SlideShare a Scribd company logo

1. Task In this assignment you are asked to provide named.pdf

A
alokopticalswatchco0

1. Task In this assignment you are asked to provide named ACLs for Cisco Packet Filter Firewalls. Each student must undertake their own assignment - any duplicate solutions will receive 0 marks. Please submit any questions/queries via email to Consider the following network outline: - Note: There is no need to build this network !!! - Note: Not all PCs/Servers are displayed! This network has the following components: - The Internet: any machine/network range not mentioned elsewhere. - Partner (class B network 136.201.0.0/16): a business partner with privileged access rights. - Evil Group (class C network 6.6.60.0/C): known to have malicious intent. - Your own corporate network (class B network 147.17.0.0/16), which has the subnets 147.17.1.0/24 Screened Subnet, 147.17.2.0/24 Workstation Network, 147.17.3/24 Server Network, and 147.17.4.0/24 Admin Network. The Border Router in the Corporate Network has the following interfaces: - FastEthernet 0/0: Connected to the ISP (Internet), IP address 10.10.10.10 - FastEthernet 1/0: Connected to the Screened Subnet, IP address 147.17.1.254 - FastEthernet 2/0: Connected to the Workstation Network, IP address 147.17.2.254 The Internal Router in the Corporate Network has the following interfaces: - FastEthernet 0/0: Connected to the Workstation Network, IP address 147.17.2.254 - FastEthernet 1/0: Connected to the Server Network, IP address 147.17.3.254 - FastEthernet 2/0: Connected to the Admin Network, IP address 147.17.4.254 The Screened Subnet contains the following servers: - DNS Server 147.17.1.50 - Mail Server 147.17.1.60 - Web Server 147.17.1.70 The Workstation Network contains the following machines: 2/6 - Internal PCs and Workstations 147.17.2.1-254 (even though 147.17.2.254/_ .ne interfaces of the routers, treat them as if they were PCS) The Internal Server Network contains the following servers: - Internal NTP Server 147.17.3.10 - MySQL Database Server 147.17.3.20 The Admin Network contains the following machines: - Admin PCs 147.17.4.1-127 - Syslog Server 147.17.4.128 Your task is to configure named ACLs in the two routers to implement the security policy outlined below (only IPv4 needs to be considered). Please note that some networking aspects that are usually required for the network to work might be missing - you can ignore these. In this section, IP addresses are combined with ports in format ipaddress:port, where port indicates TCP (T) or UDP (U) as well as port number. Ranges are indicated as follows: - Port in range x to y (both inclusive): Txy - Any port greater than x:T>x - Any port greater or equal to x:T>=x - Any port less than x:T1023 to 147.17.4.128:T514) and can contact the NTP server (147.17.x.x:U>1023 to 147.17.3.10:U123). - Business partner machines can connect to the Syslog Server via SSH (136.201.x.x:T>1023 to 147.17.4.128:T22), can send secure log message to the Syslog Server (136.201.x.x:T>1023 to 147.17.4.128:T514) and contact the NTP Server (136.201.x.x:U>1023 to 147.17.3.

