Describe the procedure of designing a firewall.

Describe the procedure of designing a firewall.
by

1 Answer

Answer :

Step 1: Retrieve the Iptables firewall:

Iptables is pre-installed on almost every Linux distribution. You can use this command to retrieve the package: sudo apt-get install iptables

Step 2: Discover what Iptables is already configured to do by default:

Run the iptable L command

Step 3: You can decide to modify the existing rules or instead start afresh:

To start afresh, run this command 

iptables-F

Step 4: Decide which firewall ports to close:

First block all lines of attack by running the following commands:

Block XMAS Packets: iptables -A INPUT -p tcp –tcp-flags ALL ALL -j

DROP

Block null packets: iptables -A INPUT -p tcp –tcp-flags ALL NONE -j

DROP

Block syn-flood packets: iptables -A INPUT -p tcp ! –syn -m state –state

NEW -j DROP

Step 5: Decide which firewall ports to leave open:

Here are some ports you could decide to leave open:

For outgoing connections:

80/tcp for HTTP

53/udp for DNS

443/tcp for HTTPS (secured HTTP)

21/tcp for FTP (File Transfer Protocol)

465/tcp for SMTP (send emails)

25/tcp for Insecure SMTP

22/tcp for SSH (secure connection from computer to computer)

993/tcp&udp for IMAP (receive emails)

143/tcp&udp for Insecure IMAP

9418/tcp for GIT (version control system)

For Incoming connections:

993/tcp&udp for IMAP (receive emails)

143/tcp&udp for Insecure IMAP

110/tcp for POP3 (old way to receive emails)

22/tcp for SSH (secure connection from computer to computer)

9418/tcp for GIT (version control system)

Step 6: Save your firewall configuration

Type the following command to save the settings you’ve configured and

restart your firewall:


image
by

Related questions

11) Designing research procedures that produce reliable marketing data means that: A)others using the same procedure will get almost identical data B)the procedure gives results that support the hypothesis C)the procedure gives results that contradict other research studies D)sampling must be done in a completely random manner

Description : 11) Designing research procedures that produce reliable marketing data means that: A)others using the same procedure will get almost identical data B)the procedure gives results that support the ... that contradict other research studies D)sampling must be done in a completely random manner

Last Answer : A)others using the same procedure will get almost identical data

Describe the function and operation of firewall with neat diagram.

Description : Describe the function and operation of firewall with neat diagram.

Last Answer : A firewall is a part of computer system or network that is designed to block unauthorized access while permitting authorized communications.  2. It is a device or set of devices configured to ... i. Packet filter ii. Proxy server iii. Circuit-level Gateway iv. Application Gateway

Software that prevents unauthorized persons from accessing certain parts of a program, database or network is: a) Firewall b) Scanner c) Anti - Virus d) None of These

Description : Software that prevents unauthorized persons from accessing certain parts of a program, database or network is: a) Firewall b) Scanner c) Anti - Virus d) None of These

Last Answer : a) Firewall

Which among the following is correct characteristics about proxy server: a) A proxy server may act as a firewall by responding to input packets in the manner of an application while blocking other packets. b) A proxy server is a gateway from one network to another for a specific network application c) It performs its tasks or functions as a proxy on behalf of the network user; d) All of the Above e) None of These

Description : Which among the following is correct characteristics about proxy server: a) A proxy server may act as a firewall by responding to input packets in the manner of an application while blocking other packets. b) A ... as a proxy on behalf of the network user; d) All of the Above e) None of These

Last Answer : d) All of the Above

The first paper published on firewall technology was in ____, when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls: a) 1988 b) 1999 c) 1992 d) None of These

Description : The first paper published on firewall technology was in ____, when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls: a) 1988 b) 1999 c) 1992 d) None of These

Last Answer : a) 1988

The first type of firewall was the packet filter which looks at: a) network addresses b) Ports of the packet and determines if that packet should be allowed or blocked c) Both of above d) None of These

