StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Computer Networking Security - Assignment Example

Cite this document
Summary
The vulnerabilities created by the IP table rules above are that; an intruder can access the company resources through connection from the Internet to the router host machine ( links the Intranet to the subnet server) that is connected to the Internet or through the VPN. The…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.3% of users find it useful
Computer Networking Security
Read Text Preview

Extract of sample "Computer Networking Security"

Computer Networking Security Part I. Firewall Rules Network Firewall rules #!/bin/sh # flushing all the existing filter table rules/sbin/iptables -t filter -F INPUT/sbin/ipchains -F# no traffic to server subnet 140.192.39.0/24 on TCP and UDP/sbin/iptables -A INPUT -p tcp -m multiport --dports 9000,4001:6999 -d 140.192.39.0/24 -j DROPiptables -A INPUT -p tcp -m multiport –dports 1025:4000,7000:9000 -s 140.192.39.0/24 -j ACCEPT#no traffic for port 9000, 40001:6999 but allow below 4000 and between 7000:9000 from 140.192.39.

0/24/sbiniptables -A INPUT -p udp -m multiport --destinatio-ports 9000,4001:6999 -d 140.192.39.0/24 -j DROP/sbiniptables -A INPUT -p udp -m multiport --dports 1025:4000,7000:9000 -s 140.192.39.0/24 -j ACCEPT#allowing inbound Internet traffic to VPN on port 1723 (set VPN host IP address 140.192.39.5 )iptables -A INPUT -p tcp –dport 1723 -d 140.192.39.5 -j ACCEPTiptables -A INPUT -p udp –dport 1723 -d 140.192.39.5 -j ACCEPT#blocking VPN traffic from E, M, S on subnet serveriptables -A INPUT -p tcp -s 168.192.2.

0/24 –dport 1723 -d 140.192.39.0/24 -j DROP/sbin/iptables -A INPUT -p tcp -s 168.192.3.0/24 --dport -d 1723 -d 140.192.39.0/24 -j DROP/sbin/iptables -A INPUT -p tcp -s 168.192.4.0/22 –dport -d 140.192.39.0/24 -j DROP#no traffic from M and S to application server on port range 3000 to 4000M - iptables -A INPUT -p tcp -s 168.192.3.0/24 -m multiport --dport 3000:4000 -d 140.192.39.0/24 -j DROPS - iptables -A INPUT -p tcp -s 168.192.4.0/22 -m multiport --destination-port 3000:4000 -d 140.192.39.

0/24 -j DROP#all traffic to port range 3000:4000 on application server must come from Eiptables -A INPUT -p tcp -s 168.192.2.0/24 -m multiport --dport 3000:4000 -d 140.192.39.0/24 -j ACCEPT#accept traffic to application server running SQL server (set SQL application server host IP address as 140.192.39.10 ) on tcp port 1433/sbin/iptables -A INPUT -p tcp –dport 1433 -d 140.192.39.10 -j ACCEPT#deny general service traffic to application serversiptables -A INPUT -p tcp -m multiport –dport 1:1024 -d 140.192.39.

0/24 -j DENY#permit traffic to application server on ports above 1024 except between 3000 to 4000iptables -A INPUT -p tcp -m multiport –dport 1025:2999 -d 140.192.39.0/24 -j ACCEPTiptables -A INPUT -p udp -m multiport –dport 1025:2999 -d 140.192.39.0/24 -j ACCEPTiptables -A INPUT -p tcp -m multiport –dport 4001:65535 -d 140.192.39.0/24 -j ACCEPTiptables -A INPUT -p udp -m multiport –dport 4001:65535 -d 140.192.39.0/24 -j ACCEPTApplication server Firewalls Rules#SQL server rules (set SQL application server host IP address as 140.192.39.10 )iptables -A INPUT -p tcp –dport 1433 -d 140.192.39.

10 -j ACCEPTiptables -A INPUT -p tcp –sport 1433 -s 140.192.39.10 -j ACCEPT#Application server 1 in server subnet (set IP address 140.192.39.11 )/sbiniptables -A INPUT -p tcp –m multiport --dport 1:1024 -d 140.192.39.11 -j DENYsbin/iiptables -A INPUT -p tcp –m multiport --dport 1025:2999,4001:65535 -d 140.192.39.11 -j ACCEPT#Application server 2 in server subnet (set IP address 140.192.39.12 )iptables -A INPUT -p tcp –m multiport --dport 1:1024 -d 140.192.39.12 -j DENYiptables -A INPUT -p tcp -s 168.192.2.

0/24 –m multiport --dport 3000:4000 -d 140.192.39.12 -j ACCEPTsbin/iiptables -A INPUT -p tcp –m multiport --dport 1025:2999,4001:65535 -d 140.192.39.12 -j ACCEPTiptables -A INPUT -p tcp -s 140.192.39.12 –m multiport --dport 1:4000,7000-9000 -d 168.192.4.0/22 -j ACCEPT#Application server 3 in server subnet (set IP address 140.192.39.13 )iptables -A INPUT -p tcp -s 140.192.39.13 –m multiport --dport 1:4000,7000-9000 -d 168.192.3.0/24 -j ACCEPTiptables -A INPUT -p tcp -s 168.192.3.0/24 –m multiport --dport 3000:4000 -d 140.192.39.

13 -j DENYiptables -A INPUT -p tcp -s 168.192.4.0/22 –m multiport --dport 3000:4000 -d 140.192.39.13 -j DENY#log all VPN traffic on each server/sbin/iptables -A OUTPUT -m limit --limit 12/hour -j LOG --log-level 4 --log-prefix VPN traffic log Part II. Firewall Problems The vulnerabilities created by the IP table rules above are that; an intruder can access the company resources through connection from the Internet to the router host machine ( links the Intranet to the subnet server) that is connected to the Internet or through the VPN.

