Exploring the development of a firewall using Windows filtering platform
Due to the awareness of a need for personal firewall to protect their privacy, demand for personal firewall has been increasing exponentially. Different companies produce personal firewall in different ways, each promoting their best functionality. With the ongoing competition, the real need of t...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2009
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/17030 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Due to the awareness of a need for personal firewall to protect their privacy, demand for
personal firewall has been increasing exponentially. Different companies produce personal
firewall in different ways, each promoting their best functionality. With the ongoing
competition, the real need of the consumer has long been forgotten. It is no longer what the
home user needs, it has become what they can provide, raising the standards of firewall.
The closely guarded code for profit has also made it difficult for the open source community
to enhance a firewall. This project aims to develop a truly personal firewall, not only for the
fulfilment of requirements for FYP but also for the benefit of the open source community. A firewall can never be 100% safe from being compromised. In order to compensate for this
shortcoming, a firewall should be built with a connection monitor. Using this monitor, the
user is able to check his connection anytime for discrepancies. For filtering with the current
state of technology, the days of simple packet filtering through ports or IP are gone. For a
firewall to live up to today’s standard, filtering by application is required. This allows for
faster filtering and more flexibility in internet applications. A firewall is also required to have
learning mode, allowing the user the ability to block or allow an application to connect upon
its initial execution. Last but not least, a firewall has to be able to save its data so it can be
retrieved easily. Not only that, its saved file should be protected against tampering that
could cripple the firewall if tampering goes uncovered. The data for the firewall should be
rebuilt if saved data is being altered in any other way.
A firewall application is modelled based on the above criteria. It has a connection monitor,
an application list built from learning mode, the ability to permit/block specific applications
that uses the same port, automatic loading and saving of data upon executing and closing of
the program respectively. To improve the usability of the firewall, filters are added
dynamically so that in times of crashes or illegal shut down, the program will not affect the
operating system. The saved file is hashed to maintain the integrity of the data to prevent
unauthorized programs from being added to the permit list. Although far from perfect,
these components fulfil the requirements of the project and met the objective of
developing a firewall in Windows Vista. |
|---|