Education
1 of 4
Download to read offline
1. Task In this assignment you are asked to provide named ACLs for Cisco Packet Filter Firewalls. Each student must undertake their own assignment - any duplicate solutions will receive 0 marks. Please submit any questions/queries via email to Consider the following network outline: - Note: There is no need to build this network !!! - Note: Not all PCs/Servers are displayed! This network has the following components: - The Internet: any machine/network range not mentioned elsewhere. - Partner (class B network 136.201.0.0/16): a business partner with privileged access rights. - Evil Group (class C network 6.6.60.0/C): known to have malicious intent. - Your own corporate network (class B network 147.17.0.0/16), which has the subnets 147.17.1.0/24 Screened Subnet, 147.17.2.0/24 Workstation Network, 147.17.3/24 Server Network, and 147.17.4.0/24 Admin Network. The Border Router in the Corporate Network has the following interfaces: - FastEthernet 0/0: Connected to the ISP (Internet), IP address 10.10.10.10 - FastEthernet 1/0: Connected to the Screened Subnet, IP address 147.17.1.254 - FastEthernet 2/0: Connected to the Workstation Network, IP address 147.17.2.254 The Internal Router in the Corporate Network has the following interfaces: - FastEthernet 0/0: Connected to the Workstation Network, IP address 147.17.2.254 - FastEthernet 1/0: Connected to the Server Network, IP address 147.17.3.254 - FastEthernet 2/0: Connected to the Admin Network, IP address 147.17.4.254 The Screened Subnet contains the following servers: - DNS Server 147.17.1.50 - Mail Server 147.17.1.60 - Web Server 147.17.1.70 The Workstation Network contains the following machines: 2/6 - Internal PCs and Workstations 147.17.2.1-254 (even though 147.17.2.254/_ .ne interfaces of the routers, treat them as if they were PCS) The Internal Server Network contains the following servers: - Internal NTP Server 147.17.3.10 - MySQL Database Server 147.17.3.20 The Admin Network contains the following machines: - Admin PCs 147.17.4.1-127 - Syslog Server 147.17.4.128 Your task is to configure named ACLs in the two routers to implement the security policy outlined below (only IPv4 needs to be considered). Please note that some networking aspects that are usually required for the network to work might be missing - you can ignore these. In this section, IP addresses are combined with ports in format ipaddress:port, where port indicates TCP (T) or UDP (U) as well as port number. Ranges are indicated as follows: - Port in range x to y (both inclusive): Txy - Any port greater than x:T>x - Any port greater or equal to
x:T>=x - Any port less than x:T1023 to 147.17.4.128:T514) and can contact the NTP server (147.17.x.x:U>1023 to 147.17.3.10:U123). - Business partner machines can connect to the Syslog Server via SSH (136.201.x.x:T>1023 to 147.17.4.128:T22), can send secure log message to the Syslog Server (136.201.x.x:T>1023 to 147.17.4.128:T514) and contact the NTP Server (136.201.x.x:U>1023 to 147.17.3.10:U123). - Any machine (inside or outside - unless other policy rules forbid it) can access DNS Server 147.17.1.50:T53 (any:T>1023 to 147.17.1.50:53), Mail Server 147.17.1.60:T25 (any:T25 to 147.17.1.60:T25) and Web server 147.17.1.70:T443 (any:T>1023 to 147.17.1.70:443) - make sure the clients cannot use any server port (1 to 1023 - attention: SMTP is server to server). - DNS Server can access any outside machine on TCP 53 (147.17.1.50:T>=1024 to any:T53). Only TCP requests are supported. - Mail Server 147.17.1.60 can contact any outside machine on SMTP (147.17.1.60:T25 to any:T25). - Web server can only initiate connections to the mySQL DataBase Server (147.17.1.70:T>=1024 to 147.17.3.20:T3360), NTP server (147.17.1.70:U>1023 to 147.17.3.10:U123) and Syslog Server (147.17.1.70:T>1023 to 147.17.4.128:T514). All other traffic originating in the web server must be return traffic to HTTPS requests. - NTP server can only be accessed by internal machines and business partner machines. - MySQL DataBase Server (147.17.3.20) can only be accessed by Web server (147.17.1.70), your own workstations (147.17.2.0/24) using SQL queries (machines:T>=1024 to 147.17.3.20:T3360). It can only react to requests (and send logs to the Syslog Server). - Internal PCs and Workstations in the Workstation Network can only access: - Any web server (internal or external) via HTTPS (147.17.2.x:T>=1024 to any:T443). - DNS Server 147.17.1.50 (147.17.2.x:T>1023 to 147.17.1.50:T53) - Mail Server 147.17.1.60 for IMAP and SMTP (147.17.2.x:T>1023 to 147.17.1.60:T220,T25) - Your own mySQL DataBase Server (147.17.2.x:T>=1024 to 147.17.3.20:T3360). - Internal NTP Server (147.17.2.x:U>=1024 to 147.17.3.10:U123) - Syslog Server (147.17.2.x:T>1023 to 147.17.4.128:T514). - Workstations & PCs must use client ports (>1023) for all communication. - Make sure that only traffic that is a response to a request from any of the workstations/internal PCs can reach machines in the Workstation Network (obviously some traffic must be permitted to reach Internal Router and machines in Server Network and Admin Network)! You must use reflexive ACLs for this purpose. The only exception to this rule is remote access by admin PCs. - Admin PCs (147.17.4.1-127) can remotely access any PC/Server in the Corporate Network via AnyDesk (147.17.4.1-127:T>=1024 to 147.17.x.x:T6568). - Admin PCs cannot communicate with any outside machine. - Syslog server cannot initiate communication to any machine outside the Admin Network. It can only receive Syslog messages and be contacted by business partner via SSH. - Make sure to configure your ACLs such that some form of routing protocol (RIP, EGP, BGP or any other you like) can reach
your routers. - All other connections should be denied! 3. Deliverables Submit a single (!) text file - please use a .txt extension and make sure it is a plain text file and not a word processor format. Your file should contain: - Your name & student ID - A list of commands you used to configure your Routers (creating the ACLs and assigning them to interfaces - no need to include interface setup). Please precede each line with a unique line-number for identification purposes (see point below) as outlined in the sample at the end of this project description. Make sure that you use a single, continuous set of line numbers - no line number should be repeated in your entire document! - Please make sure to clearly indicate to which router the ACLs belong (Border Router or Internal Router). - For each question in section "5. Firewall Evaluation Questions" detail which firewall rule(s) will be used to process the discussed traffic: If a packet is passed through a firewall, name all firewall rules (identified by their unique line number) that pass the packet. Similarly, if a packet is dropped by a firewall, name the firewall rule that drops the packet (add a comment the explains the reason for dropping). If a packet is processed by two or more ACLS, make sure to include all rules that process the packet. For each passed packet, name the firewall rule(s) that would process the corresponding return traffic (if any response is expected). 4. Deadline and Marking Deadline for submission of your solution is 10:00h on Monday, 27th March. Where I have concerns about the originality of the submitted work, I reserve the right to conduct interviews (via MS Team or similar) with students, where marks will be adjusted correspondingly. This project contributes 20% to the overall module mark. 5. Firewall Evaluation Questions 1. Machine 166.60.6.6:T4077 sends a HTTPS request to public web server 147.17.1.70:T443. 2. Machine 166.60.6.6 uses spoofed source IP address 147.17.2.10:T12345 to send a HTTPS request to Public Web Server 147.17.1.70:T443. 3. Machine 166.60.6.6 uses spoofed source IP address 172.16.1.1:T9834 to send a DNS request to DNS Server 147.17.1.50:T53. 4. Machine 4.14.54.33:T2233 sends a HTTP request to Web Server 147.17.1.70:T80. 5. Machine 123.5.4.3:T4321 sends a HTTPS request to Web Server 147.17.1.70:T443. 6. Machine 136.201.200.1:T6789 establishes a TCP connection to Syslog Server 147.17.4.128:T514. 7. Machine 136.201.200.1:T1023 establishes a TCP connection to Syslog Server 147.17.4.128:T514. 8. Router 4.4.4.4 uses your chosen routing protocol with suitable ports (if applicable) to send routing information to border router 10.10 .10 .10 . 9. Web Server 147.17.1.70:T443 establishes a TCP connection to machine 211.4.3.2:T6789. 10. Web Server 147.17.1.20:T6789 establishes a TCP connection MySQL Database Server 147.17.3.20:T3360. 11. Web Server 147.17.1.20:T6789 establishes TCP connection to Syslog Server 147.17.4.128:T514. 12. Outside DNS Server 188.33.3.3:T10342 sends a DNS request to DNS Server 147.17.1.50:T53. 13. MySQL Database Server 147.17.3.20:T2233 sends a HTTPS request to Web Server 147.17.1.20:T443.
14. MySQL Database Server 147.17.3.20:T2233 establishes TCP connection to Syslog Server 147.17.4.128:T514. 15. PC 147.17.2.67:T1234 sends a HTTPS request to Web server 5.1.2.3:T443. 16. PC 147.17.2.201:T5555 establishes a connection to MySQL DataBase Server 147.17.3.20:T3360. 17. PC 147.17.2.123:T9237 contacts outside mail server 33.123.87.5:T25 on SMTP . 18. Machine 166.60.6.6 uses spoofed source IP address 20.1.1.1:T443 to send a HTTPS response to Internal PC 147.17.2.40:T9876 (without previous request). 19. Admin PC 147.17.50.10:T4408 establishes SSH session with DNS Server 147.17.1.50:T22. 20. Admin PC 147.17.50.60:8405 establishes AnyDesk Session with PC 147.17.2.121:T6568. 6. Sample List of Commands (10) ip access-list extended inACL (20) deny ip 1.0 .0 .00 .255 .255 .255 any (30) permit tcp 5.0 .0 .00 .255 .255 .255 gt 10231.0 .0 .00 .255 .255 .255 eq 22 (40) permit icmp 5.0.0.0 0.255 .255 .255 host 1.1 .7 .10 echo (50) permit icmp any 1.0 .0 .00 .255 .255 .255 echo- reply (60) permit tcp any gt 1023 host 1.1 .8 .1 eq www (70) permit tcp any eq www 1.0 .0 .00 .255 .255 .255 gt 1023 (80) deny ip any any (90) exit (100) int FastEthernet0/0 (110) ip access- group inACL in (120) exit (130) ip access-list extended outACL (140) permit ...

