You are tasked with installing a network firewall for your company. Being familiar with the principle of
fail-safe defaults, you have configured the firewall to DENY all packets by default.
Now you need to identify the minimal access rules that will allow your organization to use its Internet
connection. For example, your organization will need to be able to send and receive email through the
firewall and use a central mail server at IP address 10.1.100.100. You have added rules to the firewall
that look like this:
SRC ADDR DEST ADDR SRC PORT DST PORT PROTOCOL ACTION
10.1.100.100 * * 25 (SMTP) TCP ALLOW
* 10.1.100.100 * 25 (SMTP) TCP ALLOW
The organization has determined that it will also require the following kinds of Internet access:
UNIVERSITY of GUYANA
Department of Computer Science/Faculty of Natural Sciences
• Incoming SSH access to a VPN server, at 10.1.100.200
• Access to the web, through a proxy that whitelists approved sites. The proxy’s address is
10.1.200.200.
• Outgoing SSH access to three client sites: 0.1.2.3, 42.42.42.42, and 3.14.15.9.
a) List the minimal set of firewall rules necessary to allow these connections.
b) List one potential vulnerability associated with this ruleset.
c) Can the firewall and proxy servers defend against the vulnerability listed in b)?