Computer Networks

Tutorial #18

1. What are some of the standard security attacks which The Bad Guys can make against an Internet-connected computer system? What are the implications of "springboard" attacks for security of so-called "unimportant" systems?

2. What is meant by the term "packet filtering firewall"? Why would such a device be used? What are some of its limitations? How might such a device be used in conjunction with a "circuit level gateway" and what additional security would this provide?

3. The firewall examples given in the lecture all assumed a single point of connection between a business's internal network (or Intranet) and the outside Internet. How would the situation be complicated if there were multiple connections?

4. You have been asked to configure the Bendigo "gateway" router r-bgoatm34 to prohibit traffic from subnet 8 (ie, 149.144.8.0) from crossing the microwave link to Bundoora. Define an access list (address and mask pair) which will do this, using the syntax from the lecture.

5. The La Trobe "gateway" router blocks connections made to TCP port 80, except under certain conditions. What are these conditions?

6. (Research) The "Firewall and DMZ" configuration discussed in the lecture protects the "internal" hosts from most types of security attacks, but not all. For example, internal hosts could still be vulnerable tovirus (various forms), worm and trojan horse attacks. Discuss these issues.

7. (Philosophical Question) Discuss some of the legal and ethical questions alluded to in the last slide of today's lecture.

Practical exercises:

• Do a traceroute from one of the department's Unix systems to a host outside La Trobe University. Which router do you think is the one which blocks TCP port 80 connections?

• Many businesses with Internet connections use any or all of circuit-level gateways, application gateways and packet filtering firewalls. Can you discover any? NB: It is regarded as extremely rude to attempt to establish connections to systems where they are obviously not wanted. Use lots of caution!

• Look up some firewall-related web sites.