Kyle Peterson

ITS-370

Chapter Six

10/20/17

 

Exercises

1.      Software Firewalls, What and what we know.

Some of the top firewalls include:

·         Zonealarm Firewall

·         Tinywall

·         Anti NetCut3

·         Comodo

·         Peerblock

·         Little Snitch

·         Private Eye

All of these products have sort of network screening to make sure malicious information doesn’t come in. In firewalls such as Comodo, this firewall blocks applications based off of threat levels in applications, rather than online blacklist databases. Many of these applications are free, however I would personally never recommend a “free” firewall.

 

2.      Timbuktu Port forwarding internally and externally

To quote a great FAQ page: “Timbuktu uses TCP Contact Port 407 by default for all of its services (control, observe, chat, etc). However, this port number can be changed. If the port were to be changed to 1025 (for example), then all services would now use port 1025. Changing the port can be useful in cases where two or more Timbuktu hosts on the same network need to be accessed.

Windows versions 8.x and later (SSH Connection). Timbuktu uses port 22 for it's secure (SSH) connections. This port number cannot be changed. Timbuktu has the ability to accept standard and SSH connections simultaneously. If the Timbuktu host is connected to a NAT gateway, then the standard connection port (407, by default) and port 22 will need to be forwarded in the NAT gateway to allow standard and SSH connections simultaneously “.

Windows versions older than 8.x

Timbuktu Pro UDP Ports

Connection (handshaking) - UDP Port 407

Service ports:

·         Control - TCP Port 1417

·         Observe - TCP Port 1418

·         Send Files - TCP Port 1419

·         Exchange Files - TCP Port 1420

·         Chat- Dynamic TCP Port

·         Notify- Dynamic TCP Port

·         Intercom- Dynamic TCP and UDP Ports

·         Ask for Permission- Dynamic TCP and UDP Ports

3.      Implementation of a server farm with a DMZ firewall

In the grand scheme of things, this would not be a good networking method. Cheaper? Yes. But as for network speeds and benchmarks without taking costs into account a centralized router would be a better solution. Of course this method is significantly more expensive than a small business approach, however in terms of a server farm it would be vitally important. In this method, different departments would have different access. Depending on network vulnerabilities, in a centralized router approach if a section of computers were to be comprised, all of the other sections of the network shouldn’t be compromised, this would also make cleaning up the mess much easier come catastrophe time. This method is called the “zoned” method. Basically taking a Perimeter styled network/firewall and giving it much more control.

4.      Secure Remote Access Applications

Want secure remote access? Think no further than a VPN (Virtual Private Network), which are Private and secure network connections between systems; which uses data communication capability of unsecured and public network.

Some of the applications available include:

·         Cisco

·         Barracuda

·         Opera

·         NCP

5.      Internet Explore Applications and Settings, how can they be configured?

Internet Explorer has a number of options, considering how dated and unpopular the application is. It has a number of internet settings available which consiosts of, General, Security, Privacy, Content, Connections, Programs, and an advanced tab.

Many of these tabs allow a user to customize their browsing experience. From turning on a pop-up blocker, to disabling toolbars when In Private browsing starts. To even blocking websites when they request your physical address. Of course Internet explorer also has settings for setting default homepages and other internet options. However it lacks VPN technology like other browsers such as Opera have.