Tutorial #19
- What are some of the standard security attacks which The Bad Guys can make
against an Internet-connected computer system? What are the implications of
"springboard" attacks for security of so-called "unimportant" systems?
- What is meant by the term "packet filtering firewall"? Why would such a
device be used? What are some of its limitations?
- In the
lecture, a diagram was presented showing a DMZ & Bastion
Host firewall structure. Describe in detail how each of the two
packet-filtering (firewall) routers would be configured in this structure.
- The firewall examples given in the lecture all assumed a single point of
connection between a business's internal network (or Intranet) and the outside
Internet. How would the situation be complicated if there were multiple
connections?
- You have been asked to configure the Bendigo "gateway" router
r-bgoatm34
to prohibit traffic from subnet 8 (ie,
149.144.8.0
) from crossing the microwave link to Bundoora. Define
an access list (address and mask pair) which will do this, using the syntax
from the lecture.
- The La Trobe "gateway" router blocks connections made to TCP port 80,
except under certain conditions. What are these conditions?
- The "Firewall and DMZ" configuration discussed in the lecture protects the
"internal" hosts from most types of security attacks, but not
all. For example, internal hosts could still be vulnerable to
virus (various forms), worm and
trojan horse attacks. Discuss these issues.
- In the
lecture, a minimal firewall structure was suggested whereby the "gateway
router" (or host) for an organisation serves as in a similar function to a
combined firewall and bastion host. This type of structure is sold by several
vendors as an economical solution to Internet security. How would you expect
the firewall/host system to be configured?
Discussion Questions
The following questions are intended to stimulate
deeper dicussions on the questions and issues involved in network security.
- Imagine you are the network manager of a company which uses a DMZ/firewall
configuration to secure its connection to the Internet. You discover that an
employee has attached a modem to his office phone line so that he can dial in
to his desktop computer to get access to his files so he can work at home.
- Is this a potential security risk for the company? Explain.
- What immediate action should you take in this situation?
- The employee has a legitimate need to work from home. How should you
handle this? NB You're not expected to know the answer!
- You are an honest student. One day you receive a letter from the
University requiring you to see the IT manager about a serious security
breakin which you appear to have been involved in. You've never done anything
like this. What could be happening here, and how could you have become
implicated?
- (Philosophical Question) Discuss some of the legal and ethical questions
alluded to in the last slide of today's lecture.
Copyright © 2004 by Philip
Scott, La Trobe University.