Computer Networks
Tutorial #17
- What are some of the standard security attacks which The Bad
Guys can make against an Internet-connected computer system? What
are the implications of "springboard" attacks for security of
so-called "unimportant" systems?
- What is meant by the term "packet filtering firewall"? Why would
such a device be used? What are some of its limitations? How might
such a device be used in conjunction with a "circuit level gateway"
and what additional security would this provide?
- The firewall examples given in the lecture all assumed a single point
of connection between a business's internal network (or Intranet) and
the outside Internet. How would the situation be complicated if there
were multiple connections?
- You have been asked to configure the Bendigo "gateway" router
r-bgoatm34 to prohibit traffic from subnet 8 (ie, 149.144.8.0)
from crossing the microwave link to Bundoora. Define an access list
(address and mask pair) which will do this, using the syntax from
the lecture.
- The La Trobe "gateway" router blocks connections made to
TCP port 80, except under certain conditions. What are these
conditions?
- (Research) The "Firewall and DMZ" configuration discussed in the lecture
protects the "internal" hosts from most types of security attacks, but
not all. For example, internal hosts could still be
vulnerable tovirus (various forms),
worm and trojan horse attacks. Discuss
these issues.
- (Philosophical Question) Discuss some of the legal and ethical
questions alluded to in the last slide of today's lecture.
See Prac #17 for the practical exercises
accompanying this tutorial.
[Previous Tutorial]
[Tutorial Index]
[Next Tutorial]
Copyright © 2000 by
Philip Scott,
La Trobe University.