Server sends
a no_update command, which signals a disconnection.
16
The iptables API, libiptc, was created as a conduit to directly interact with the
firewall structures contained in iptables. The LFMS Client process interacts
directly with these functions as a way to configure the firewall policies. After
the LFMS Client receives the XML file from the Server, it goes on to initiate a
local firewall configuration using the libiptc API. This in turn configures the
firewall for the LFMS Client.
Put in another way, the LFMS-Server component is the center piece of the
LFMS system. It acts as both server and client in the LFMS system hierarchy
and provides the system's core functionality.
17
6.2) LFMS Admin
In order to provide flexibility, the LFMS system to provide an easy way to
configure a firewall. The process handles the exchanging of firewall
configurations once a configuration has been created, but it doesn't provide
an easy way to create a configuration. That job is meant for the second
major component of the LFMS system; the GUI Configuration Tool. We want
to make it clear that the process application works without the need of the
GUI Configuration Tool. This tool is developed simply to add more ease of
use to the LFMS system.
Figure 3
18
This tool is developed in Java in order to make it as portable as possible. An
example firewall interface screenshot can be seen in Figure 2. It is capable of
being run over the internet and connecting to any LFMS process running in
either client or server mode. As mentioned before, this connection will be
made using only secure protocols and encrypted transmissions. Once
connected to an LFMS process application the GUI Configuration Tool will be
capable of controlling any aspect of the application. It also provides a nice
interface to allow its user to add, remove, and modify the rules of the firewall
being configured. Simply put, the GUI Configuration Tool is just icing on the
cake.
6.3) Middleware The middleware is essentially the glue that connects the client and server
parts of our project. The middleware helps to transport data between
components in a way that is understandable by all the parts of the project.
LFMS used XML to get the information across in an unambiguous way so that
information that the server needed was readily available.
6.3.1) eXtensible Markup Language – XML XML has many advantages over other middleware, many of which will be
explained below.
6.3.2) XML is for structuring data Structured data includes things like spreadsheets, address books,
configuration parameters, financial transactions, and technical drawings. XML
is a set of rules (you may also think of them as guidelines or conventions) for
19
designing text formats that let you structure your data. XML is not a
programming language, and you don't have to be a programmer to use it or
learn it. XML makes it easy for a computer to generate data, read data, and
ensure that the data structure is unambiguous. XML avoids common pitfalls
in language design: it is extensible, platform-independent, and it supports
internationalization and localization.
6.3.3) DTDs and XML Schemas
Document Type Definitions and XML Schemas both provide descriptions of
document structures. The emphasis is on making those descriptions readable
to automated processors such as parsers, editors, and other XML-based
tools. They can also carry information for human consumption, describing
what different elements should contain, how they should be used, and what
interactions may take place between parts of a document. Although they use
very different syntax to achieve this task, they both create documentation.
Perhaps the most important thing DTDs and XML Schemas do is set
expectations, using a formal vocabulary and other information to lay ground
rules for document structures. Two parsers, given a document and a DTD,
should have the same opinion about whether that document is valid, and
different schema processors should similarly agree on whether or not a
document conforms to the rules in a given schema. XML editing applications
can use DTDs and schemas as frameworks, letting users create documents
that meet these expectations. Similarly, developers can use DTDs and XML
20
Schemas as a foundation on which to plan transformations from one format
to another. Having DTDs and XML Schemas brings another aspect of security
to our project. We have something to check against when our server
receives the XML file from our admin. We have included a sample DTD, XML
Schema, and simple XML file that we used for the project.
The DTD:
<!DOCTYPE firewall [ <!ELEMENT firewall (policy+,rule+,table+,chain+,target*)> <!ELEMENT policy (#PCDATA)> <!ELEMENT rule (#PCDATA)> <!ELEMENT table (#PCDATA)> <!ELEMENT chain (#PCDATA)> <!ELEMENT target (#PCDATA)>
]> The XML Schema: <xs:schema xmlns:xs="http://www.w3.org/2000/10/XMLSchema"> <xs:annotation> <xs:documentation> A sample XML schema based on your input. </xs:documentation> </xs:annotation> <xs:element name="firewall" type="firewallType"/> <xs:complexType name="firewallType"> <xs:sequence> <xs:element name="policy" type="xs:string" minOccurs="1" maxOccurs="unbounded" /> <xs:element name="rule" type="xs:string" minOccurs="1" maxOccurs="unbounded" /> <xs:element name="table" type="xs:string" minOccurs="1" maxOccurs="unbounded" /> <xs:element name="chain" type="xs:string" minOccurs="1" maxOccurs="unbounded" /> <xs:element name="target" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType> </xs:schema>
21
The XML file that uses both of the above validating methods to transfer data: <firewall> <policy>…</policy> <rule>…</rule> <table>…</table> <chain>…</chain> <target>…</target> </firewall> The user input is represented by the dotted lines. This is where our GUI
would input the information that would represent each one of those
categories. Having many channels for checking the source and destination
helps in keeping LFMS secure.
