Issuu on Google+

VIRTUAL NETWORK MONITORING SYSTEM Virtual Network Monitoring System: The demand for cost and time saving technologies in combination with competitive pressures within corporate environments has made VPN (Virtual Private Network) technology an alternative option for enterprise network connectivity. However, the amount of available information and the speed at which technical landscapes are changing quickly outpaces typical VPN solutions being developed. Rapid development and abundant options create complexity for network designers with respect to choosing and implementing the proper VPN technology.

VIRTUAL NETWORK MONITORING SYSTEM is a Java tool to observe network traffic virtually. Network administrators facilitate to monitor VPN (PPTP / IPSec / SSH) and SSL (HTTPS) connectivity of wire line/wireless networks. The graphical representation makes it easy to visualize messages being sent between computer nodes. Users can also read messages not of the above types in plain text. Connection statistics can be used as a measure of network security. The PRO edition allows network administrators to monitor multiple and remote networks.

Modules: •

Capturing Packets By choosing a network card can capture packets from the network.It will list out all the network devices in the system, when we select one of those devices this application will capture all the packets coming form that device.

•

Drawing Connections


In

the

network

traffic

visualization,

VPN

and

SSL

connections

are represented in colors other than black. When the packets are captured from the network card then it will captures all the IP addresses of the systems which are connected in the network. •

Plotting Network Each message captured by VIRTUAL WATCH SYSTEM is represented graphically by an edge connecting two computers. Since messages are sent both ways ,when a message is passing from one system to another system then a edge connecting those two computers are drown dynamically.

Dumping Text All messages not sent through VPN nor SSL are printed onto the screen. The latest arriving message will be appear at the top of the table. Different filters will be developed to locate messages containing sensitive information.

Collecting Statistics Dynamic updating of the statistics table. The statistics table collects the fractions of secure connections and packets in the network. It will represent all the information how many packets are transferred in the subnet.

Resolving IP Address: VIRTUAL WATCH SYSTEM will support the functionalities of resolving IP addresses to hostnames depending on the capturing device.

Set Filters: By this application the system administrator is provided with the filters for the data security and graphical representation makes easy to the administrator to identify how many systems are connected and how many are active at present.


2. Organizational Profile

XYZ range of expertise includes:

 Software Development Services  Embedded Technology  Customer Relationship Management  Product Development  Electronic Commerce  Consulting  IT Outsourcing


We apply technology with innovation and responsibility to achieve two broad objectives: Effectively address the business issues our customers face today Generate new opportunities that will help them stay ahead in the future This approach rests on: A strategy where we Architect, Integrate, Manage technology services and solutions — we call it AIM for success. A robust offshore development methodology and reduced demand on customer resources A focus on the use of reusable frameworks to provide cost and time benefits

We combine the best people, processes and technology to achieve excellent results-consistently.


3.0. Introduction This white paper reviews several important design issues that should be considered when evaluating Virtual Private Network (VPN) technology. Today, each network manager is responsible for a network that differs from other networks as much as individual people differ from one another. This uniqueness invariably causes issues when designing a VPN. VPN technology is one of the most integrated technologies being deployed on today’s networks. Every VPN solution interacts with existing sub-systems and crosses all business and operational practices. Based on their specific exposure and technological predispositions, people’s perceptions of VPN technologies differ significantly. The demand for cost and time saving technologies in combination with competitive pressures within corporate environments has made VPN technology an alternative option for enterprise network connectivity. However, the amount of available information and the speed at which technical landscapes are changing quickly outpaces typical VPN solutions being developed. Rapid development and abundant options create complexity for network designers with respect to choosing and implementing the proper VPN technology. At present, many vendors’ VPN solutions are closer to using common practices, but interoperability

issues

with non-standards-based solutions

create

awkward

manageability issues. Common practices used to configure control and monitor must be reexamined during the design of a VPN.