Description : The first type of firewall was the packet filter which looks at: a) network addresses b) Ports of the packet and determines if that packet should be allowed or blocked c) Both of above d) None of These

Last Answer : c) Both of above

Which among the following is correct: a) Network firewalls are a software appliance running on general purpose hardware or hardware based firewall computer appliances that filter traffic between two or more networks. b) Host - based firewalls provide a layer of software on one host that controls network traffic in and out of that single machine c) Both of Above d) None of These

Description : Which among the following is correct: a) Network firewalls are a software appliance running on general purpose hardware or hardware based firewall computer appliances that filter traffic between two or more networks. b ... traffic in and out of that single machine c) Both of Above d) None of These

Last Answer : c) Both of Above

Which among the following is correct: a) A firewall is a system designed to prevent unauthorized access to or from a private network. b) Firewalls can be implemented in both hardware and software or a combination of both. c) Both of Above d) None of these

Description : Which among the following is correct: a) A firewall is a system designed to prevent unauthorized access to or from a private network. b) Firewalls can be implemented in both hardware and software or a combination of both. c) Both of Above d) None of these

Last Answer : c) Both of Above

A firewall is a network security system ______based that controls incoming and outgoing network traffic based on a set of rules: a) Hardware b) Software c) Both hardware or software d) None of These

Description : A firewall is a network security system ______based that controls incoming and outgoing network traffic based on a set of rules: a) Hardware b) Software c) Both hardware or software d) None of These

Last Answer : c) Both hardware or software

A firewall is a ______security system: a) Network b) File c) Program d) None of These

Description : A firewall is a ______security system: a) Network b) File c) Program d) None of These

Last Answer : a) Network

Your company receives internet access through a network or a gateway server. Which of the following devices is best suited to protect resources and subnet your LAN directly on the network server? 1) DSL modem 2) A multi-homed firewall 3) VLAN 4) A brouter that acts both as a bridge and a router

Description : Your company receives internet access through a network or a gateway server. Which of the following devices is best suited to protect resources and subnet your LAN directly on the network server? 1) DSL modem 2) A multi-homed firewall 3) VLAN 4) A brouter that acts both as a bridge and a router

Last Answer : 2) A multi-homed firewall

What are some of the benefits of using a firewall for your LAN? 1) Increased access to Instant Messaging 2) Stricter access control to critical resources 3) Greater security to your LAN 4) Both 2 and 3

Description : What are some of the benefits of using a firewall for your LAN? 1) Increased access to Instant Messaging 2) Stricter access control to critical resources 3) Greater security to your LAN 4) Both 2 and 3

Last Answer : 4) Both 2 and 3

A packet filtering firewall operates at which of the following OSI layer? 1) At the Application layer 2) At the Transport Layer 3) At the Network Layer 4) Both 2 and 3

Description : A packet filtering firewall operates at which of the following OSI layer? 1) At the Application layer 2) At the Transport Layer 3) At the Network Layer 4) Both 2 and 3

Last Answer : 4) Both 2 and 3

Which of the following systems run an application layer firewall using proxy software? 1) Proxy NAT 2) Proxy client 3) Client 32 4) Proxy server

Description : Which of the following systems run an application layer firewall using proxy software? 1) Proxy NAT 2) Proxy client 3) Client 32 4) Proxy server

Last Answer : 4) Proxy server

Which of the following use routes with packet filtering rules to allow or deny access based on source address, destination address, or port number? 1) Application layer Firewall 2) Packet Filtering Firewall 3) Router enhanced firewall 4) IP enabled firewall

Description : Which of the following use routes with packet filtering rules to allow or deny access based on source address, destination address, or port number? 1) Application layer Firewall 2) Packet Filtering Firewall 3) Router enhanced firewall 4) IP enabled firewall

Last Answer : 2) Packet Filtering Firewall

Which of the following will help you to improve your LAN security? 1) Change your passwords frequently 2) Install a firewall program 3) Use a proxy 4) All of the above

Description : Which of the following will help you to improve your LAN security? 1) Change your passwords frequently 2) Install a firewall program 3) Use a proxy 4) All of the above

