Computing 205/406 & IT8
Tutorial #17
- What is meant by the term "packet filtering firewall"? Why would
such a device be used? What are some of its limitations? How might
such a device be used in conjunction with a "circuit level gateway"
and what additional security would this provide?
- The firewall examples given in the lecture all assumed a single point
of connection between a business's internal network (or Intranet) and
the outside Internet. How would the situation be complicated if there
were multiple connections?
- Recall Q. 6 of tutorial #8. The
structure of the network at this campus
resembles the diagram in slide 7 of today's lecture. Draw a labelled
diagram of the local Internet using the information from Q.6.
- You have been asked to configure the Bendigo "gateway" router
r-bgowan to prohibit traffic from subnet 8 (ie, 149.144.8.0)
from crossing the ISDN link to Bundoora. Define an access list
(address and mask pair) which will do this.
- One of the claimed advantages of a WWW proxy server is that it can
cache web pages. Discuss the likely success of this.
- IP traffic from students who dial in to the new service on this campus
is blocked at the main gateway router at Bundoora. Why?
- (Philosophical Question) Discuss some of the legal and ethical
questions alluded to in the last slide of today's lecture.
Practical exercises:
- Many businesses with Internet connections use any or all
of circuit-level gateways, application gateways and
packet filtering firewalls. Can
you discover any? NB: It is regarded as extremely
rude to attempt to establish connections to systems
where they are obviously not wanted. Use caution!
- Look up some firewall-related web sites.
This tutorial is also available in PostScript format.
Phil Scott