Recommended

Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
adam_merritt
 
Zdalna komunikacja sieciowa - zagadnienia sieciowe
Zdalna komunikacja sieciowa - zagadnienia sieciowe Zdalna komunikacja sieciowa - zagadnienia sieciowe
Zdalna komunikacja sieciowa - zagadnienia sieciowe
Agnieszka Kuba
 
Cyber security and ethical hacking 3
Cyber security and ethical hacking 3Cyber security and ethical hacking 3
Cyber security and ethical hacking 3
Mehedi Hasan
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2
T. J. Saotome
 
Socket Programming TCP:IP PPT.pdf
Socket Programming TCP:IP PPT.pdfSocket Programming TCP:IP PPT.pdf
Socket Programming TCP:IP PPT.pdf
PraveenKumar187040
 
MTCNA Show.pptx
MTCNA Show.pptxMTCNA Show.pptx
MTCNA Show.pptx
ahmedraed19
 
Firewall
FirewallFirewall
Firewall
Manikyala Rao
 
Firewalls
FirewallsFirewalls
Firewalls
hemantag
 

Recommended

Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
adam_merritt
 
Zdalna komunikacja sieciowa - zagadnienia sieciowe
Zdalna komunikacja sieciowa - zagadnienia sieciowe Zdalna komunikacja sieciowa - zagadnienia sieciowe
Zdalna komunikacja sieciowa - zagadnienia sieciowe
Agnieszka Kuba
 
Cyber security and ethical hacking 3
Cyber security and ethical hacking 3Cyber security and ethical hacking 3
Cyber security and ethical hacking 3
Mehedi Hasan
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2
T. J. Saotome
 
Socket Programming TCP:IP PPT.pdf
Socket Programming TCP:IP PPT.pdfSocket Programming TCP:IP PPT.pdf
Socket Programming TCP:IP PPT.pdf
PraveenKumar187040
 
MTCNA Show.pptx
MTCNA Show.pptxMTCNA Show.pptx
MTCNA Show.pptx
ahmedraed19
 
Firewall
FirewallFirewall
Firewall
Manikyala Rao
 
Firewalls
FirewallsFirewalls
Firewalls
hemantag
 
16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)
Jeff Green
 
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docxINFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
carliotwaycave
 