Last Answer : 3) Use a proxy

There are several primary categories of procedures. Which of the following is not a primary category of procedures? 1) Testing 2) Backup and recovery 3) Firewall development 4) Design

Description : There are several primary categories of procedures. Which of the following is not a primary category of procedures? 1) Testing 2) Backup and recovery 3) Firewall development 4) Design

Last Answer : 3) Firewall development

Your company receives internet access through a network or a gateway server. Which of the following devices is best suited to protect resources and subnet your LAN directly on the network server? 1 DSL modem 2 A multi-homed firewall 3 VLAN 4 A brouter that acts both as a bridge and a router

Description : Your company receives internet access through a network or a gateway server. Which of the following devices is best suited to protect resources and subnet your LAN directly on the network server? 1 DSL modem 2 A multi-homed firewall 3 VLAN 4 A brouter that acts both as a bridge and a router

Last Answer : 2 A multi-homed firewall

What are some of the benefits of using a firewall for your LAN? 1 Increased access to Instant Messaging 2 Stricter access control to critical resources 3 Greater security to your LAN 4 Both 2 and 3

Description : What are some of the benefits of using a firewall for your LAN? 1 Increased access to Instant Messaging 2 Stricter access control to critical resources 3 Greater security to your LAN 4 Both 2 and 3

Last Answer : 4 Both 2 and 3

A packet filtering firewall operates at which of the following OSI layer? 1 At the Application layer 2 At the Transport Layer 3 At the Network Layer 4 Both 2 and 3

Description : A packet filtering firewall operates at which of the following OSI layer? 1 At the Application layer 2 At the Transport Layer 3 At the Network Layer 4 Both 2 and 3

Last Answer : 4 Both 2 and 3

Which of the following systems run an application layer firewall using proxy software? 1 Proxy NAT 2 Proxy client 3 Client 32 4 Proxy server

Description : Which of the following systems run an application layer firewall using proxy software? 1 Proxy NAT 2 Proxy client 3 Client 32 4 Proxy server

Last Answer : 4 Proxy server

Which of the following use routes with packet filtering rules to allow or deny access based on source address, destination address, or port number? 1 Application layer Firewall 2 Packet Filtering Firewall 3 Router enhanced firewall 4 IP enabled firewall

Description : Which of the following use routes with packet filtering rules to allow or deny access based on source address, destination address, or port number? 1 Application layer Firewall 2 Packet Filtering Firewall 3 Router enhanced firewall 4 IP enabled firewall

Last Answer : 2 Packet Filtering Firewall

Which of the following will help you to improve your LAN security? 1 Change your passwords frequently 2 Install a firewall program 3 Use a proxy 4 All of the above

Description : Which of the following will help you to improve your LAN security? 1 Change your passwords frequently 2 Install a firewall program 3 Use a proxy 4 All of the above

Last Answer : 3 Use a proxy

There are several primary categories of procedures. Which of the following is not a primary category of procedures? 1 Testing 2 Backup and recovery 3 Firewall development 4 Design

Description : There are several primary categories of procedures. Which of the following is not a primary category of procedures? 1 Testing 2 Backup and recovery 3 Firewall development 4 Design

Last Answer : 3 Firewall development

Which of the following is / are the types of firewall? A) Packet Filtering Firewall B) Dual Homed Gateway Firewall C) Screen Host Firewall D) All of the above

Description : Which of the following is / are the types of firewall? A) Packet Filtering Firewall B) Dual Homed Gateway Firewall C) Screen Host Firewall D) All of the above

Last Answer : D) All of the above

A firewall is installed at the point where the secure internal network and untrusted external network meet which is also known as ……………… A) Chock point B) meeting point C) firewall point D) secure point

Description : A firewall is installed at the point where the secure internal network and untrusted external network meet which is also known as ……………… A) Chock point B) meeting point C) firewall point D) secure point

