Assignment: Firewall
Objective:
1. The purpose of this assignment is to understand what are the
protocols/ports that a network contains and how we can limit them.
2. The internet is a vast network of information. Use it to search and gain
knowledge about firewall, and network protocols.
Given:
The network diagram of the customer contains the following machines:
1. Basic Mail Server with POP3
2. DNS Server
3. Proxy Server
4. 100 Windows 10 Machines
Submit to me the following:
1.
Based on the given above what are the protocols and ports that are needed for their
environment to go to the internet. Define the importance of each protocol, its
purpose and how it affects network connections.
2. With your lab environment as your guide, how would you design your firewall rules?
Provided each router in your environment is also a firewall. Based on the knowledge
that you had gained; how can you design it to be most secure.
ANSWER:
1. The needed protocols and port for their environment to go to the internet are:
a. Port 20 - File Transfer Protocol (FTP) Data Transfer
b. Port 21 – File Transfer Protocol (FTP) Command Control
i. FTP is for transferring files between a client and a server; a protocol that carries data
guarantees that data will be delivered properly
c. Port 22 – Secure Shell (SSH)
i. Is a tunneling protocols that create secure network connections
d. Port 23 – Telnet
i. Is used for remote management protocol for managing network devices
e. Port 25 – Simple Mail Transfer Protocol (SMTP)
i. Is a communication protocol which is used to transmit email messages over the internet to
the destination server
f. Port 53 – Domain Name System (DNS)
i. It is used in converting IP address to domain names that everyone can easily understand
g. Port 80 – Hyper Text Transfer Protocol (HTTP)
i. Is used to defined how data is transmitted and formatted and also used by www as a
channel for communication.
h. Port 67,68 – Dynamic Host Configuration Protocol (DHCP)
i. A kind of service used in the client and server model
i.
j.
k.
l.
m.
n.
o.
Port 110 – Post Office Protocol (POP3)
i. A protocol used by e-mail client to retrieve email from the servers
Port 123 – Network Time Protocol (NTP)
i. It is the synchronization of time between network devices in the network
Port 143 – Internet Message Access Protocol (IMAP4)
i. Application layer protocol and an internet standard for email retrieval
Port 161,162 – Simple Network Management Protocol (SNMP)
i. The ability to monitor, configure and control network devices
Port 443 – HTTP with Secure Socket Layers (HTTPS)
i. The secure and encrypted version of HTTP
Port 3128 – Proxy
i. Where the HTTP/TCP proxy listens for HTTP traffic.
Port 3022 – Network Address Translation (NAT)
i. It is the method by which IP addresses are mapped from one group to another transparent
to end users
2. For the Firewall rule must limit the protocols and ports to allow while connecting to the internet like it
must use only the port 443 HTTPS for secure website and also like to use the NAT port 3022 on the router
with connection in the internet so that it will not direct provide the host Private IP address instead it will
change to the Public IP Address.
- Using the port 3022 NAT to secure the IP address of the host computer with only use the port 443
HTTPS this can provide a security on every secure website that the client will connect in the
internet.
192.168.103.1
10.10.103.1
2
Web server
Proxy server 3128
3
DNS server
53