Linux router
Linux routerLinux router
Linux router
Miguel E Arellano Quezada
 
GREAT MINDS
GREAT MINDSGREAT MINDS
GREAT MINDS
Sione Taukinukufili
 
Ch02 TCP/IP Concepts Review
Ch02 TCP/IP Concepts ReviewCh02 TCP/IP Concepts Review
Ch02 TCP/IP Concepts Review
phanleson
 
TCP/IP basics
TCP/IP basicsTCP/IP basics
TCP/IP basics
SecurityTube.Net
 
Free CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfFree CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdf
Networkershome
 
14 network tools
14 network tools14 network tools
14 network tools
Shay Cohen
 
Intro tcp-ip
Intro tcp-ipIntro tcp-ip
Intro tcp-ip
Zoulou Adams
 
Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu
Alessandro De Suoodh
 
Introduction to tcp ip linux networking
Introduction to tcp ip linux networkingIntroduction to tcp ip linux networking
Introduction to tcp ip linux networking
Sreenatha Reddy K R
 
Network programming in Java
Network programming in JavaNetwork programming in Java
Network programming in Java
Tushar B Kute
 
[Application guide] IoT Protocol gateway
[Application guide] IoT Protocol gateway[Application guide] IoT Protocol gateway
[Application guide] IoT Protocol gateway
Seth Xie
 
Network Programming in Java
Network Programming in JavaNetwork Programming in Java
Network Programming in Java
Tushar B Kute
 
RemoteAdmin.pptx
RemoteAdmin.pptxRemoteAdmin.pptx
RemoteAdmin.pptx
hoangdinhhanh88
 
packet traveling (pre cloud)
packet traveling (pre cloud)packet traveling (pre cloud)
packet traveling (pre cloud)
iman darabi
 
Network Setup Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
Network Setup Guide: Deploying Your Cloudian HyperStore Hybrid Storage ServiceNetwork Setup Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
Network Setup Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
Cloudian
 
Net Programming.ppt
Net Programming.pptNet Programming.ppt
Net Programming.ppt
EloAcubaOgardo
 
Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)
NetProtocol Xpert
 
Networking basics
Networking basicsNetworking basics
Networking basics
Sridhar Baithi
 
1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf
1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf
1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf
alokopticalswatchco0
 
1. Para cada uno de los siguientes, inserte una o m�s letras may�scu.pdf
1. Para cada uno de los siguientes, inserte una o m�s letras may�scu.pdf1. Para cada uno de los siguientes, inserte una o m�s letras may�scu.pdf
1. Para cada uno de los siguientes, inserte una o m�s letras may�scu.pdf
alokopticalswatchco0
 

More Related Content

Similar to 1. Task In this assignment you are asked to provide named.pdf

16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)
Jeff Green
 
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docxINFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
carliotwaycave
 
Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu
Alessandro De Suoodh
 

Similar to 1. Task In this assignment you are asked to provide named.pdf (20)

16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)
 
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docxINFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
 
Linux router
Linux routerLinux router
Linux router
 
GREAT MINDS
GREAT MINDSGREAT MINDS
GREAT MINDS
 
Ch02 TCP/IP Concepts Review
Ch02 TCP/IP Concepts ReviewCh02 TCP/IP Concepts Review
Ch02 TCP/IP Concepts Review
 
TCP/IP basics
TCP/IP basicsTCP/IP basics
TCP/IP basics
 
Free CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdfFree CCNA workbook by networkers home pdf
Free CCNA workbook by networkers home pdf
 
14 network tools
14 network tools14 network tools
14 network tools
 
Intro tcp-ip
Intro tcp-ipIntro tcp-ip
Intro tcp-ip
 
Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu
 
Introduction to tcp ip linux networking
Introduction to tcp ip linux networkingIntroduction to tcp ip linux networking
Introduction to tcp ip linux networking
 
Network programming in Java
Network programming in JavaNetwork programming in Java
Network programming in Java
 
[Application guide] IoT Protocol gateway
[Application guide] IoT Protocol gateway[Application guide] IoT Protocol gateway
[Application guide] IoT Protocol gateway
 
Network Programming in Java
Network Programming in JavaNetwork Programming in Java
Network Programming in Java
 
RemoteAdmin.pptx
RemoteAdmin.pptxRemoteAdmin.pptx
RemoteAdmin.pptx
 
packet traveling (pre cloud)
packet traveling (pre cloud)packet traveling (pre cloud)
packet traveling (pre cloud)
 
Network Setup Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
Network Setup Guide: Deploying Your Cloudian HyperStore Hybrid Storage ServiceNetwork Setup Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
Network Setup Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
 
Net Programming.ppt
Net Programming.pptNet Programming.ppt
Net Programming.ppt
 
Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)
 
Networking basics
Networking basicsNetworking basics
Networking basics
 

More from alokopticalswatchco0

1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf
1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf
1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf
alokopticalswatchco0
 
1. La radiaci�n solar consiste en ondas principalmente en el longi.pdf
1. La radiaci�n solar consiste en ondas principalmente en el longi.pdf1. La radiaci�n solar consiste en ondas principalmente en el longi.pdf
1. La radiaci�n solar consiste en ondas principalmente en el longi.pdf
alokopticalswatchco0
 
