Register
We have an internal webserver, used only for testing purposes, at IP address 5.6.7.8 on our internal corporate network. The packet filter is situated at a chokepoint between our internal network and the
119k views
3 votes
We have an internal webserver, used only for testing purposes, at IP address 5.6.7.8 on our internal corporate network. The packet filter is situated at a chokepoint between our internal network and the rest of the Internet. Can such a packet filter block all attempts by outside hosts to initiate a direct TCP connection to this internal webserver? If yes, design suitable packet filter rule sets (similar to those shown in the table below) that provides this functionality; if no, explain why a (stateless) packet filter cannot do it.

Table: Packet-Filtering Examples
Rule, Direction, Src address, Dest addresss, Protocol, Dest port, Action
1, In, External, Internal, TCP, 25, Permit
2, Out, Internal, External, TCP, >1023, Permit
3, Out, Internal, External, TCP, 25, Permit
4, In, External, Internal, TCP, >1023, Permit
5, Either, Any, Any, Any, Any, Deny

User Kyle Truong
by
4.0k points

1 Answer

3 votes

Answer:

Check the explanation

Step-by-step explanation:

A packet filter firewall is used as a check point between internal corporate network to the outside internet. It blocks all the inbound traffic from the outside hosts trying to initiate a direct TCP connection to the internal corporate webserver. The network design with firewall is shown in the attached image below:

The figures in the attached image below shows an internal corporate network is protected with a packet filter firewall to minimize the inbound traffic from the external network or an internet. Therefore, the packet filter is used as a check point between the network.

The packet filter blocks all attempts by the outside hosts in order to initiate a direct TCP connection to the internal webserver of the internal corporate network.

Going by the second part of the attached image below can can therefore conclude that:

• Rule 1 specifies that, deny any packet with the destination address 5.6.7.8 if the STN flag of TCP header is set.

• Rule 2 specifies that, allow the inbound email traffic from the external source.

• Rule 3 specifies, allows the Outbound TCP traffic from the internal corporate network.

• Rule 4 specifies, allows outbound Email traffic from the internal corporate network to the external network.

• Rule 5 specifies, block any traffic from any source to the any destination.

We have an internal webserver, used only for testing purposes, at IP address 5.6.7.8 on-example-1
User Gevious
by
3.3k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

3.8m questions

4.8m answers

Other Questions

Assume you have created a mechanical arm that can hold a pen. The arm can perform the following tasks: • Lower the pen to a piece of paper. • Raise the pen from the paper. • Move the pen 1 inch along a
Drag each connector name to match the connector type shown.
What problem does chlorofluorocarbon (CFC) create? a. it causes lead poisoning b.it causes great damage to the ozone layer c. it leaks into food as it cools the air and refrigerators d. it is responsible
A school secretary has been asked to prepare a letter of learners what electronic device will she use​
Bob is stationed as a spy in Cyberia for a week and wants to prove that he is alive every day of this week and has not been captured. He has chosen a secret random number, x, which he memorized and told
Link Copied!