6.3.4) XML is modular XML allows you to define a new document format by combining and reusing
other formats. Since two formats developed independently may have
elements or attributes with the same name, care must be taken when
combining those formats (does "<p>" mean "paragraph" from this format or
"person" from that one?). To eliminate name confusion when combining
formats, XML provides a namespace mechanism. XSL and RDF are good
examples of XML-based formats that use namespaces. XML Schema is
designed to mirror this support for modularity at the level of defining XML
document structures, by making it easy to combine two schemas to produce
a third which covers a merged document
structure.
Figure 4
22
6.3.5) XML is license-free, platform-independent and well-supported By choosing XML as the basis for a project, you gain access to a large and
growing community of tools (one of which may already do what you need!)
and engineers experienced in the technology. Opting for XML is a bit like
choosing SQL for databases: you still have to build your own database and
your own programs and procedures that manipulate it, and there are many
tools available and many people who can help you. And since XML is license-
free, you can build your own software around it without paying anybody
anything. Now that we know how XML is better than other technologies, how
did we intergrate it into our project. Lets start with the GUI. The GUI uses
XML parsers to model our data in a readable format that is well understood
and easy to manipulate. The GUI would sends the XML to the LFMS server.
The server’s responsibilites would be to Parse the XML file and send the
necessary changes to the client when requested.
6.3.6) Security The transference of information back and forth from the client to server
needs to be secure from any malicious people sniffing the packets and using
the data for their own information. Preventing anyone from using our client
and server links as a means of hacking our system was a main concern. The
solution that we used is SSL. Secure Socket Layers helped to keep
information encrypted through out the whole data transfer process.
SSL, Secure Sockets Layer, is protocol developed by Netscape for
transmitting private documents via the Internet. SSL works by using a public
key to encrypt data that is transferred over the SSL connection. Both
Netscape Navigator and Internet Explorer support SSL, and many Web sites
23
use the protocol to obtain confidential user information, such as credit card
numbers. We used SSL so that we can transfer XML document back and
forth without compromising the information stored in the document.
The following capabilities address fundamental concerns about
communication over the Internet and other TCP/IP networks:
• LFMS SSL server authentication: The LFMS server will allow the client
to confirm a server's identity. SSL-enabled client software can use
standard techniques of public-key cryptography to check that a
server's certificate and public ID are valid and have been issued by a
certificate authority (CA) listed in the client's list of trusted CAs. This
confirmation is important in making sure the XML files are not
compromised during transmission.
• SSL client authentication: Allows the LFMS server to confirm a user's
identity. Using the same techniques as those used for server
authentication, SSL-enabled server software can check that a client's
certificate and public ID are valid and have been issued by a certificate
authority (CA) listed in the server's list of trusted CAs. This
confirmation is an important step so that the server does not receive
malicious commands from a foreign source.
• An encrypted SSL connection requires all information sent between a
client and a server to be encrypted by the sending software and
decrypted by the receiving software, thus providing a high degree of
confidentiality. Confidentiality is important for both parties to any
private transaction. In addition, all data sent over an encrypted SSL
24
connection is protected with a mechanism for detecting tampering--
that is, for automatically determining whether the data has been
altered in transit.
• Confidentiality: The SSL protocol includes two sub-protocols: the SSL
record protocol and the SSL handshake protocol. The SSL record
protocol defines the format used to transmit data. The SSL handshake
protocol involves using the SSL record protocol to exchange a series of
messages between an SSL-enabled server and an SSL-enabled client
when they first establish an SSL connection. This exchange of
messages is designed to facilitate the following actions:
o Authenticate the server to the client.
o Allow the client and server to select the cryptographic
algorithms, or ciphers, that they both support.
o Optionally authenticate the client to the server.
o Use public-key encryption techniques to generate shared
secrets.
o Establish an encrypted SSL connection.
Securities for all parts of the project were taken into account and middleware
was of no exception. With validation for the XML and SSL protection for the
transit of all the data we are able to ensure that the data is valid and
productive for all parties.
25
6.4) Testing Procedures Testing LFMS is one of our main priorities. We will be creating a traffic
generator in Java, which will create data packets units (DPU) for us from the
firewall and back. This DPU has certain components that we want to mangle
and reconfigure; having a packet generator allows us to test the stability and
integrity of the firewall. We will test LFMS by attacking it in many of the ways
hackers do attack: using DOS attacks, email, and spamming attacks. This
will be a great way to see if the firewall holds up to these basic modes of
daily wear. Seeing the way the firewall reacts to different kinds of DPUs is
the best way to know if the firewall is working. Configuring the firewall to
allow certain DPUs and not others, then generating traffic that tests this out,
helps us verify if the firewall has achieved our goals.
