网络安全代写 | CE324-6-SP Undergraduate Examinations 2020
A small company, ACME, has a network as shown in Figure 1 with IP addresses as indicated.
The packet ﬁltering ﬁrewall, FW, is also an Internet access gateway. Collab, is an external
partner to ACME and they both share component design ﬁles on the sever NAS but share no
other data. NAS also hosts a database that stores credit card information of ACME’s customers.
Web is the company web site using HTTP for ACME’s general Internet presence and also to
process online sales made by credit card.
ACME requires the following border control policy:
Web should serve HTTP trafﬁc to the Internet (HTTP uses port 80)
Desktops should be able to access TCP servers in the Internet except Telnet servers in the
Internet (Telnet uses port 23)
Collab should be able to access NAS on TCP port 445
spoofed IP addresses from the Internet should be blocked
any other trafﬁc must be blocked.
(a) Design the ﬁrewall rules in FW that meet the speciﬁcations above. The ﬁrewall FW is a [18%]
stateless packet ﬁlter. Your answer does not need to be in the format of any particular
ﬁrewall system, but should describe the required ﬁrewall rule parameters and indicate the
order of the rules. Every ﬁrewall rule must have a description that explains the ﬁelds.
(b) The network architecture described above is very poor from a security perspective. Design
a better architecture and explain why it improves the security. Your design should introduce
as little new equipment as possible, as would suit a small company,
A company ﬁnds that their only Internet connection is overwhelmed by domain name system
(DNS) replies so that their main web presence is unable to provide the essential on-line sales
service for the company. They analyse the DNS replies that are being sent to them and see that
they result from what is called a DNS ampliﬁcation attack; they are certain that the DNS replies
are not generated from DNS requests coming from the company.
Explain what is meant by a DNS ampliﬁcation attack and propose a solution for the company [15%]
that will allow them to maintain a reliable web presence even if the attack continues. Explain
how your solution operates.