The goal of a successful VPN is to provide authenticated and authorized nodes with proper access to trusted networks in a seamless and automated fashion. This interaction must include client-to-client, client-to-gateway, or gateway-to-gateway connections. A VPN solution must provide centralized management, reliable service, and ensure the integrity and privacy of data transfers. These goals must be accomplished when traversing either a public or private network infrastructure

3.1 Purpose The purpose of this document is to give the overview of the project. The main aim of this project is to observe network traffic virtually. Network administrators facilitate to monitor VPN (PPTP / IPSec / SSH) and SSL (HTTPS) connectivity of wire line/wireless networks. The graphical representation makes it easy to visualize messages being sent between computer nodes. Users can also read messages not of the above types in plain text. Connection statistics can be used as a measure of network security. The PRO edition allows network administrators to monitor multiple and remote networks. Virtual Network Monitoring System will focus on number of functionalities for monitoring network traffic and security.

3.2. Overview VIRTUAL NETWORK MONITORING SYSTEM is a Java tool to observe network traffic virtually. Network administrators facilitate to monitor VPN (PPTP / IPSec / SSH) and SSL (HTTPS) connectivity of wire line/wireless networks. The graphical representation makes it easy to visualize messages being sent between computer nodes. Users can also read messages not of the above types in plain text. Connection statistics can be used as a measure of network security. The PRO edition allows network administrators to monitor multiple and remote networks.


Main functional features of the Virtual Watch System on Private Networks 3.2.1

Capturing Packets

3.2.2

Drawing Connections

3.2.3

Plotting Network

3.2.4

Dumping Text

3.2.5 Collecting Statistics 3.2.6

Resolving IP Addresses

4.0. System Analysis 4.1.

Existing System

Restricted Access to Desirable Services A firewall may well restrict certain inherently dangerous services which users of the protected network nevertheless want to use. Services for which proxy servers do not (yet) exist will effectively be blocked by proxy firewalls; newer services such as WAIS were not designed to work with firewalls and, by their very newness, are considered to be unsafe . Compromises by the designers of the security policy may be necessary in order to prevent the users from circumventing the firewall completely. Decrease in Throughput


Firewalls may represent a significant bottleneck in communication between the protected network and the outside world. However, this is less of a problem than is generally assumed, as most firewalls can pass data at T1 rates (1.5 mpbs), while most sites are connected at rates less than T1. Concentrated Security While having security concentrated on one host has its advantages, a compromise of the firewall could be disastrous to hosts which are not running their own security software. The question is whether a more likely, but smaller, security breach is better or worse than a less likely large breach. Complicancy Both users and management may tend to become complacent about security when a firewall is installed. Investing time and money in a firewall is not particularly useful if other methods for stealing data or attacking systems are neglected. User security education is essential, since legitimate users are already inside the protected network. Physical security is also often neglected - implementing the most powerful firewalls and having the most carefully designed security policy is useless if someone can simply walk off with the server.

4.2.

Proposed system

Our proposed system is Virtual Network Monitoring System,as the popularity of the Internet grew, businesses turned to it as a means of


extending their own networks. First came intranets, which are passwordprotected sites designed for use only by company employees. Now, many companies are creating their own VIRTUAL NETWORK MONITORING SYSTEM(virtual private network) to accommodate the needs of remote employees and distant offices. Basically, a VIRTUAL NETWORK MONITORING is a private network that uses a public network (usually the Internet) to connect remote sites or users together. Instead of using a dedicated, real-world connection such as leased line, a VIRTUAL NETWORK uses "virtual" connections routed through the Internet from the company's private network to the remote site or employee. In this article, you will gain a fundamental understanding of VIRTUAL NETWORk’s, and learn about basic VIRTUAL NETWORK components, technologies, tunneling and security.

There are two common types of VIRTUAL NETWORK Remote-access, also called a virtual private dial-up network (VPDN), is a user-to-LAN connection used by a company that has employees who need to connect to the private network from various remote locations. Through the use of dedicated equipment and large-scale encryption, a company can connect multiple fixed sites over a public network such as the Internet. Site-to-site VIRTUAL NETWORK MONITORING SYSTEM can be one of two types:


Intranet-based - If a company has one or more remote locations that they wish to join in a single private network, they can create an intranet VIRTUAL NETWORK to connect LAN to LAN.

