Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewall Exercise.

Published byDewi Pranata Modified over 6 years ago

Similar presentations

Presentation on theme: "Firewall Exercise."— Presentation transcript:

1 Firewall Exercise

2 Firewall Exercise In this exercise, you are given a set-up scenario from which you must determine how firewall rules would be written The scenario describes the pertinent details of a small network, including specific addresses and port numbers Your task is to determine if the inbound firewall rules on the last slide of this presentation are correct as written, or if they need to be changed in order to be correct If they need to be changed, please note the change you would make to correct the rule

3 Firewall Exercise Assume you have a small network at /24 subnet Your web/ server is at address You want only http: (port 80) and (port 25) requests from DePaul clients to come into your site You want your internal users to be able to access http: and services from DePaul servers only You want to allow ICMP “pings” Given this scenario, take a look at the next slide and tell me which of the inbound rules shown there are okay, and which are not For the ones that are NOT okay, what would you do to fix them? Remember, you want rules that allow the above criteria, and nothing else!

4 Firewall Exercise Possible Inbound Rules Any Problems?
# Protocol Accept/ Reject Source IP Source Port Destination IP Flag 1 TCP Accept *.* * 80 2 25 3 ICMP *.*.*.* 4 * 5 6 Remember, the asterisk * is a wild card character.

5 Firewall Exercise Time to try writing firewall rules of your own!
Outbound rules explicitly allow, or explicitly block, network traffic originating from the computer that matches the criteria in the rule. For example, you can configure a rule to explicitly block outbound traffic to a computer (by IP address) through the firewall, but allow the same traffic for other computers. Because outbound traffic is allowed by default, you typically use outbound rules to block network traffic that you do not want. Using the blank template on the last slide of this presentation, please write OUTBOUND firewall rules for the following: Assume you have a small network at /48 subnet Your web/ server is at address You don’t want anyone on your network to access Facebook at all You want to allow all ICMP messages sent out by your network You want the computer at subnet 40 to be blocked from the Internet entirely You don’t want anyone on your network to be able to send any messages to DePaul

6 Firewall Exercise Outbound Rules
# Protocol Accept/ Reject Source IP Source Port Destination IP Flag Remember, the asterisk * is a wild card character.

Download ppt "Firewall Exercise."

Similar presentations

Access Control List (ACL)

Access Control List (ACL)
CCENT Study Guide Chapter 12 Security.

CCENT Study Guide Chapter 12 Security.
Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.
1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Access Lists Lists of conditions that control access.

Access Lists Lists of conditions that control access.
Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.

Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control 172.16.3.0172.16.4.0 Non-172.16.0.0 e0e1 s0 172.16.4.13 server.

CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.
Networking Components Chad Benedict – LTEC 4550 1.

Networking Components Chad Benedict – LTEC
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Module 1: Reviewing the Suite of TCP/IP Protocols.

Module 1: Reviewing the Suite of TCP/IP Protocols.
1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.
ADMINISTRATION HANDS-ON. Page 2 About the Hands-On This hands-on section is structured in a way, that it allows you to work independently, but still giving.

ADMINISTRATION HANDS-ON. Page 2 About the Hands-On This hands-on section is structured in a way, that it allows you to work independently, but still giving.
Load-Balance/Route Policy Advanced Routing. Outline How does it Work – When matching criteria, send via the route What does it Do – 2 real usage examples.

Load-Balance/Route Policy Advanced Routing. Outline How does it Work – When matching criteria, send via the route What does it Do – 2 real usage examples.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Guide to Firewalls and VPNs, 3rd Edition

Guide to Firewalls and VPNs, 3rd Edition
Copyright © 2002 OSI Software, Inc. All rights reserved. PI-NetFlow and PacketCapture Eric Tam, OSIsoft.

Copyright © 2002 OSI Software, Inc. All rights reserved. PI-NetFlow and PacketCapture Eric Tam, OSIsoft.
Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

Similar presentations

Ads by Google