Last Answer : A) Chock point

Which of the following tool is used for security checks as port scanning and firewall testing? A. Netcat B. Nmap C. Data communication D. Netscan

Description : Which of the following tool is used for security checks as port scanning and firewall testing? A. Netcat B. Nmap C. Data communication D. Netscan

Last Answer : A. Netcat

A _____ is a computer, appliance, or router that sits between the trusted and untrusted systems. (1) bridge (2) switch (3) firewall (4) hub

Description : A _____ is a computer, appliance, or router that sits between the trusted and untrusted systems. (1) bridge (2) switch (3) firewall (4) hub

Last Answer : firewall

C) MyGov Explanation: The cabinet on June 1, 2016, gave its nod to setting up of the IPPB under the Department of Posts. The Department of Post wants to connect with and involve the people of India in designing the DNA of the India Post Payments Bank. So it launched this contest. The contest is open to all Indian citizens, institutions, agencies and entities for a period of one month, until July 9, 2016.

Description : C) MyGov Explanation: The cabinet on June 1, 2016, gave its nod to setting up of the IPPB under the Department of Posts. The Department of Post wants to connect with and involve the people of ... all Indian citizens, institutions, agencies and entities for a period of one month, until July 9, 2016.

Last Answer : To provide loans to Indo-Spanish joint ventures and local enterprises in India, State Bank of India (SBI) has signed a memorandum of agreement with Spain‟s which bank to enhance business synergies? A) Caja Madrid B) CaixaBank C) Liberbank D) Gallego bank E) None of these

A Supercomputer would be used for which one of the following applications ? (1) Business Computing (2) Desktop Publishing (3) Weather Forecasting (4) Computer Aided Designing

Description : A Supercomputer would be used for which one of the following applications ? (1) Business Computing (2) Desktop Publishing (3) Weather Forecasting (4) Computer Aided Designing

Last Answer : Weather Forecasting

If my DDWRT SPI firewall is enabled on the router, do I need to also engage the Windows (or another) firewall?

Description : If my DDWRT SPI firewall is enabled on the router, do I need to also engage the Windows (or another) firewall?

Last Answer : Here’s good article on this topic why you need separate firewall on how to geek

A question for Computer Scientists: How feasible is an "offensive firewall"?

Description : A question for Computer Scientists: How feasible is an "offensive firewall"?

Last Answer : answer:Very feasible, you can fire off just about anything you want with existing firewalls and software for whatever conditions you want to look for. But it has the same risk/reward as any attack. You don’t get a pass for attacking a government network because they probed your network first.

Could someone give me a step by step guide for using my windows firewall (or something that will do the job) to block certain programs from transferring and receiving data across the web?

Description : Could someone give me a step by step guide for using my windows firewall (or something that will do the job) to block certain programs from transferring and receiving data across the web?

Last Answer : Download and install comodo internet security After installation, open it, go to the “firewall” tab, click “define new blocked application”, select -> browse, then select the executable file you want to block, -> click “apply” -> done

What is the "core networking" in my firewall exceptions list, and should it be checkmarked?

Description : What is the "core networking" in my firewall exceptions list, and should it be checkmarked?

Last Answer : Each Windows Firewall exception is involved with some bit of functionality that you will lose if they are turned off. Basic TCP/IP traffic such as DHCP, DNS, ICMP, Group Policy, and so on are supported ... rule group are disabled, your machine can't talk on the network. Make sure that it's enabled.

Should I put my Xbox in the DMZ, or entirely behind the firewall, or does it make no difference at all?

Description : Should I put my Xbox in the DMZ, or entirely behind the firewall, or does it make no difference at all?

Last Answer : I DMZ my Xbox to connect to my friends, although from what I hear, it’s not exactly a good thing to do. It’s the only solution that I’m smart enough to figure out. I tried port forwarding but had no idea what I was doing. Then again, I’m not a network guru or anything…

Why isn't my linux firewall opening ports?

Description : Why isn't my linux firewall opening ports?

