Firewall Exercise.

Slides:

Advertisements

Similar presentations

Access Control List (ACL)

Advertisements

CCENT Study Guide Chapter 12 Security.

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Access Lists Lists of conditions that control access.

Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.

Networking Components Chad Benedict – LTEC

1 Enabling Secure Internet Access with ISA Server.

Module 1: Reviewing the Suite of TCP/IP Protocols.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

ADMINISTRATION HANDS-ON. Page 2 About the Hands-On This hands-on section is structured in a way, that it allows you to work independently, but still giving.

Load-Balance/Route Policy Advanced Routing. Outline How does it Work – When matching criteria, send via the route What does it Do – 2 real usage examples.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Guide to Firewalls and VPNs, 3rd Edition

Copyright © 2002 OSI Software, Inc. All rights reserved. PI-NetFlow and PacketCapture Eric Tam, OSIsoft.

Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

Chapter 6: Packet Filtering

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

Access Control List ACL. Access Control List ACL.

The complete picture Linux Network Management. End to End Connection Being able to describe the end to end connection sequence is a useful thing Very.

Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.

Internet and Intranet Fundamentals Class 9 Session A.

Access Control List (ACL) W.lilakiatsakun. ACL Fundamental ► Introduction to ACLs ► How ACLs work ► Creating ACLs ► The function of a wildcard mask.

Firewalls. Intro to Firewalls Basically a firewall is a __________to keep destructive forces away from your ________ ____________.

Day 14 Introduction to Networking. Unix Networking Unix is very frequently used as a server. –Server is a machine which “serves” some function Web Server.

Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.

Beginning Network Security Monitor and control flow into and out of the LAN Ingress Egress Only let in the good guys Only let out the corp. business.

Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.

Access-Lists Securing Your Router and Protecting Your Network.

Page 1 Chapter 11 CCNA2 Chapter 11 Access Control Lists : Creating ACLs, using Wildcard Mask Bits, Standard and Extended ACLs.

Module 10: How Middleboxes Impact Performance

Presented by Rebecca Meinhold But How Does the Internet Work?

TCP/IP (Transmission Control Protocol / Internet Protocol)

ACCESS CONTROL LIST.

INTERNET PROTOCOLS. Microsoft’s Internet Information Server Home Page Figure IT2031 UNIT-3.

Tracking Rejected Traffic.  When creating Cisco router access lists, one of the greatest downfalls of the log keyword is that it only records matches.

Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.

CPMT 1449 Computer Networking Technology – Lesson 3

Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.

CCNA4 Perrine / Brierley Page 12/20/2016 Chapter 05 Access Control Non e0e1 s server.

“ is not to be used to pass on information or data. It should used only for company business!” – Memo from IBM Executive The Languages, Methods &

TCP-IP: Sliding Window protocol Sameer --- Brief description about the concept (1-2 lines)‏

Final Examination of Internet Communication Protocol.

1 Pertemuan 24 Access Control List Fundamentals. Discussion Topics Introduction ACLs How ACLs work Creating ACLs The function of a wildcard mask Verifying.

IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works.

Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Instructor & Todd Lammle

Module 3: Enabling Access to Internet Resources

CCENT Study Guide Chapter 12 Security.

Enabling Secure Internet Access with TMG

Section 4 – Computer Networks

Computer Data Security & Privacy

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Introduction to Networking

Introduction to Networking

Introducing ACL Operation

Firewalls Purpose of a Firewall Characteristic of a firewall

Setting Up Firewall using Netfilter and Iptables

POOJA Programmer, CSE Department

Firewalls Chapter 8.

ACCESS CONTROL LIST Slides Prepared By Adeel Ahmed,

Networking Essentials For Firewall-1 Administrators

By Seferash B Asfa Wossen Strayer University 3rd December 2003

46 to 1500 bytes TYPE CODE CHECKSUM IDENTIFIER SEQUENCE NUMBER OPTIONAL DATA ICMP Echo message.

Computer Networks Protocols

Presentation transcript:

Firewall Exercise

Firewall Exercise In this exercise, you are given a set-up scenario from which you must determine how firewall rules would be written The scenario describes the pertinent details of a small network, including specific addresses and port numbers Your task is to determine if the inbound firewall rules on the last slide of this presentation are correct as written, or if they need to be changed in order to be correct If they need to be changed, please note the change you would make to correct the rule

Firewall Exercise Assume you have a small network at 150.88.52.0/24 subnet Your web/e-mail server is at address 150.88.52.12 You want only http: (port 80) and e-mail (port 25) requests from DePaul clients to come into your site You want your internal users to be able to access http: and e-mail services from DePaul servers only You want to allow ICMP “pings” Given this scenario, take a look at the next slide and tell me which of the inbound rules shown there are okay, and which are not For the ones that are NOT okay, what would you do to fix them? Remember, you want rules that allow the above criteria, and nothing else!

Firewall Exercise Possible Inbound Rules Any Problems? # Protocol Accept/ Reject Source IP Source Port Destination IP Flag 1 TCP Accept 140.192.*.* * 150.88.52.12 80 2 25 3 ICMP *.*.*.* 4 150.88.52.* 5 6 Remember, the asterisk * is a wild card character.

Firewall Exercise Time to try writing firewall rules of your own! Outbound rules explicitly allow, or explicitly block, network traffic originating from the computer that matches the criteria in the rule. For example, you can configure a rule to explicitly block outbound traffic to a computer (by IP address) through the firewall, but allow the same traffic for other computers. Because outbound traffic is allowed by default, you typically use outbound rules to block network traffic that you do not want. Using the blank template on the last slide of this presentation, please write OUTBOUND firewall rules for the following: Assume you have a small network at 169.64.98.0/48 subnet Your web/e-mail server is at address 169.64.98.12 You don’t want anyone on your network to access Facebook at all You want to allow all ICMP messages sent out by your network You want the computer at subnet 40 to be blocked from the Internet entirely You don’t want anyone on your network to be able to send any messages to DePaul

Firewall Exercise Outbound Rules # Protocol Accept/ Reject Source IP Source Port Destination IP Flag Remember, the asterisk * is a wild card character.