Question

SMTP (Simple Mail Transfer Protocol) is the standard protocol for transferring mail between hosts over TCP. A TCP connection is set up between a user agent and a server program. The server listens on TCP port 25 for incoming connection requests. The user end of the connection is on a TCP port number above 1023. Suppose you wish to build a packet filter rule set allowing inbound and outbound SMTP traffic. You generate the following rule set:

Rule Direction Src Addr Dest Addr Protocol Dest Port Action
A In External Internal TCP 25 Permit
B Out Internal External TCP >1023 Permit
C Out Internal External TCP 25 Permit
D In External Internal TCP >1023 Permit
E Either Any Any Any Any Deny

Required:
Describe the effect of each rule.

Answer 1

The five rules are described as follows:

Rule A permits the inbound Simple Mail Transfer Protocol (SMTP) connection.

Rule B permits the inbound Simple Mail Transfer Protocol (SMTP) connection.

Rule C permits the outbound Simple Mail Transfer Protocol (SMTP) connection.

Rule D permits the outbound Simple Mail Transfer Protocol (SMTP) connection.

Rule E does not perform any action. Thus it is when the action is denied.

Step-by-step explanation:

Rule A allows information transfer of the incoming email from the external server to the internal remote server, thus this allows an inbound connection.

Rule B allows information transfer of the incoming email from the remote server to the external remote server, thus this allows an inbound connection.

Rule C allows information transfer of outgoing email from the external server to the internal remote server, thus this allows an outbound connection.

Rule D allows information transfer of the outgoing email from the remote server to the external remote server, thus this allows an outbound connection.

Rule E does not allow any action in either direction thus it is when action is denied.