Last Answer : I’m not sure what Linux distribution you’re using and I don’t have that much experience with firewalls, and especially not with command line firewalls, but Ubuntu includes “ufw” which supposedly is a far easier front-end to iptables which you might find easier too.

Windows XP firewall won't turn on?

Description : Windows XP firewall won't turn on?

Last Answer : Bazooooooooooooooooooooooooooooooooooooooooooooooka to M$ should help with things .

Help with Webroot Desktop Firewall?

Description : Help with Webroot Desktop Firewall?

Last Answer : I reached my question asking max, but I have a URGENT question: I have the TRIAL for webroot anti-virus, and its telling my I cant quarantine my items because its a trial. I HAVE 2 VIRUSES, ... I'll proabably buy the program tommorow, but I cannot leave the viruses on my computer until then! HELP!

Experienced PC security enthusiasts: What AV/Firewall/Spyware combo have you found to offer the best protection?

Description : Experienced PC security enthusiasts: What AV/Firewall/Spyware combo have you found to offer the best protection?

Last Answer : I use PCTools Firewall and AntiVirus, as well as ThreatFire and Ad-Aware. So far so good. I’ve been through dozens of FW and AV programs, and I could easily tell you which ones DON’T work. Anything made/sold/offered by Symantec

What is the best anti-virus/anti-spyware/anti-hacking & firewall program (free or not free) out there for APPLE MAC?

Description : What is the best anti-virus/anti-spyware/anti-hacking & firewall program (free or not free) out there for APPLE MAC?

Last Answer : OSX. There are still 0 confirmed viruses for Macs running OSX. There are a couple Trojans, apparently, but you’d have to go looking for them to find them – and be pretty stupid to actually get infected by them. So, I wouldn’t consider it a problem worth worrying about on a Mac. Enjoy!

Firewall: (a) Amplifies weak outgoing signals to stronger ones -Technology

Description : Firewall: (a) Amplifies weak outgoing signals to stronger ones -Technology

Last Answer : (d) A firewall can either be software based or hardware based and is used to prevent intruders from accessing your system.

What is a firewall? -Technology

Description : What is a firewall? -Technology

Last Answer : A firewall is a program or hardware device that filters the information coming through an internet connection to a network or computer system. If incoming information does not pass the rules stored in the firewall, it is not allowed through.

What is a firewall? -Technology

Description : What is a firewall? -Technology

Last Answer : A firewall is a program or hardware device that filters the information coming through an internet connection to a network or computer system. If incoming information does not pass the rules stored in the firewall, it is not allowed through.

What is Firewall ?

Description : What is Firewall ?

Last Answer : Every computer or network has its own security system. No one can break through this wall. This invisible wall of security is called fire wall.

Where can I block outbound traffic to different IP addresses in Kaspersky Total Security Firewall?

Description : I found this in the Package Rules menu:

Last Answer : answer:

Is Windows Firewall enough as an antivirus program?

Description : Or is it good to install another one? I'm sorry, but it's my first computer, so I'm asking.

Last Answer : FireWall is not an antivirus. Download and install a real antivirus - I use Avast! free version (http://www.avast.com/cs-cz/download-thank-you.php?product=FAV-ONLINE&locale=cs-cz), but you will definitely get recommendations for others ...: o

What does Firewall do in PC?

Description : Is it important to have it turned on?

Last Answer : Yes, the Firewall should be turned on, its task is to protect the internal network from attacks from nearby networks.

Which is the best real time firewall plugin for wordpress file uploads?

Description : Which is the best real time firewall plugin for wordpress file uploads?

Last Answer : Sucuri Security – Auditing, Malware Scanner and Security Hardening. iThemes Security. Wordfence Security. WP fail2ban. All In One WP Security & Firewall. Jetpack. SecuPress. BulletProof Security.

What is value of using access control database transaction and firewall log files?

Description : What is value of using access control database transaction and firewall log files?

Last Answer : Need answer

Should i turn on my home computer firewall?

Description : Should i turn on my home computer firewall?

Last Answer : You should always have a firewall program running. Anti-virusprograms can only do so much !