Tuesday, June 23, 2009

Exercise 15: Review questions

  1. Can a simple firewall be designed from standard computer equipment?

    (Wikipedia) A firewall is a dedicated appliance, or software running on a computer, which inspects network traffic passing through it, and denies or permits passage based on a set of rules.

    It is a software or hardware that is normally placed between a protected network and a not protected network and acts like a gate to protect assets to ensure that nothing private goes out and nothing malicious comes in.

    A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized zone (DMZ).

    There are several types of firewall technigues:

    • Packet Filter - looks at each packet entering or leaving a network and accepts or rejects it based upon user defined rules.
    • Application Gateway - Applies security mechanisms to specific applications. These can impose a performance degradation.
    • Circuit-level gateway - Applies security mechanisms to a TCP or UDP connection.
    • Proxy Server - intercepts all messages entering and leaving network. Effectively hides true network addresses.

  2. What hardware components would you need for a proxy server?
    3. Strictly speaking no hardware components are required explicitly for a proxy server. This is because the functions of proxy, firewall, and caching can be in separate server programs or combined in a single package. Different server programs can be in different computers. For example, a proxy server may in the same machine with a firewall server or it may be on a separate server and forward requests through the firewall.(Whatis.com)
  3. What makes a firewall a good security investment? Accessing the Internet, find two or three firewall vendors. Do they provide hardware, software or both?
    4. As identified above a firewall acts like a gate to protect assets to ensure that nothing private goes out and nothing malicious comes in.

    • Adtran's NetVanta line provides varying levels of network firewall protection based on the enterprise client's security needs. The hardware-based solution provides corporate protection, including VPN and regulatory compliance, for on-site and remote employees.
    • Check Point's line of network firewalls includes Power-1 Appliances for large data centers, VPN product lines and UTM appliances. Its line of Integrated Appliance Solutions provides integrated software and hardware solutions for customized firewall protection
    • Cisco's firewall offerings are designed to work with only Cisco networks and include the hardware-based ASA 5500, router and switch firewalls such as the Cisco Firewall Services Module and the software-based Cisco IOS

  4. Accessing a firewall vendor site, find out what solutions are offered: http://www.checkpoint.com

    Solutions are provided for

    http://www.microsoft.com/catalog/display.asp?subid=22&site=10538&x=44&y=21
    This URL is broken.
  5. Does the company you work for (or the school you attend) utilise a proxy server for Internet access? Is the proxy server intended to keep hackers out of the network, or control employees’ access to the Internet?

    6. Yes, firewall used to keep hackers out.

    We are using content filtering with a product called surf control to restrict internet content.

  6. Find out if your university or workplace has a backup policy in place. Is it followed and enforced?

    My workplace does enforce a backup policy. Full cyclic backups are done on a nightly and weekly basis. Monthly backups are kept for 12 months.
  7. Most of the antivirus software perform an active scanning of the user activity on the Internet, detecting downloads and attachments in e-mails. Hackers have readily available resources to create new viruses. How easy is it to find a virus writing kit? Search the Internet and find such a tool. For example, see what you can find at http://vx.netlux.org/dat/vct.shtml
    8. This website produced a list of 195 virus creation tools.
  8. Download a virus checker and read the documentation.
    9. I have AVG free installed on all my computers at home. Work uses Symantec Corporate edition.
  9. How does it operate?
    10. x
  10. What is the process of updating the virus signature file?
    11. Using the software tool provided.
  11. How does the publisher charge for the product/service?
    12. Currently there are a purported 80 million users of AVG Free. AVG does provide a subscription model that is more fully featured.
References AVG. Retrieved 30 June 2009, from http://free.avg.com/
SearchSecurityChannel.com. Partner Program Directory. Retrieved 20 July 2009, from http://searchsecuritychannel.techtarget.com/generic/0,295582,sid97_gci1316089,00.html
Wikipedia. Firewall. Retrieved 30 June 2009, from http://en.wikipedia.org/wiki/Firewall_(networking)
Whatis.com. proxy server. Retrieved 30 June 2009, from http://whatis.techtarget.com/definition/0,,sid9_gci212840,00.html
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)