26
VII. Scenarios
Figure 5
7.1) Global Area Network (GAN), Corporate Scenario The best way to understand the LFMS system is to understand
its’functionality in an appropriate scenario. For example, our company will
have offices all over the globe and thousands of computers that need to
communicate with each other over a GAN. This company will need to have
literally hundreds of firewalls to protect each cluster of computers they have
throughout the world, and naturally many of these firewalls will be configured
the same way. Deny x, allow y, period. Now just think of the headache
involved in maintaining hundreds of firewalls at the same time. WOW, what a
nightmare ... maybe. Any time an administrator has to do anything involving
firewalls on the network, he or she has to go to that computer and configure
it by hand, what a pain!! Well, LFMS can help. LFMS allows an administrator
to change a rule on a server class firewall and have all clients of that server
automatically be updated with that change. It is incredibly simple to add
firewalls to the network now. Simply turn on the machine, load up LFMS, tell
27
the client which server to use, and the job is done. LFMS also has
awareness, so that if something goes wrong with a firewall people can be
alerted, logs can be written, and the firewall can even revert back to a
previous working configuration automatically. Then, add in the super
powered GUI configuration interface that works securely over the Internet.
Now, not only is the firewall network auto-configurable, but it can be
configured from anywhere on the planet!!
Figure 6
7.2) Metropolitan Area Network (MAN), Internet Service Provider Our next scenario, deals with the bigger Internet Service Providers (ISP).
Think for a moment of a person in charge of security over all the users of a
huge ISP. The standard way to ensure that users are enjoying a safe online
experience is to lay out firewalls. Unfortunately, the person in charge has
28
come to the conclusion that he or she can either spend a premium and buy
an Enterprise Firewall package or can waste a lot of time and configure and
maintain each firewall separately. The boss wants the administrator to be
aware of the economy and choose the approach that is the most effective
and least expensive. There is another solution here, and that is using LFMS.
Now, we come to a Metropolitan Area Network. ISP’s uses this type of
network to bring the Internet to the average home user. For example, the
ISP AOL has a computer that acts as Domain Name Server (DNS), Gateway,
and Dynamic Host Configuration Protocol (DHCP) server at every city, to
which AOL users have access. Using the LFMS tool, an Administrator can
easily link up all the boxes, configure the network, and setup and maintain
firewalls. The AOL administrator can create Firewall policies for the home
user and for the gateways. This allows AOL to run timely security services to
ensure its users have a safe and fun Internet experience. The LFMS tool is
remarkable in its framework, ease of use, and scalability. Anyone can use the
LFMS-GUI, which is the LFMS visually stunning configuration tool. The tool is
available for any OS. That supports Java. Now, the headache of either buying
a very expensive Enterprise Firewall service is over. ISP’s can install the
freely distributed Linux and put our LFMS tool on top of the Linux
configuration. This allows a cost effective solution to maintain a safe
network.
29
7.3) Local Area Network (LAN), School Scenario Local Area Networks have a huge need for firewalls. The example of the
school network is the best suited for this. Schools have the need to allow all
access to the network for their students and faculty and, at the same time,
must prevent any unwanted users trying to attack the key portions that keep
the school network running. One of the key features that make a LAN is that
people are sharing certain components such as a printer, email servers, or
file servers. A huge problem that is encountered is that certain students do
not really need to have access to certain components, for example a student
in Graham does not need to print in Sanfillippo because he already has his
own printer. Now, to setup a firewall for each of these rules or to maintain
these rules becomes a huge hassle, and at the same time the administrator
must maintain the integrity of the schools’ network against attacks from
outside hackers. A dynamic firewall would be useful by allowing the
administrator to configure certain rules and regulations for different
machines and then let the machine in question download the configuration
and then configure its firewall itself. This saves time, the administrator no
longer needs to physically login to the box to reset certain rules, and avoids
the headache of worrying about which configuration is on which box. A
typical school administrator would put a certain configuration in a certain
area, say we have a firewall setup in Kenna; the administrator would pull up
the LFMS-GUI and see what configuration it is running. After viewing the
running configuration the administrator would change what is needed and
save it to the Kenna-config folder. A few clock cycles later the Kenna firewall
would have been updated. No hassle for the administrator to physically go
30
out to Kenna to physically configure the main box. This allows users to have
access to what they need and prevents them from getting into what they are
not supposed to.
VIII. Product Comparison In order to understand how important and beneficial LFMS is to the Internet
community, one must compare its features to products that already exist in
the market.