1. Modify code to change cube into pyramid.2. Make the pyramid int.pdf
1. Modify code to change cube into pyramid.2. Make the pyramid int.pdf1. Modify code to change cube into pyramid.2. Make the pyramid int.pdf
1. Modify code to change cube into pyramid.2. Make the pyramid int.pdf
alokopticalswatchco0
 
1. Mark presents a five-year vision to his team that focuses on fina.pdf
1. Mark presents a five-year vision to his team that focuses on fina.pdf1. Mark presents a five-year vision to his team that focuses on fina.pdf
1. Mark presents a five-year vision to his team that focuses on fina.pdf
alokopticalswatchco0
 
1. Los GAAP requieren que cierta informaci�n actuarial para las pens.pdf
1. Los GAAP requieren que cierta informaci�n actuarial para las pens.pdf1. Los GAAP requieren que cierta informaci�n actuarial para las pens.pdf
1. Los GAAP requieren que cierta informaci�n actuarial para las pens.pdf
alokopticalswatchco0
 
1. List two of the major causes of habitat loss today.2. List tw.pdf
1. List two of the major causes of habitat loss today.2. List tw.pdf1. List two of the major causes of habitat loss today.2. List tw.pdf
1. List two of the major causes of habitat loss today.2. List tw.pdf
alokopticalswatchco0
 
1. Los candidatos de trabajo m�s exitosos usan redes para encontrar .pdf
1. Los candidatos de trabajo m�s exitosos usan redes para encontrar .pdf1. Los candidatos de trabajo m�s exitosos usan redes para encontrar .pdf
1. Los candidatos de trabajo m�s exitosos usan redes para encontrar .pdf
alokopticalswatchco0
 
1. Las normas propuestas para implementar una ley son a. No est� a.pdf
1. Las normas propuestas para implementar una ley son a. No est� a.pdf1. Las normas propuestas para implementar una ley son a. No est� a.pdf
1. Las normas propuestas para implementar una ley son a. No est� a.pdf
alokopticalswatchco0
 
1. La secci�n de activos de un balance general clasificado incluye .pdf
1. La secci�n de activos de un balance general clasificado incluye .pdf1. La secci�n de activos de un balance general clasificado incluye .pdf
1. La secci�n de activos de un balance general clasificado incluye .pdf
alokopticalswatchco0
 
1. Las siguientes son las etapas principales del proceso de compra e.pdf
1. Las siguientes son las etapas principales del proceso de compra e.pdf1. Las siguientes son las etapas principales del proceso de compra e.pdf
1. Las siguientes son las etapas principales del proceso de compra e.pdf
alokopticalswatchco0
 
1. La madre A es Rh, mientras que el padre A es Rh+. �Cu�les son tod.pdf
1. La madre A es Rh, mientras que el padre A es Rh+. �Cu�les son tod.pdf1. La madre A es Rh, mientras que el padre A es Rh+. �Cu�les son tod.pdf
1. La madre A es Rh, mientras que el padre A es Rh+. �Cu�les son tod.pdf
alokopticalswatchco0
 
1. La gente en general lleva una sola identidad. b una o quiz�s .pdf
1. La gente en general lleva una sola identidad. b una o quiz�s .pdf1. La gente en general lleva una sola identidad. b una o quiz�s .pdf
1. La gente en general lleva una sola identidad. b una o quiz�s .pdf
alokopticalswatchco0
 
1. La delimitaci�n entre negocios convencionales, negocios sociales .pdf
1. La delimitaci�n entre negocios convencionales, negocios sociales .pdf1. La delimitaci�n entre negocios convencionales, negocios sociales .pdf
1. La delimitaci�n entre negocios convencionales, negocios sociales .pdf
alokopticalswatchco0
 

More from alokopticalswatchco0 (20)

1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf
1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf
1. Los usuarios externos de informaci�n de contabilidad financiera i.pdf
 
1. Para cada uno de los siguientes, inserte una o m�s letras may�scu.pdf
1. Para cada uno de los siguientes, inserte una o m�s letras may�scu.pdf1. Para cada uno de los siguientes, inserte una o m�s letras may�scu.pdf
1. Para cada uno de los siguientes, inserte una o m�s letras may�scu.pdf
 
1. only extrachromosomal ribosomal DNA circles are not transmitted f.pdf
1. only extrachromosomal ribosomal DNA circles are not transmitted f.pdf1. only extrachromosomal ribosomal DNA circles are not transmitted f.pdf
1. only extrachromosomal ribosomal DNA circles are not transmitted f.pdf
 
1. La radiaci�n solar consiste en ondas principalmente en el longi.pdf
1. La radiaci�n solar consiste en ondas principalmente en el longi.pdf1. La radiaci�n solar consiste en ondas principalmente en el longi.pdf
1. La radiaci�n solar consiste en ondas principalmente en el longi.pdf
 
1. Modify code to change cube into pyramid.2. Make the pyramid int.pdf
1. Modify code to change cube into pyramid.2. Make the pyramid int.pdf1. Modify code to change cube into pyramid.2. Make the pyramid int.pdf
1. Modify code to change cube into pyramid.2. Make the pyramid int.pdf
 
1. Mark presents a five-year vision to his team that focuses on fina.pdf
1. Mark presents a five-year vision to his team that focuses on fina.pdf1. Mark presents a five-year vision to his team that focuses on fina.pdf
1. Mark presents a five-year vision to his team that focuses on fina.pdf
 
