School of Information Science (IS 2935 Introduction to Computer Security, 2003)



Similar documents
Firewall VPN Router. Quick Installation Guide M73-APO09-380

Multi-Homing Dual WAN Firewall Router

Lab assignment #1 Firewall operation and Access Control Lists

Lab Configuring Access Policies and DMZ Settings

Lab Configuring Access Policies and DMZ Settings

Firewall Firewall August, 2003

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

Updating MNS-BB CUSTOMER SUPPORT INFORMATION PK012906

Authenticating a Lucent Portmaster 3 with Microsoft IAS and Active Directory

Savvius Insight Initial Configuration

Lab Exercise Configure the PIX Firewall and a Cisco Router

Lab Configure Cisco IOS Firewall CBAC on a Cisco Router

CMPT 471 Networking II

Lab 2 - Basic Router Configuration

Lab Configure Cisco IOS Firewall CBAC

allow all such packets? While outgoing communications request information from a

Guideline for setting up a functional VPN

Basic Firewall Lab. Lab Objectives. Configuration

Comtrend 1 Port Router Installation Guide CT-5072T

1 PC to WX64 direction connection with crossover cable or hub/switch

VPN Overview. The path for wireless VPN users

Lab Conducting a Network Capture with Wireshark

Protecting the Home Network (Firewall)

Connect the Host to attach to Fast Ethernet switch port Fa0/2. Configure the host as shown in the topology diagram above.

Lab assignment #2 IPSec and VPN Tunnels (Document version 1.1)

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work

IP Filter/Firewall Setup

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Service Managed Gateway TM. How to Configure a Firewall

Firewalls. Chapter 3

Lab Developing ACLs to Implement Firewall Rule Sets

Broadband Phone Gateway BPG510 Technical Users Guide

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

How To Set Up A Network Map In Linux On A Ubuntu 2.5 (Amd64) On A Raspberry Mobi) On An Ubuntu (Amd66) On Ubuntu 4.5 On A Windows Box

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

APPLICATION NOTE. How to build pylon applications for ARM

Prestige 202H Plus. Quick Start Guide. ISDN Internet Access Router. Version /2004

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Lab 1: Network Devices and Technologies - Capturing Network Traffic

Updating MNS-6K software on Magnum 6K Switches

Firewalls. Network Security. Firewalls Defined. Firewalls

co Characterizing and Tracing Packet Floods Using Cisco R

Kwickserver Firewall. Overwiew. Features. Two distinct internal networks. Portfilter. Documentation Version 1.1. Peter Buzanits

DSL-G604T Install Guides

Lab Configure IOS Firewall IDS

Comodo MyDLP Software Version 2.0. Installation Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Firewalls (IPTABLES)

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Internet Security Firewalls

PT Activity: Configure Cisco Routers for Syslog, NTP, and SSH Operations

McAfee.com Personal Firewall

INTERNET SECURITY: THE ROLE OF FIREWALL SYSTEM

Chapter 9 Monitoring System Performance

Evaluation guide. Vyatta Quick Evaluation Guide

Configure Cisco IOS Firewall to use stateful packet inspection for IPv6. Configure Cisco IOS Firewall to use packet filtering for IPv6.

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Firewalls. Ingress Filtering. Ingress Filtering. Network Security. Firewalls. Access lists Ingress filtering. Egress filtering NAT

EXPLORER. TFT Filter CONFIGURATION

Sniffing in a Switched Network

NETWORK SET UP GUIDE FOR

RADAR NETWORK SETUP WITH WINDOWS XP/VISTA

Pre-lab and In-class Laboratory Exercise 10 (L10)

This techno knowledge paper can help you if: You need to setup a WAN connection between a Patton Router and a NetGuardian.

1. Firewall Configuration

FTP Server Application Guide. Rev:

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T PIN6 T PIN7 R+ PIN8 R-

Multi-Homing Security Gateway

Prestige 792H. G.SHDSL 4-port Security Gateway. Compact Guide Version 3.40(BZ.0) March 2004

IIS, FTP Server and Windows

CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs

Assignment 3 Firewalls

UIP1868P User Interface Guide

SETTING UP REMOTE ACCESS ON EYEMAX PC BASED DVR.

