upload your
ASSIGNMENT
E-mail: learn@coachoncouch.com

Consider a firewall that protects the network shown in the figure below.

https://cms.psu.edu/AngelUploads/QuestionData/58a6c096-b5d8-4e61-ae2d-f36372251f05/554quiz3.PNG#{E6350A12-F76D-4F81-9A16-4084ECC5CD36}

2.1 Explain the meaning of each field of the following packet filtering rule. (13 points)

Firewall rule

Packet direction

Source address

Dest address

Packet type

Source port

Dest port

ACK

action

C

Incoming

ext

132.28.6.4

TCP

23

*

*

deny

 

 

2.2 If a packet is permitted by the following packet filtering rule, that is, the packet matches the rule:

Firewall rule

Packet direction

Source address

Dest address

Packet type

Source port

Dest port

ACK

action

D

Outgoing

int

ext

TCP

*

23

*

permit

4.

2.2.1: Who is the sender program (of the packet) and where is the sender (inside the firewall or outside the firewall)? (7 points)

5.

2.2.2: Who is the receiver program (of the packet) and where is the receiver (inside the firewall or outside the firewall)? (7 points)

6.

2.2.3: What are the IP address and port number of the receiver program? (7 points)

7.

2.2.4: Could computer 168.3.144.1 be the machine on which the receiver program is running? Why? (8 points

2.2.5: Could this packet be the second sub-step packet (or signal) of the 3-way handshake process of the TCP session (or connection)? Why? (8 points)

9.

2.2.6: Could this packet be the third sub-step packet (or signal) of the 3-way handshake process of the TCP session (or connection)? Why? (8 points)

2.2.7: After the receiver program receives this packet, if the receiver wants to send a packet back to the sender, the above rule (rule D) does not authorize this packet to go through the firewall.

10.

2.2.7.1: Why rule D does not authorize this packet to go through the firewall? (8 points)

11.

2.2.7.2: A TCP connection has 3 steps (or phases): establish the connection, messages back and forth, terminate the connection. Is this packet part of Step 1, Step 2, or Step 3? (8 points)

12.

2.2.7.3: Give a rule which authorizes this new packet to go through the firewall. (8 points)

13.

2.2.7.4: Give a rule which can block this new packet from going through the firewall. (8 points)

 

Views (351)
Body Preview(551 words)

2.1) The xxxxxxx of each xxxxxxx of the xxxxxxx xxxxxxx filtering xxxxxxx i) Firewall xxxxxxx value= ‘C’- xxxxxxx specifies xxxxxxx xxxxxxx rule that xxxxxxx firewall follows xxxxxxx packet filtering. xxxxxxx rule C xxxxxxx to be xxxxxxx here.

            ii) xxxxxxx xxxxxxx value=”incoming”- xxxxxxx whether the xxxxxxx is coming xxxxxxx the xxxxxxx xxxxxxx going out xxxxxxx the network.

iii) xxxxxxx address, value=’ext’-gives xxxxxxx source address xxxxxxx the packet. xxxxxxx the packet xxxxxxx xxxxxxx the xxxxxxx from outside xxxxxxx network, its xxxxxxx is xxxxxxx xxxxxxx for external)

iv) xxxxxxx address, value=’132.28.6.4’-states xxxxxxx destination address xxxxxxx the packet xxxxxxx it is xxxxxxx be sent. xxxxxxx xxxxxxx is xxxxxxx physical address xxxxxxx the destination.

v) xxxxxxx type, xxxxxxx xxxxxxx communication protocol xxxxxxx the packet. xxxxxxx it is xxxxxxx so the xxxxxxx of packet xxxxxxx connection oriented xxxxxxx xxxxxxx reliability, xxxxxxx and integrity xxxxxxx data maintained.

vi) xxxxxxx port, xxxxxxx xxxxxxx port address xxxxxxx the source xxxxxxx the packet xxxxxxx which the xxxxxxx was sent.

vii) xxxxxxx port, value=’*’- xxxxxxx xxxxxxx port xxxxxxx of the xxxxxxx of the xxxxxxx through xxxxxxx xxxxxxx connection was xxxxxxx Here the xxxxxxx is not xxxxxxx therefore the xxxxxxx can use xxxxxxx port for xxxxxxx xxxxxxx port xxxxxxx above 1023).

viii) xxxxxxx value=’*’- gives xxxxxxx acknowledgment xxxxxxx xxxxxxx the packet xxxxxxx it was xxxxxxx or not. xxxxxxx signifies that xxxxxxx ack field xxxxxxx not set.

ix) xxxxxxx xxxxxxx states xxxxxxx to allow xxxxxxx transfer or xxxxxxx Sender xxxxxxx xxxxxxx program is xxxxxxx TELNET server xxxxxxx is inside xxxxxxx firewall.

2.2.2) Receiver xxxxxxx the program xxxxxxx an external xxxxxxx xxxxxxx internet) xxxxxxx it is xxxxxxx the firewall.

2.2.3) xxxxxxx address xxxxxxx xxxxxxx receiver is xxxxxxx be any xxxxxxx connected with xxxxxxx internet (example: xxxxxxx and port xxxxxxx is ‘23’.

2.2.4) xxxxxxx xxxxxxx 168.3.144.1 xxxxxxx be the xxxxxxx on which xxxxxxx receiver xxxxxxx xxxxxxx running because xxxxxxx firewall allows xxxxxxx outbound TELNET xxxxxxx in this xxxxxxx which sends xxxxxxx program over xxxxxxx xxxxxxx computer xxxxxxx is connected xxxxxxx the internet.

2.2.5) xxxxxxx this xxxxxxx xxxxxxx be the second sub-step xxxxxxx (or signal) xxxxxxx the 3-way xxxxxxx process of xxxxxxx TCP session xxxxxxx connection) because xxxxxxx xxxxxxx field xxxxxxx not set.

2.2.6) xxxxxxx this packet xxxxxxx be xxxxxxx xxxxxxx (or signal) xxxxxxx the 3-way xxxxxxx process of xxxxxxx TCP session xxxxxxx connection) because xxxxxxx ACK field xxxxxxx xxxxxxx set.

2.2.7.1) xxxxxxx D is xxxxxxx for outgoing xxxxxxx and xxxxxxx xxxxxxx packets under xxxxxxx D is xxxxxxx permitted (ACK xxxxxxx is not xxxxxxx and source xxxxxxx is not xxxxxxx xxxxxxx packet xxxxxxx a part xxxxxxx step 3 xxxxxxx TCP xxxxxxx xxxxxxx E authorizes xxxxxxx new packet xxxxxxx go through xxxxxxx firewall.

2.2.7.4) Rule xxxxxxx can block xxxxxxx new packet xxxxxxx xxxxxxx through xxxxxxx firewall.

 

Price : $5.00 Buy Now