Posted: September 13th, 2017

Encryption

Paper, Order, or Assignment Requirements

 

 

Figure 1 shows how an internal desktop (denoted as Proxy Client) is protected by a proxy firewall. Let’s assume that the internal desktop is used by Alice and she wants to remotely log into the external machine denoted as the Telnet server. Alice runs a Telnet client program on her desktop.

1.1: Let’s first assume that the Proxy Firewall does not exist. In this case, when Alice needs to remotely login into the external Telnet server, the Telnet client program that runs on her desktop will send packet #1 of the TCP 3-way handshake protocol to the Telnet Server. What is the source IP address put in the header of packet #1?

 

1.2: After a while, packet #2 of the TCP 3-way handshake protocol will be sent from the Telnet Server to the internal Proxy client. What is the source port number put in the header of packet #2 ?

 

1.3: After a while, packet #3 of the TCP 3-way handshake protocol will be sent from the internal Telnet client program to the Telnet Server program. What is the dest IP address put in the header of packet #3?

 

1.4: Based on your answers to Questions 1.1, 1.2, and 1.3, you will notice that if the Telnet server is malicious, the Internal Network will face a major security threat. What is it?

 

1.5: To address this security threat, let’s deploy the Proxy Firewall. To see why the proxy firewall is useful, let’s revisit the same example. When Alice needs to remotely login into the Telnet server, the Telnet client program will send packet #1 of the TCP 3-way handshake protocol to the Telnet Server.

 

1.5.1: The destination IP address put in the header of packet #1 cannot be the IP address of the Proxy Firewall. Why?

 

1.5.2: What is the dest IP address put in the header of packet #1?

 

1.6: When Packet #1 arrives at the Proxy Firewall:

 

1.6.1: The Proxy Firewall will not let the packet directly go through the firewall. Why?

 

1.6.2: When the packet leaves the Proxy Firewall, what is the source IP address in the header

 

1.7: After a while, packet #2 of the TCP 3-way handshake protocol will be sent from the Telnet Server to the Proxy Firewall. What is the destination IP address put in the header of packet #2?

 

1.8: After a while, the Proxy Firewall will receive packet #2. Then the firewall will modify the packet a bit. When this packet leaves the Proxy Firewall, what is the source IP address in the header?

Figure 2 shows the screened subnet firewall architecture.

2.1.1: Let’s assume the PC next to the Email Coordinator is Alice’s desktop. Let’s assume the IP address of this desktop is 130.3.20.2. Please give a concrete packet filtering firewall rule for the Screening Router to block any outgoing TCP connection requests from Alice’s desktop to a remote machine. The format of a firewall rule is: || Rule ID || packet direction || source IP || dest IP || protocol name || source port || dest port || ACK || decision ||

 

2.2.1: Please give a concrete filtering firewall rule for the Screening Router to allow incoming TCP packets to reach the Web server.

 

2.3: Since the Email server in the Peripheral Network could be broken, it is risky let the internal desktops to be directly connected to the email server. To solve this problem, we will set up the Email Coordinator in the Internal Network.

 

2.3.1: When Alice wants to send out an email. The Outlook program that runs on Alice’s desktop will compose and send out some packets. In the header of the first packet, denoted packet #1, sent out from Outlook, what is the destination IP address?

2.3.2: When packet #1 leaves the Email Coordinator, what is the source IP address of its header?

2.3.3: To make sure that the email server on the Peripheral Network can only communicate with the Email Coordinator, Firewall II needs to enforce 4 firewall rules if not less. What are they?

 

2.3.4: Tell three fundamental differences between packet filtering firewalls and proxy server firewalls.

Expert paper writers are just a few clicks away

Place an order in 3 easy steps. Takes less than 5 mins.

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00
Live Chat+1-631-333-0101EmailWhatsApp