Computing 205/406 & IT8

Tutorial #17

1. What is meant by the term "packet filtering firewall"? Why would such a device be used? What are some of its limitations? How might such a device be used in conjunction with a "circuit level gateway" and what additional security would this provide?

2. The firewall examples given in the lecture all assumed a single point of connection between a business's internal network (or Intranet) and the outside Internet. How would the situation be complicated if there were multiple connections?

3. Recall Q. 6 of tutorial #8. The structure of the network at this campus resembles the diagram in slide 7 of today's lecture. Draw a labelled diagram of the local Internet using the information from Q.6.

4. You have been asked to configure the Bendigo "gateway" router r-bgowan to prohibit traffic from subnet 8 (ie, 149.144.8.0) from crossing the ISDN link to Bundoora. Define an access list (address and mask pair) which will do this.

5. One of the claimed advantages of a WWW proxy server is that it can cache web pages. Discuss the likely success of this.

6. IP traffic from students who dial in to the new service on this campus is blocked at the main gateway router at Bundoora. Why?

7. (Philosophical Question) Discuss some of the legal and ethical questions alluded to in the last slide of today's lecture.

Practical exercises:

• Many businesses with Internet connections use any or all of circuit-level gateways, application gateways and packet filtering firewalls. Can you discover any? NB: It is regarded as extremely rude to attempt to establish connections to systems where they are obviously not wanted. Use caution!

• Look up some firewall-related web sites.