Laboratory #6 Firewall Installation
Goal: The purpose is to make the student able to configure an Enterprise Firewall based on the previously developed Enterprise Security Policy.
Nature: Hands-on
Duration: 2 Weeks.
Deliverables: 5-10 double spaced page
Your firewall laboratory exercise should use:
(1)Linux-based server { Debian Distribution] to install GuardDog firewall. Note: Already installed on one server [server3 by Ray Cunningham and Mark Heady]. For other groups, install on server2 and server 4. Get GuardDog from:
- Download the user’s manual and carefully read it.
- After reading the manual start to configure the firewall on your server[ follow the guide]
- Set the DMZ [ Wait until we decide where to put it]
- Test your firewall. Do a penetration testing.
- Go to Gibson Research at: and head to “Shields Up” area to test your firewalls and probe your ports.
- Use Nessus’s port scanning
- Use nmap port scanning
- Any other port scanner.
- Put the client for your server in a trusted zone. Show ( screen capture) all computers in the safe zone.
- Print a portion of the firewall logs.
(2)For the Windows-based server use the ZoneAlarms firewall. Since there is only one Windows-based machine, you need to use this in turns. The first group will download the firewall. Do this by accessing ZoneAlarms at:
- Carefully read the tips and online manual.
- After reading the manual start to configure the firewall on your server[ follow the guide]
- Set the DMZ [ Wait until we decide where to put it]
- Test your firewall. Do a penetration testing.
- Go to Gibson Research at: and head to “Shields Up” area to test your firewalls and probe your ports. As you run “Shields Up” take note of the activities of the firewall on the right side of your screen.
- Use Nessus’s port scanning
- Use nmap port scanning
- Any other port scanner.
- Put the client for your server in a trusted zone. Show ( screen capture) all computers in the safe zone.
- Print a portion of the firewall logs.
(3) Windows XP Firewall- Go in Network Connections - then Local Area Connections - Properties - Advanced Windows Firewall.
Read more on this firewall in the “ Network Connection Firewall”.
Additional Questions:
(1) Explain the purpose of these fields:
- TCP protocol
- Direction
- Local host: address, port type, and port numbers
- Remote host: address, port type, and port numbers
(2)Which port numbers will deny the following applications and which protocols will be denied?
- Remote job entry
- MPM FLAGS protocol
- Host name server
- HTTP
- XNS Mail
- Finger
- SNA Gateway Access
- Sun Remote Call
- ISO-IPO
- SambaMS
(3)Create a rule that will deny information from one of the clients ( Choose one). Capture the image( of the rule) and print it.
(4)Block one request and then check the log
(5)Print the log file
(6)Explain (giving reasons) what you see in the log file.
In addition to those logs, also as a scientist, in a three- page report document your activities and observations.