The VPN created does not limit devices connected to it access other application servers over the Internet. An executive cannot log into the application servers in the company from a home network because he will need Internet for the connection to be complete. It means that he has to use the VPN created in order to access the company resources. VPN only uses TCP port 1723 while the executive Intranet cannot access the application servers through this port. The connection will, therefore, be blocked as it will be malicious.

The assistant administrator cannot log into the application server through ssh since it requires him to use port 22 which is a port below 1024. All ports below the range of 1024 have been restricted for general purpose use. Part III. Firewall Specifications Redesign The vulnerabilities created can be solved by giving specific port addresses access to the application servers instead of allowing a certain range. Some Internet traffic to the VPN should be limited instead of allowing all inbound traffic to be accepted.

The executive can be given access to the application servers he uses from his home network by implementing a rule that allows subnet E traffic to be sent through VPN port 1723. Assistant network administrator can be given access rights to the application server through providing specific access rules for him by specifying his mac address as an exception and opening some general purpose ports for him. Additional IP table rules can include rules that restrict the number of parallel connections from one IP client.

The network administrator should also implement an IP table rule that only opens a particular range of IP addresses in regards to IP addresses of the several subnets created. The administrator can also provide a strong way of authenticating users to the company network or the VPN and strong encryption methods of for the VPN.Reference ListEric Seargren, (2011). Secure Your Network for Free. Elsevier. New York.

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Computer Networking Security Assignment Example | Topics and Well Written Essays - 500 words”, n.d.)
Computer Networking Security Assignment Example | Topics and Well Written Essays - 500 words. Retrieved from https://studentshare.org/information-technology/1689171-computer-networking-security
(Computer Networking Security Assignment Example | Topics and Well Written Essays - 500 Words)
Computer Networking Security Assignment Example | Topics and Well Written Essays - 500 Words. https://studentshare.org/information-technology/1689171-computer-networking-security.
“Computer Networking Security Assignment Example | Topics and Well Written Essays - 500 Words”, n.d. https://studentshare.org/information-technology/1689171-computer-networking-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Computer Networking Security

The Advantages of Wireless Networking

1 networking, from the protocols that control the wireless network concept.... hellip; The history of wireless networking discovery takes us back to 1888 when Heinrich Herz discovered the first radio wave.... A desktop computer usually has an internal card, and may or may not have antennas....
4 Pages (1000 words) Research Paper

Developing Computer Networking

computer networking has been developed over the years and this has brought many advantages in the today's business society.... hellip; computer networking has been developed over the years and this has brought many advantages in the today's business society.... Computer security.... Proposed client-tier architecture The application architecture that I better and promises better security is that of 3-tier architecture.... With computer networks, it is possible to share resources and information....
4 Pages (1000 words) Essay

Networking

computer networking School Name Introduction Big companies need to have a network that connects the entire company with its workers and the surrounding environment in which it exist.... computer networking School Introduction Big companies need to have a network that connects the entire company with its workers and the surrounding environment in which it exist.... Under this type of configuration, as a result of the VPN client connection, is creation of a new route and thus enhance more data security....
3 Pages (750 words) Research Paper

Computer Information Systems

ontent security is not at very optimum in Wireless Connecting Wi-Fi Networks.... Password protection does not ensure security in Wireless Networks.... WEP (Wired Equivalent Privacy) is the common encryption standard that is in use to ensure security across Wi-Fi Networks.... ONNECTIVITYThe devices that could thus get connected to a home LAN are as follows:Personal Computers/ LaptopsPrinter or other peripheral devicesDigital Video RecordersVideo Game ConsolesThe devices that could get connected to a wireless networking set up within a home are:Smartphones,Tablet PCs,Wireless enabled Personal Computers and Laptops, Wireless enabled video gaming consoles etc....
2 Pages (500 words) Essay

Security Features for Helping Secure a Computer Network

The process of developing such a network must therefore incorporate various security features that will help secure and maintain the integrity of both the data and the various… The essay below therefor investigates various security features that help secure a computer network.... The discussion further analyses the importance of backup as an operation security strategy that helps avail the data stored in the database in case of an external damage....
5 Pages (1250 words) Research Paper

Peer review Threats to Data Security (Virtual Lab

The staff is advised to identify strange individuals and report them to the security. Computer systems especially the servers, routers, switches and patch panels Peer review: Threats to Data security as presented by Amy Insert Insert One of my mates posts centered on physical security in an organization.... The staff is advised to identify strange individuals and report them to the security.... When such individuals gain access, they may alter network and system settings that may weaken the security system of the organization....
1 Pages (250 words) Research Paper

Computer Networking For a Small Business

The paper "computer networking For a Small Business" discusses that for a growing business, it is necessary to have a website and this would advertise the products and services offered by the business.... any businesses these days are turning to wireless networking because of a number of reasons.... etting up the network should be easy Microsoft Windows systems which are widely used have networking capabilities in them.... This makes it easier should you choose to do it yourself but networking personnel is recommended....
5 Pages (1250 words) Assignment

Website and Computer Network for the Family Hotel

There are many benefits of computer networking: The following are the benefits of computer networking.... computer networking enables those computers in the network to share resources such as printers, files, games and other resources.... On the other side, computer network are faced with a major challenge of data security.... A primary research from electronics shops was done to determine the cost of hardware and software to be used in setting of the hotel computer network and website....
11 Pages (2750 words) Article
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us