50-Port 10/100/1000Mbps with 4 Shared SFP. Managed Gigabit Switch WGSW Quick Installation Guide

Lab 7: Introduction to Pen Testing (NMAP)

CSCE 465 Computer & Network Security

Implementing Network Address Translation and Port Redirection in epipe

PT Activity 8.1.2: Network Discovery and Documentation Topology Diagram

Firewalls & Intrusion Detection

Prestige 324. Prestige 324. Intelligent Broadband Sharing Gateway. Version 3.60 January 2003 Quick Start Guide

P-660R-T1/T3 v2 Quick Start Guide

FTP Server Application Guide

Firewalls, IDS and IPS

Lab Objectives & Turn In

Router Lab Reference Guide

Prestige 310. Cable/xDSL Modem Sharing Router. User's Guide Supplement

Configuring the Switch with the CLI Setup Program

Chapter 11 Cloud Application Development

HONEYD (OPEN SOURCE HONEYPOT SOFTWARE)

Comtrend 4 Port Router Installation Guide CT-5361T

ZyWALL 5. Internet Security Appliance. Quick Start Guide Version 3.62 (XD.0) May 2004

Linux Network Security

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

Cisco Configuring Commonly Used IP ACLs

your Gateway Windows network installationguide b wireless series Router model WBR-100 Configuring Installing

NAS 224 Remote Access Manual Configuration

Transcription:

Student Name : School of Information Science (IS 2935 Introduction to Computer Security, 2003) Firewall Configuration Part I: Objective The goal of this lab is to allow students to exploit an active attack on the network and implement the firewall to prevent this kind of attack. Also, the basic firewall functions will be performed. Part II: Equipment List Systems : - 1 PC running Linux OS with a server function (Plum) - 1 PC running Linux OS with a client and an attacker functions (Periwinkle) - 1 PC running Windows with a console function - 1 Lucent Firewall IRX Router (192.168.24.1) (192.168.23.1) E0 E1 S0 Server (192.168.24.100) Firewall IRX Client (192.168.23.100) Console Figure 1 : Firewall lab configuration Copyright 2003 : University of Pittsburgh

Part III: Introduction and Background How do you secure the valuable information within your company s Intranet while allowing your employees to have access to the outside information they need? Also, your DSL connection brings more bandwidth to your house but the 24 x 7 connection can leave you vulnerable to malicious hackers. The solution to both of these problems is found in a firewall. Firewalls protect a computer or entire network by limiting what information can get into or leave the network. The role of the firewall in a network is becoming greater as malicious hackers find new exploits for systems. Firewalls are either hardware or software, in this lab we will be dealing with a hardware solution from Lucent Technologies. A hardware firewall is a standalone system that is placed between the internal (protected) network and the Internet. The network administrator sets the firewall s attributes to correspond with the desired security features. Security can be set to allow almost all traffic into and out of the network, or set to block all incoming and most outgoing information. The job of the network administrator is to find the correct balance. In this lab, you will know how to set-up the firewall for different purposes and also know one type of the active attack to a server and measure the performance of the system. Part IV: Procedure 1. Set up the lab configuration 1.1 Configuring the console computer: 1. Connect the black wire from the firewall to the console computer. (Please check the connection.) Note: You need to have a null modem to connect the console computer to the console port of the firewall. 2. Open terminal program in Accessories (MS Windows for Workgroup.) 3. Click at File and choose Open. 4. Find the terminal file name firewall.trm and open it. Note: If the firewall.trm file is not found, try to open a new connection and go to set up communication and set as following: 9600/8/1/No parity/ (Xon/Xoff) in COM1 5. When we connect to the console of the firewall you will see PortMaster Console login: Version 1.1 (6/11/03) Firewall Configuration 1 of 6

