Project Three: Egress Packet Filtering (Cisco Packet Tracer) Purpose Implement t

Question

Project Three: Egress Packet Filtering (Cisco Packet Tracer) Purpose Implement the egress packet filtering rules recommended by the SANS whitepaper "Egress Filtering FAQ Conduct testing to validate and demonstrate the correctness of the implemented firewall rules. 1) 2) Testing 1) Develop a test plan with a list of test cases each for verifying that a particular type of traffic (e.g., icmp echo-request message from internal host to external host) is successfully blocked or permitted per the security policy described in the whitepaper For each test case, you can use the Simulation Mode to send the desired stimulus packets, observe the results, and determine the pass/failure of the test. Rework the firewall rules or test tools if a test case fails, and then repeat the test. 2) 3) 1) 2) OSubmission A written report summarizing the network configuration, firewall rules and design, test procedures, and results. Final Cisco router configuration file on R2811 3) For each test case execution, include relevant screen shots, analysis of test result and determination of pass/failure 4) Save your Packet Tracer work in a file named "P3-lastname.pkt" [replace lastname with your last name. Submit your "P3-lastname.pkt file on VM2 Fall 2017 Computer Network Defense Project Three: Egress Packet Filtering (Cisco Packet Tracer) Internal Network External Network Hostin (Replace x with your assigned subnet ID) filter outbound? 10.10.10.1/24 fa0/0 192.168 x.10/24 192.168.x.1/24 fa0/1 R2811 10.10.10.10/24 192.168.x.254/24 Serverin ServerExt

Explanation / Answer

Stateful vs. Stateless IP Filtering

static IP filter
It has a combination of low overhead and high throughput.
static packet filtering does not offer enough in the way of security to be the only gateway between an internal network and the Internet
Static IP filters allow direct connections from the external network to hosts on the internal network.
Static filters can become cumbersome to maintain in complex environments.
Static filters are vulnerable to IP spoofing attacks
All holes in the firewall are permanent; either a hole exists or it doesn't, there is no opening and closing connections based on outside criteria.
  static IP filters offer no form of authentication.
These filters are used to allow very specific traffic like mail or specific internet programs and not to the whole array of internet.
Static ports once installed will always keep the port open for which they are configured until they are closed manually.

Stateless IP filters
very inexpensive and many are free.
They are included with router configuration software or are included with most Open Source operating systems.
it is very good for traffic management.
These filters keep the ports opening and closing for the arriving packet data according to the rule of the site content and protocol.
This filtration can be applied to the whole array or at individual level.
These filters are configured to follow the rules of the private network and allow the packets that follow the policy and protocol of the IP address they are arriving at.

Related Questions

Navigate

• Browse (All)
• Browse P
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.