We have an internal webserver, used only for testing purposes, at IP address 5.6.7.8 on our internal corporate network. The pack
et filter is situated at a chokepoint between our internal network and the rest of the Internet. Can such a packet filter block all attempts by outside hosts to initiate a direct TCP connection to this internal webserver? If yes, design suitable packet filter rule sets (similar to those shown in the table below) that provides this functionality; if no, explain why a (stateless) packet filter cannot do it.
Table: Packet-Filtering Examples
Rule, Direction, Src address, Dest addresss, Protocol, Dest port, Action
1, In, External, Internal, TCP, 25, Permit
2, Out, Internal, External, TCP, >1023, Permit
3, Out, Internal, External, TCP, 25, Permit
4, In, External, Internal, TCP, >1023, Permit
5, Either, Any, Any, Any, Any, Deny
Table: Packet-Filtering Examples
Rule, Direction, Src address, Dest addresss, Protocol, Dest port, Action
1, In, External, Internal, TCP, 25, Permit
2, Out, Internal, External, TCP, >1023, Permit
3, Out, Internal, External, TCP, 25, Permit
4, In, External, Internal, TCP, >1023, Permit
5, Either, Any, Any, Any, Any, Deny
1 answer:
Answer:
Check the explanation
Explanation:
A packet filter firewall is used as a check point between internal corporate network to the outside internet. It blocks all the inbound traffic from the outside hosts trying to initiate a direct TCP connection to the internal corporate webserver. The network design with firewall is shown in the attached image below:
The figures in the attached image below shows an internal corporate network is protected with a packet filter firewall to minimize the inbound traffic from the external network or an internet. Therefore, the packet filter is used as a check point between the network.
The packet filter blocks all attempts by the outside hosts in order to initiate a direct TCP connection to the internal webserver of the internal corporate network.
Going by the second part of the attached image below can can therefore conclude that:
• Rule 1 specifies that, deny any packet with the destination address 5.6.7.8 if the STN flag of TCP header is set.
• Rule 2 specifies that, allow the inbound email traffic from the external source.
• Rule 3 specifies, allows the Outbound TCP traffic from the internal corporate network.
• Rule 4 specifies, allows outbound Email traffic from the internal corporate network to the external network.
• Rule 5 specifies, block any traffic from any source to the any destination.
You might be interested in