CIS 3351

Firewall Lab

Firewall Lab

1. Describe in brief purpose of a firewall. What are potential weaknesses of firewall security?
A firewall is a software or hardware appliance that is used as a line of defense between your
computer and the external threats from the internet. Firewall technologies have evolved to meet
the security requirements of the IT infrastructure. In a computer network, a firewall solution is
usually implemented at the gateway computer to block the threats like intruders, hackers, viruses
and unauthorized access. There are different types of the firewall techniques and the
implementation methods and the most commonly used techniques are packet filtering, proxy
server, application gateway and the circuit-level gateway. Firewalls are important in preventing
intrusion into a companys network, but they also have downsides. Most notably, firewalls can
diminish the performance of a network. Data packets entering and leaving the network have to
pass through the firewall for screening; the process ultimately affects network speed. Furthermore,
software firewalls impose additional strain on the computing resources of the network or
individual computers.
2. Write a short description on NMap.
NMap stand for Network mapper, nmap is a veritable tool to perform network scans. It can be
used for security scans, identify what services a host is running, to get information about operating
system and applications on a host, the type of firewall a host is using.
3. Compare and Contrast stateful and stateless packet filtering.
Stateless firwalls watch network traffic, and restrict or block packets based on source and
destination addresses or other static values. They are not aware of traffic patterns or data flows. A
stateless firewall uses simple rule-sets that do not account for the possibility that a packet might be

CIS 3351
Firewall Lab

received by the firewall pretending to be something. On the other hand, stateful firewalls can
watch traffic streams from end to end. They are aware of communication paths.
4. Explain the difference between a filtered and a closed port?
A closed port is accessible and it receives and responds to Nmap scan, but there is not application
listening on it. They show that a host is up on an IP address. This is because closed ports are
reachable. Filtered ports cant be determining whether the port is open because packet filtering
prevents its analyses from reaching the port. Filtering could be from a dedicated firewall device,
router rules, or host-based firewall software. These ports provide so little information. Sometimes
they respond with ICMP error messages such a type 3 code 13 destination unreachable:
communication administratively prohibited, but most of the time filters ports would not respond.
5. Compare and contrast IPTables and ufw in Linux?
Iptables is a rule based firewall system in linux operating system which controls the incoming and
outgoing packets. By default, the Iptables is running without any rules, but can create, add, edit
rules into it. UFW provides a user-friendly framework for managing Iptables and a command-line
interface for working with the firewall. GUI for Uncomplicated firewall (Gufw) is intended to be
an easy to manage a firewall. It supports common tasks such as allowing/blocking pre-configured
common P2P, or individual ports.
Work Cited.
http://infogetcomputer.blogspot.com/2013/03/short-description-on-firewall.html
https://www.linux.com/learn/introduction-uncomplicated-firewall-ufw
http://www.inetdaemon.com/tutorials/information_security/devices/firewalls/stateful_vs_stateless_firewal
ls.shtml
https://www.reference.com/technology/disadvantages-firewall-c1e573eb617a13c5#

CIS 3351
Firewall Lab