Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Web Design

1 2

advertisement 
SI110 Homework Alpha: ________ Name: ____________________
Page 1 of
Collaboration Policy: Default
choose one: □ None □ XS110 □ EI with:
(or more)
□ MGSP
□ Discussed with: ____________________________
Homework:
/SI110/Security Tools/Firewalls
1. Consider Configuration A, B, and C pictured below:
Configuration A:
1.2.3.4
Firewall
5.6.7.8
Route
r
1.2.3.5
Route
r
5.6.7.9
Configuration B:
1.2.3.4
1.2.3.5
5.6.7.8
Route
r
Firewall
Route
r
5.6.7.9
Configuration C:
Firewall
1.2.3.4
1.2.3.5
Route
r
Route
r
5.6.7.8
5.6.7.9
Assume all web traffic is hosted on port 80. Suppose each host is running a web server. If the
firewall is configured to drop all packets with destination port 80, then ...
[ 20 / 12 / 7 / 0 ] Configuration _____ stops any other host from viewing web traffic on host
5.6.7.8. Explain!
2. Suppose we have the following network configuration, as in B above. The firewall drops all
traffic with destination port equal to 80, and forwards everything else:
1.2.3.4
1.2.3.5
5.6.7.8
Route
r
Firewall
Route
r
5.6.7.9
2
SI110 Homework
Alpha: ________
Name: ____________________
Page
2 of 2
a. [ 15 / 10 / 5 / 0 ] Can host 5.6.7.8 access a DNS name server running on host 1.2.3.5? Explain!
b. [ 15 / 10 / 5 / 0 ] Can host 5.6.7.8 access a web server running on host 5.6.7.9? Explain!
c. [ 15 / 10 / 5 / 0 ] Can host 5.6.7.8 access a web server running on host 1.2.3.4? Explain!
d. [ 15 / 10 / 5 / 0 ] Suppose host 5.6.7.8 has an SSH connection to host 1.2.3.5 running in its
terminal window. If the command nc 1.2.3.4 80 was typed into that terminal window, would the
connection to 1.2.3.4 on port 80 be made, or would the firewall prevent it? Explain!
3. [ 20 / 12 / 7 / 0 ] Consider these two versions of an ACL for a firewall:
Version 1:
Forward packets from Any IP
going to TCP port 15000 on 87.52.8.125
Drop packets from 22.10.133.8 going to TCP port 15000 on 87.52.8.125
Version 2:
Drop packets from 22.10.133.8 going to TCP port 15000 on 87.52.8.125
Forward packets from Any IP
going to TCP port 15000 on 87.52.8.125
Which of the two versions allows all hosts other than 22.10.133.8 to connect via TCP to Host
87.52.8.125 on port 15000? Explain!
Related documents
SI110 Spring AY13 Alpha:___________ Name:________________________________
SI110 Spring AY13 Alpha:___________ Name:________________________________
1-07 ICS2O3C - Warriors of the Net
1-07 ICS2O3C - Warriors of the Net
Why we all care: the changing home
Why we all care: the changing home
Firewalking
Firewalking
1 2
1 2
Firewalls - Brian Kiehl
Firewalls - Brian Kiehl
Warriors of the net questions 1. What three things are put on the
Warriors of the net questions 1. What three things are put on the
Hw2 solutions - Network Penetration and Security
Hw2 solutions - Network Penetration and Security
Manual:IP/Firewall/Connection tracking Connection tracking entries
Manual:IP/Firewall/Connection tracking Connection tracking entries
Here are some things that would resolve the bulk of reported issues:
Here are some things that would resolve the bulk of reported issues:
Chapter 6 : Network Security II CIS3360: Security in Computing Cliff Zou
Chapter 6 : Network Security II CIS3360: Security in Computing Cliff Zou
Solving Firewall Policy Anomalies Using Generic Algorithm Abhishek K. Chawan
Solving Firewall Policy Anomalies Using Generic Algorithm Abhishek K. Chawan
Download
advertisement