1. Los GAAP requieren que cierta informaci�n actuarial para las pens.pdf
1. Los GAAP requieren que cierta informaci�n actuarial para las pens.pdf1. Los GAAP requieren que cierta informaci�n actuarial para las pens.pdf
1. Los GAAP requieren que cierta informaci�n actuarial para las pens.pdf
 
1. Los elementos de la estrategia de Hershey Company han evolucionad.pdf
1. Los elementos de la estrategia de Hershey Company han evolucionad.pdf1. Los elementos de la estrategia de Hershey Company han evolucionad.pdf
1. Los elementos de la estrategia de Hershey Company han evolucionad.pdf
 
1. Los peces lech�n viven en el oc�ano. Estos peces se adhieren a la.pdf
1. Los peces lech�n viven en el oc�ano. Estos peces se adhieren a la.pdf1. Los peces lech�n viven en el oc�ano. Estos peces se adhieren a la.pdf
1. Los peces lech�n viven en el oc�ano. Estos peces se adhieren a la.pdf
 
1. List two of the major causes of habitat loss today.2. List tw.pdf
1. List two of the major causes of habitat loss today.2. List tw.pdf1. List two of the major causes of habitat loss today.2. List tw.pdf
1. List two of the major causes of habitat loss today.2. List tw.pdf
 
1. Los candidatos de trabajo m�s exitosos usan redes para encontrar .pdf
1. Los candidatos de trabajo m�s exitosos usan redes para encontrar .pdf1. Los candidatos de trabajo m�s exitosos usan redes para encontrar .pdf
1. Los candidatos de trabajo m�s exitosos usan redes para encontrar .pdf
 
1. Los Criterios de Daubert hacen preguntas espec�ficas sobre la adm.pdf
1. Los Criterios de Daubert hacen preguntas espec�ficas sobre la adm.pdf1. Los Criterios de Daubert hacen preguntas espec�ficas sobre la adm.pdf
1. Los Criterios de Daubert hacen preguntas espec�ficas sobre la adm.pdf
 
1. Las normas propuestas para implementar una ley son a. No est� a.pdf
1. Las normas propuestas para implementar una ley son a. No est� a.pdf1. Las normas propuestas para implementar una ley son a. No est� a.pdf
1. Las normas propuestas para implementar una ley son a. No est� a.pdf
 
1. La secci�n de activos de un balance general clasificado incluye .pdf
1. La secci�n de activos de un balance general clasificado incluye .pdf1. La secci�n de activos de un balance general clasificado incluye .pdf
1. La secci�n de activos de un balance general clasificado incluye .pdf
 
1. Las manos de un pastelero inoculan seis c�lulas de Staphylococcus.pdf
1. Las manos de un pastelero inoculan seis c�lulas de Staphylococcus.pdf1. Las manos de un pastelero inoculan seis c�lulas de Staphylococcus.pdf
1. Las manos de un pastelero inoculan seis c�lulas de Staphylococcus.pdf
 
1. Las siguientes son las etapas principales del proceso de compra e.pdf
1. Las siguientes son las etapas principales del proceso de compra e.pdf1. Las siguientes son las etapas principales del proceso de compra e.pdf
1. Las siguientes son las etapas principales del proceso de compra e.pdf
 
1. La madre A es Rh, mientras que el padre A es Rh+. �Cu�les son tod.pdf
1. La madre A es Rh, mientras que el padre A es Rh+. �Cu�les son tod.pdf1. La madre A es Rh, mientras que el padre A es Rh+. �Cu�les son tod.pdf
1. La madre A es Rh, mientras que el padre A es Rh+. �Cu�les son tod.pdf
 
1. La gente en general lleva una sola identidad. b una o quiz�s .pdf
1. La gente en general lleva una sola identidad. b una o quiz�s .pdf1. La gente en general lleva una sola identidad. b una o quiz�s .pdf
1. La gente en general lleva una sola identidad. b una o quiz�s .pdf
 
1. La fuente de carbono para la respiraci�n es... A.el sol B.agu.pdf
1. La fuente de carbono para la respiraci�n es... A.el sol B.agu.pdf1. La fuente de carbono para la respiraci�n es... A.el sol B.agu.pdf
1. La fuente de carbono para la respiraci�n es... A.el sol B.agu.pdf
 
1. La delimitaci�n entre negocios convencionales, negocios sociales .pdf
1. La delimitaci�n entre negocios convencionales, negocios sociales .pdf1. La delimitaci�n entre negocios convencionales, negocios sociales .pdf
1. La delimitaci�n entre negocios convencionales, negocios sociales .pdf
 

Recently uploaded

Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
AnaAcapella
 
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
httgc7rh9c
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
EADTU
 

Recently uploaded (20)

Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdf
 
Tatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf artsTatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf arts
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learning
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
 
OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdfFICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
 
How to Manage Call for Tendor in Odoo 17
How to Manage Call for Tendor in Odoo 17How to Manage Call for Tendor in Odoo 17
How to Manage Call for Tendor in Odoo 17
 
Play hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of PlayPlay hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of Play
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
Economic Importance Of Fungi In Food Additives
Economic Importance Of Fungi In Food AdditivesEconomic Importance Of Fungi In Food Additives
Economic Importance Of Fungi In Food Additives
 
