Question

A) In your LAN, you want to allow the external host to communicate only with your internal Telnet server (TCP / 23). External hosts are not allowed to establish TCP connection with other internal servers. Write the appropriate filtering rules for the security policy. [15 points]

Required fields for the filtering rule:

RuleID, SourceIP, DestIP, SourcePort, DestPort, Protocol, SYN, ACK, Action

B) Assume that the firewall in question A) is a stateless firewall. Give an example of a packet that will be accepted by this firewall, but the same packet would be rejected if the firewall was stateful. [5 points]

Answer 1

When you create firewall rules to allow or block traffic, you can separately apply them to the Domain, Private, and Public profiles. These profiles enable mobile computers to allow incoming connections while connected to a domain network (for example, to allow incoming Remote Desktop connections) but block connection attempts on less secure networks (such as public wireless hotspots).

The firewall profiles are:

• Domain Applies when a computer is connected to its Active Directory domain. Specifically, any time a member computer’s domain controller is accessible, this profile will be applied.

• Private Applies when a computer is connected to a private network location. By default, no networks are considered private—users must specifically mark a network location, such as their home office network, as private.

• Public The default profile applied to all networks when a domain controller is not available. For example, the Public profile is applied when users connect to Wi-Fi hotspots at airports or coffee shops. By default, the Public profile allows outgoing connections but blocks all incoming traffic that is not part of an existing connection.