Note: You may need to press Enter to see the console prompt. 6. To log-in, use username!root with no password. PortMaster Console login:!root To log out use: Command > exit 7. Type in as follow: Command > show all Check the configuration on the firewall with the figure 1. If it is not correct, type in as follow: Command > set telnet 0 Command > set ether0 address 192.168.24.1 Command > set ether0 netmask 255.255.255.0 Command > set ether0 routing on Command > set ether1 address 192.168.23.1 Command > set ether1 netmask 255.255.255.0 Command > set ether1 routing on Command > save all Command > delete filter ether1.in Command > set ether1 ifilter Command > show all Command > quit Note: Make sure that there is no filter file using in both Ethernet ports by using: Command > show ether0 Command > show ether1 1.2 Configuring the client computer: 1. Open the client computer and log-in: Login : firewall Password : goodman 2. Performance Measurement 2.1 Attack the server without firewall: This part of the lab will simulate a denial of service attack, which is one of the well-known attacks in computer systems today. By sending a lot of packets to a server and make it to response, this attack can impair the server capability such that it cannot response at all and other services from the server will be denial. However, this type of Version 1.1 (6/11/03) Firewall Configuration 2 of 6

attack requires a lot of computers and we cannot do it in this lab. We can only see the performance degradation from a small version of this attack as follows. 2.1.1 Configuring the client computer: 1. Open 6 terminals on the client and resize them within one window and you can see all the terminals Note: At the first terminal, we use it as an FTP client in order to download a file from the server. In contrast to other five terminals, we use it as an attacker using PING command. 2. Type in as follow for all 5 terminals: $ ping 192.168.24.100 Check if the ping packets get through the firewall. Note : Use Ctrl-C to quit this program. 3. In the last terminal, open an FTP connection to the server by: $ ftp 192.168.24.100 username : firewall password : goodguy 4. After log-in to the FTP server, use command as follow: ftp> binary ftp> get firewall.doc 5. Record the total time of transmission (repeat 3 times) Repetition Time (sec.) 1 2 3 AVERAGE TIME : FILE SIZE : Bytes 6. Using the following command to quit the FTP connection: ftp> bye 7. Quit all the other terminals. 2.2 Attack the server with firewall: 2.2.1 Configuring the console computer: Version 1.1 (6/11/03) Firewall Configuration 3 of 6

1. Log-in or continue the session 2. Type in as follow: > add filter ether1.in > set filter ether1.in 1 permit tcp 192.168.23.100/32 > set ether1 ifilter ether1.in > save all 2.2.2 Configuring the client computer: 1. Follow the previous steps (2.1.1) 2. Record the total time of transmission (repeat 3 times) Repetition Time (sec.) 1 2 3 AVERAGE TIME : 3. How to block IP addresses 3.1 Configuring the console computer: 1. Log-in or continue the session 2. Type in as follow: > delete filter ether1.in > add filter ether1.in > set filter ether1.in 1 deny 192.168.23.100/32 > set ether1 ifilter ether1.in > save all 3.2 At the client computer: 1. Check the following task if you can do or not (Yes or No) a. Open the FTP connection b. Open the telnet connection c. PING to the server Note: To open the telnet connection use : $ telnet 192.168.24.100 Also, use the same username and password as in the ftp session. Version 1.1 (6/11/03) Firewall Configuration 4 of 6

Question: 1. If we have more computers in the 192.168.23.x subnet, can the ftp, telnet and ping messages get through the firewall? 4. How to block all TCP Traffic from outside network 4.1 Configuring the console computer: 1. Log-in or continue the session 2. Type in as follow: >delete filter ether1.in >add filter ether1.in >set filter ether1.in 1 deny tcp established >set filter ether1.in 2 permit icmp >set ether1 ifilter ether1.in >save all 4.2 At the client computer: Check the following task if you can do or not (Yes or No) a. Open the FTP connection b. Open the telnet connection c. PING to the server rver: plum teletftp For client : periwinkle bob Note : More information about the Lucent Firewall IRX Router go to : http://www.livingston.com Version 1.1 (6/11/03) Firewall Configuration 5 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information