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
 

1. Task In this assignment you are asked to provide named.pdf

  • 1. 1. Task In this assignment you are asked to provide named ACLs for Cisco Packet Filter Firewalls. Each student must undertake their own assignment - any duplicate solutions will receive 0 marks. Please submit any questions/queries via email to Consider the following network outline: - Note: There is no need to build this network !!! - Note: Not all PCs/Servers are displayed! This network has the following components: - The Internet: any machine/network range not mentioned elsewhere. - Partner (class B network 136.201.0.0/16): a business partner with privileged access rights. - Evil Group (class C network 6.6.60.0/C): known to have malicious intent. - Your own corporate network (class B network 147.17.0.0/16), which has the subnets 147.17.1.0/24 Screened Subnet, 147.17.2.0/24 Workstation Network, 147.17.3/24 Server Network, and 147.17.4.0/24 Admin Network. The Border Router in the Corporate Network has the following interfaces: - FastEthernet 0/0: Connected to the ISP (Internet), IP address 10.10.10.10 - FastEthernet 1/0: Connected to the Screened Subnet, IP address 147.17.1.254 - FastEthernet 2/0: Connected to the Workstation Network, IP address 147.17.2.254 The Internal Router in the Corporate Network has the following interfaces: - FastEthernet 0/0: Connected to the Workstation Network, IP address 147.17.2.254 - FastEthernet 1/0: Connected to the Server Network, IP address 147.17.3.254 - FastEthernet 2/0: Connected to the Admin Network, IP address 147.17.4.254 The Screened Subnet contains the following servers: - DNS Server 147.17.1.50 - Mail Server 147.17.1.60 - Web Server 147.17.1.70 The Workstation Network contains the following machines: 2/6 - Internal PCs and Workstations 147.17.2.1-254 (even though 147.17.2.254/_ .ne interfaces of the routers, treat them as if they were PCS) The Internal Server Network contains the following servers: - Internal NTP Server 147.17.3.10 - MySQL Database Server 147.17.3.20 The Admin Network contains the following machines: - Admin PCs 147.17.4.1-127 - Syslog Server 147.17.4.128 Your task is to configure named ACLs in the two routers to implement the security policy outlined below (only IPv4 needs to be considered). Please note that some networking aspects that are usually required for the network to work might be missing - you can ignore these. In this section, IP addresses are combined with ports in format ipaddress:port, where port indicates TCP (T) or UDP (U) as well as port number. Ranges are indicated as follows: - Port in range x to y (both inclusive): Txy - Any port greater than x:T>x - Any port greater or equal to
  • 2. x:T>=x - Any port less than x:T1023 to 147.17.4.128:T514) and can contact the NTP server (147.17.x.x:U>1023 to 147.17.3.10:U123). - Business partner machines can connect to the Syslog Server via SSH (136.201.x.x:T>1023 to 147.17.4.128:T22), can send secure log message to the Syslog Server (136.201.x.x:T>1023 to 147.17.4.128:T514) and contact the NTP Server (136.201.x.x:U>1023 to 147.17.3.10:U123). - Any machine (inside or outside - unless other policy rules forbid it) can access DNS Server 147.17.1.50:T53 (any:T>1023 to 147.17.1.50:53), Mail Server 147.17.1.60:T25 (any:T25 to 147.17.1.60:T25) and Web server 147.17.1.70:T443 (any:T>1023 to 147.17.1.70:443) - make sure the clients cannot use any server port (1 to 1023 - attention: SMTP is server to server). - DNS Server can access any outside machine on TCP 53 (147.17.1.50:T>=1024 to any:T53). Only TCP requests are supported. - Mail Server 147.17.1.60 can contact any outside machine on SMTP (147.17.1.60:T25 to any:T25). - Web server can only initiate connections to the mySQL DataBase Server (147.17.1.70:T>=1024 to 147.17.3.20:T3360), NTP server (147.17.1.70:U>1023 to 147.17.3.10:U123) and Syslog Server (147.17.1.70:T>1023 to 147.17.4.128:T514). All other traffic originating in the web server must be return traffic to HTTPS requests. - NTP server can only be accessed by internal machines and business partner machines. - MySQL DataBase Server (147.17.3.20) can only be accessed by Web server (147.17.1.70), your own workstations (147.17.2.0/24) using SQL queries (machines:T>=1024 to 147.17.3.20:T3360). It can only react to requests (and send logs to the Syslog Server). - Internal PCs and Workstations in the Workstation Network can only access: - Any web server (internal or external) via HTTPS (147.17.2.x:T>=1024 to any:T443). - DNS Server 147.17.1.50 (147.17.2.x:T>1023 to 147.17.1.50:T53) - Mail Server 147.17.1.60 for IMAP and SMTP (147.17.2.x:T>1023 to 147.17.1.60:T220,T25) - Your own mySQL DataBase Server (147.17.2.x:T>=1024 to 147.17.3.20:T3360). - Internal NTP Server (147.17.2.x:U>=1024 to 147.17.3.10:U123) - Syslog Server (147.17.2.x:T>1023 to 147.17.4.128:T514). - Workstations & PCs must use client ports (>1023) for all communication. - Make sure that only traffic that is a response to a request from any of the workstations/internal PCs can reach machines in the Workstation Network (obviously some traffic must be permitted to reach Internal Router and machines in Server Network and Admin Network)! You must use reflexive ACLs for this purpose. The only exception to this rule is remote access by admin PCs. - Admin PCs (147.17.4.1-127) can remotely access any PC/Server in the Corporate Network via AnyDesk (147.17.4.1-127:T>=1024 to 147.17.x.x:T6568). - Admin PCs cannot communicate with any outside machine. - Syslog server cannot initiate communication to any machine outside the Admin Network. It can only receive Syslog messages and be contacted by business partner via SSH. - Make sure to configure your ACLs such that some form of routing protocol (RIP, EGP, BGP or any other you like) can reach