Extranet-based - When a company has a close relationship with another company (for example, a partner, supplier or customer), they can build an extranet VIRTUAL NETWORK that connects LAN to LAN, and that allows all of the various companies to work in a shared environment

A well-designed VIRTUAL NETWORK uses several methods for keeping your connection and data secure:

• • • •

Firewalls Encryption IPSec AAA Server

4.3. Modules Of The Product There are basically five modules for developing •

Capturing Packets By choosing a network card can capture packets from the network.It will list out all the network devices in the system, when we select one of those devices this application will capture all the packets coming form that device.


Drawing Connections In

the

network

traffic

visualization,

VPN

and

SSL

connections

are represented in colors other than black. When the packets are captured from the network card then it will captures all the IP addresses of the systems which are connected in the network. •

Plotting Network Each message captured by VIRTUAL WATCH SYSTEM is represented graphically by an edge connecting two computers. Since messages are sent both ways ,when a message is passing from one system to another system then a edge connecting those two computers are drown dynamically.

Dumping Text All messages not sent through VPN nor SSL are printed onto the screen. The latest arriving message will be appear at the top of the table. Different filters will be developed to locate messages containing sensitive information.

Collecting Statistics Dynamic updating of the statistics table. The statistics table collects the fractions of secure connections and packets in the network. It will represent all the information how many packets are transferred in the subnet.

Resolving IP Address: VIRTUAL WATCH SYSTEM will support the functionalities of resolving IP addresses to hostnames depending on the capturing device.


5.0. Operating Environment 5.1 HARDWARE SPECIFICATIONS: Processor Name

: Pentium-III

Processor Speed

: 677 MHZ

RAM

: 256 MB

Hard Disk Capacity

: 20 GB

5.2 SOFTWARE SPECIFICATIONS: Application Language

:

JAVA 1.4.X


Libraries

: JPCAP, WINPCAP

Operating System

: WINDOWS 2000 PROFESSIONAL

6.2.5 JAVA INCLUDES A LIBRARY OF CLASSES AND

INTERFACES:

The Java platform includes an extensive class library so that programmers can use already existing classes as it is, create subclasses to modify existing classes, or implement interfaces to augment the capabilities of classes. Both classes and interfaces contain data members (fields) and functions(methods), but there are major differences. In a class, fields may be either variable or constant, and methods are fully implemented.

In an interface, fields must be constants, and

methods are just prototypes with no implementations.

The prototypes give the

method signature (the return type, the function name, and the number of parameters with the type for each parameter), but the programmer must supply implementations. To use an interface, a programmer defines a class, declares that it implements the Interface, and then implements all the methods in that interface as part of the class.

These methods are implemented in a way that is appropriate for

the class in which the methods are being used. Interfaces let one add functionality to a class and give a great of multiple inheritance without its disadvantages. A package is a collection of related Java classes and interfaces. The following list, though not complete, gives example of some Java packages what they cover. Java.lang-The basic classes. This package is so basic that it automatically is included in any java program. It includes classes dealing with numeric, strings, objects, runtime, security, and threads.


Java.io-classes that manages reading data from input streams and writing data to the output streams. Java.util-miscellaneous utility classes, including generic data structures, bit sets, time, date, the string manipulation, random numbers generation, system properties, notification and enumeration of data structures. Java.net-class for network support. Java.awt-class for managing image data, including color models, dropping color flittering, setting pixel values, and grabbing snapshots. Java.applet-This class, which provides the ability to write applets, this package also, includes several interfaces that connect an applet to its documents and to its document and to its document and to recourses for playing audio. Java.sql-The JDBC API, classes and interfaces that access databases and send SQL Statements. The first three packages listed, java.lang, java.io and java.util form the Foundation. They are basic classes and interfaces for general purpose programming. Java development kit version1.1 added some new packages, with JDBC being one of them. Other new packages include such thing as Remote Method Invocation, Security and Java Beans, the new API for creating reusable components. In Java, packages server as the foundation for building other package, As discussed in the following section. Static or structural diagrams :