LFMS Specs Version 1.0
Compatibility Linux for Server/Client – Interface in any JRE OS
Minimum RAM Required 64-256 MB
Cost $0, Open Source
Retail Information
Distribution medium Internet
Features Manage local and remote firewalls with LFMS GUI Java Interface Enables firewall to block websites that the administrator sets Offers a selection of user authentication alternatives Extends enterprise networks and encryption and authentication
Security policy management allows administrators to create rules in any order
31
8.1) Symantec Enterprise Firewall Version 6.5
Compatibility NT; Solaris 2.6; HP-UX UNIX; Tru64 UNIX
Minimum RAM Required 64-256 MB
Cost $40,000
Retail Information
Distribution medium CD-ROM
Features Manage local and remote firewalls with Raptor Management Console Enables firewall-integrated content to block administrator selected websites Offers a selection of user authentication alternatives Extends enterprise networks and encryption and authentication
Security policy management allows administrators to create rules in any order
User Reviews (Courtesy of CNet.com):
"Ok product - as long as it needs no support"
”Deployed easily, crashes frequently, poor technical support failing to
respond to even the simplest request in a timely manner. VPN tunnels
crashing on their own. No real protection for OS behind it. I am in the
process of replacing this product and going to a hardware solution. – Ben
Aree
32
"Worst Firewall Ever"
”I have had this installed at work and it works fine for internet and instant
messaging. The thing is, that is all it works for. It is close to impossible to
open ports even if you set the rules. The ports randomly close on it and to
resolve it you just reset the server. This is such a ridiculous peeve of
software. I do not recommend it to anyone, unless you want to throw away
money. The technical support people are completely incompetent they have
no idea what they are doing. If you can not...” –Ted Coeal
Result:
The LFMS Product can easily be seen to be the preferred choice among
administrators. It is much more efficient in its management capabilities and
it costs nothing to use. The LFMS tool is fast and simple. LFMS is created to
run on a free operating system: Linux. LFMS allows any number of clients to
join the network at any time; this is what makes it dynamic. LFMS uses the
free and efficient firewall of choice, iptables, and a very intuitive GUI
interface. The current state of the economy requires that all companies use
products that work well and are cost-effective. LFMS easily beats the
competition.
IX. Contributors
9.1) Advisor Dr. Silvia Figueira
33
Computer Engineering Professor
PhD from University of California San Diego
9.2) Budget We are very happy to report that because we support the open source
software movement, we really don’t incur any costs. The only two feasible
costs of our project are our time and the cost of two Linux computers.
9.3) Participants Allen Gilliland IV – [email protected]
Senior Computer Engineer ‘02
Sunil Kumar Verma – [email protected]
Senior Computer Engineer ‘02
Vishal Gulu Gurbuxani – [email protected]
Senior Computer Engineer ‘02
9.4) Open Source We would like to thank the thousands of developers who have given up some
of their free time towards creating open source software on a global scale.
X. Conclusion We live in a time in which network security is critical in a home and in a
corporation. As corporate assets and critical business processes move online,
risks for security incidents increase. Valuable resources are moved online so
34
that customers, partners, prospects, and remote employees have easy
access. But, if not properly secured, these resources might also be exposed
to individuals with less-than-honorable intentions, leading to the possibility of
security incidents. Security incidents can disrupt operations, damage brand
and reputation, and result in the theft or loss of critical customer data and
intellectual property. Today, security is no longer just a technology problem;
it is also a business problem. Due to the growing importance of security,
information services (IS) departments today must provide improved network
accessibility and security. However, they are also pressured to keep staffing
and spending low. How can industry leaders respond to these pressures? By
using a cost effective solution, which is dynamic, scalable, and easy to use:
the Linux Firewall Management System.
35
XI. References
Deua, B. (August 2001). Understanding Linux firewalls. Retrieved
October 20th 2001 from the World Wide Web:
http://www.linuxhelp.org/tutorials/firewall.html
Gillaea, A. (November 1999). Linux Netfilter. Retrieved October 22nd
2001 from the World Wide Web:
http://www.newbie.org/how-tos/netfilter.html
Grennan, M. (February 2000). Firewall and proxy how-to. Retrieved
October 22nd 2001 from the World Wide Web:
http://www.linuxdoc.org/HOWTO/Firewall-HOWTO.html
Hung, W. (July 2001). Linux firewall and security site. Retrieved
October 22nd 2001 from the World Wide Web:
http://www.linux-firewall-tools.com/linux/
Russel, R. (July 2000). Linux ip-chains how-to. Retrieved October 22nd
2001 from the World Wide Web:
http://netfilter.samba.org/ipchains/HOWTO.html
36
XII. Appendix Attached to this document are the following source code documents.
11.1) LFMS-Admin 11.1.1 Javadoc 11.1.2 Source Code
11.2) LFMS-Client 11.2.1 Source Code
11.3) LFMS-Server 11.3.1 Source Code
11.4) Middleware 11.4.1 SSL Source Code JAVA 11.4.2 SSL Source Code C