  • 3. your routers. - All other connections should be denied! 3. Deliverables Submit a single (!) text file - please use a .txt extension and make sure it is a plain text file and not a word processor format. Your file should contain: - Your name & student ID - A list of commands you used to configure your Routers (creating the ACLs and assigning them to interfaces - no need to include interface setup). Please precede each line with a unique line-number for identification purposes (see point below) as outlined in the sample at the end of this project description. Make sure that you use a single, continuous set of line numbers - no line number should be repeated in your entire document! - Please make sure to clearly indicate to which router the ACLs belong (Border Router or Internal Router). - For each question in section "5. Firewall Evaluation Questions" detail which firewall rule(s) will be used to process the discussed traffic: If a packet is passed through a firewall, name all firewall rules (identified by their unique line number) that pass the packet. Similarly, if a packet is dropped by a firewall, name the firewall rule that drops the packet (add a comment the explains the reason for dropping). If a packet is processed by two or more ACLS, make sure to include all rules that process the packet. For each passed packet, name the firewall rule(s) that would process the corresponding return traffic (if any response is expected). 4. Deadline and Marking Deadline for submission of your solution is 10:00h on Monday, 27th March. Where I have concerns about the originality of the submitted work, I reserve the right to conduct interviews (via MS Team or similar) with students, where marks will be adjusted correspondingly. This project contributes 20% to the overall module mark. 5. Firewall Evaluation Questions 1. Machine 166.60.6.6:T4077 sends a HTTPS request to public web server 147.17.1.70:T443. 2. Machine 166.60.6.6 uses spoofed source IP address 147.17.2.10:T12345 to send a HTTPS request to Public Web Server 147.17.1.70:T443. 3. Machine 166.60.6.6 uses spoofed source IP address 172.16.1.1:T9834 to send a DNS request to DNS Server 147.17.1.50:T53. 4. Machine 4.14.54.33:T2233 sends a HTTP request to Web Server 147.17.1.70:T80. 5. Machine 123.5.4.3:T4321 sends a HTTPS request to Web Server 147.17.1.70:T443. 6. Machine 136.201.200.1:T6789 establishes a TCP connection to Syslog Server 147.17.4.128:T514. 7. Machine 136.201.200.1:T1023 establishes a TCP connection to Syslog Server 147.17.4.128:T514. 8. Router 4.4.4.4 uses your chosen routing protocol with suitable ports (if applicable) to send routing information to border router 10.10 .10 .10 . 9. Web Server 147.17.1.70:T443 establishes a TCP connection to machine 211.4.3.2:T6789. 10. Web Server 147.17.1.20:T6789 establishes a TCP connection MySQL Database Server 147.17.3.20:T3360. 11. Web Server 147.17.1.20:T6789 establishes TCP connection to Syslog Server 147.17.4.128:T514. 12. Outside DNS Server 188.33.3.3:T10342 sends a DNS request to DNS Server 147.17.1.50:T53. 13. MySQL Database Server 147.17.3.20:T2233 sends a HTTPS request to Web Server 147.17.1.20:T443.
  • 4. 14. MySQL Database Server 147.17.3.20:T2233 establishes TCP connection to Syslog Server 147.17.4.128:T514. 15. PC 147.17.2.67:T1234 sends a HTTPS request to Web server 5.1.2.3:T443. 16. PC 147.17.2.201:T5555 establishes a connection to MySQL DataBase Server 147.17.3.20:T3360. 17. PC 147.17.2.123:T9237 contacts outside mail server 33.123.87.5:T25 on SMTP . 18. Machine 166.60.6.6 uses spoofed source IP address 20.1.1.1:T443 to send a HTTPS response to Internal PC 147.17.2.40:T9876 (without previous request). 19. Admin PC 147.17.50.10:T4408 establishes SSH session with DNS Server 147.17.1.50:T22. 20. Admin PC 147.17.50.60:8405 establishes AnyDesk Session with PC 147.17.2.121:T6568. 6. Sample List of Commands (10) ip access-list extended inACL (20) deny ip 1.0 .0 .00 .255 .255 .255 any (30) permit tcp 5.0 .0 .00 .255 .255 .255 gt 10231.0 .0 .00 .255 .255 .255 eq 22 (40) permit icmp 5.0.0.0 0.255 .255 .255 host 1.1 .7 .10 echo (50) permit icmp any 1.0 .0 .00 .255 .255 .255 echo- reply (60) permit tcp any gt 1023 host 1.1 .8 .1 eq www (70) permit tcp any eq www 1.0 .0 .00 .255 .255 .255 gt 1023 (80) deny ip any any (90) exit (100) int FastEthernet0/0 (110) ip access- group inACL in (120) exit (130) ip access-list extended outACL (140) permit ...