Class diagram : This shows a set of classes, interfaces, collaborations and their relationships. There are the most common diagrams in modeling the object oriented systems and are used to give the static view of a system. Object diagram: Shows a set of objects and their relationships and are used to show the data structures, the static snapshots of instances of the elements in a class diagram. Like class diagram, the object diagrams also address the static design view or process view of a system. Component diagram: Shows a set of components and their relationships and are used to illustrate the static implememtation view of a system. They are related to class diagrams where in components map to one or more classes, interfaces of collaborations. Deployment diagram: Shows a set of nodes and their relationships. They are used to show the static deployment view of the architecture of a system. They are related to the component diagrams where a node encloses one or more components. Dynamic or behavioral diagrams: Use Case diagram: Shows a set of use cases and actors and their relationships. These diagrams illustrate the static use case view of a system and are important in organizing and modeling the behaviors of a system. Sequence diagram & collaboration diagram: These two diagrams are semantically same i.e. the dynamics of a system can be modeled using one diagram and


transform it to the other kind of diagram without loss of information. Both form the, Interaction diagram. Sequence diagram: Sequence diagram is an interaction diagram which focuses on the time ordering of messages it shows a set of objects and messages exchange between these objects. This diagram illustrates the dynamic view of a system. collaboration diagram: This diagram is an interaction diagram that stresses or emphasizes the structural organization of the objects that send and receive messages. It shows a set of objects, links between objects and messages send and received by those objects. There are used to illustrate the dynamic vies of a system. State Chart Diagram and Activity Diagrams: These Diagrams are semantically similar. State chart diagram shows a state machine consisting of states, transitions and activities these illustrates the dynamic view of a system. They focuses on the event ordered Behavior of an object. Activity Diagrams: Activity diagram shows the flow from one activity to another within a system. The activities may be sequential or branching objects that act and are acted upon. These also show the dynamic view of the system.

SERVER

WIN PCAP

JPCA P


VIRTUAL WATCH

PLOTTING GRAPH

U S E R I N T E R F A C E

SET FILTER

SELECT NT DEVICE

PACKET INFO

PROTOCOL INFO

SYSTEM INFO

Usecase Diagram

TEXT REPRESENTATIO N PACKET INFO

STATISTICAL REPRESENTATIO N


Sequence Diagram


Collaboration Diagram


State Diagram

Activity Diagram


Component Diagram


Deployment Diagram


9.0. SYSTEM IMPLEMENTATION

9.1 ABOUT SOFTWARE SELECTED: ABOUT WINPCAP:Pcap is an application programming interface for packet capturing. The implementation of pcap for Unix-like systems is known as libpcap; the Windows port of libpcap is called WinPcap. libpcap and WinPcap may be used by a program to capture packets traveling over a network and, in newer versions, to transmit packets on a network at the link layer, as well as to get a list of network interfaces that can be used with libpcap or WinPcap. libpcap and WinPcap are the packet capture and filtering engines of many open source and commercial network tools, including protocol analyzers, network monitors, network intrusion detection systems, packet sniffers, traffic generators and network testers. Some of these tools, such as tcpdump, Ethereal, Nmap, Cain & Abel, and Snort are known and used throughout the networking and IT security community.

ABOUT JPCAP:Jpcap is a Java class package which enables to capture and send IP packets from Java application. This package uses libpcap and Raw Socket API. Also it supports Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, ICMPv4. In order capture


and generate HTTP data Jpcap will be modified to filter the packets so that HTTP packets are the only packets captured.

11.0. CLASS DIAGRAM


12.0. OUTPUT SCREENS

Fig 12.1 Network Traffic


Fig 12.2 Plaintext information


Fig 12.3 Statistics information


Fig 12.4 Exporting Data


13.0. MAINTENANCE AND SUPPORT

This phase provides the necessary software adjustment for the system to continue to comply with the original specifications. The quality assurance goal is to develop a procedure for correcting errors and enhancing software. This procedure improves quality assurance by encouraging forwarded to the appropriate group for resolution, and reducing redundant effort by making known problem reports available to any department that handles complaints.

14.0. CONCLUSION

The system provides a complete look on the private network to the administrator. So that the administrator can have the complete control on the network which is available in the organization. If any unauthorized data transforming, then the administrator can stop the communication and take necessary action. By this application the system administrator is provided with the filters for the data security and graphical representation makes easy to the administrator to identify how many systems are connected and how many are active at present. Statistics provide the time of packet received and the number of packets received in the transmission.



virtual network monitoring system