Lab Overview:  The goal of this tutorial is to allow you to exploit an active attack on the network and implement a  simple firewall rule set that will prevent this kind of attack.  You will also perform the basic firewall functions.  This tutorial is used in Network Security TELECOM 2821.    

Required Equipment.  To complete this tutorial you will need one  PC running Linux OS with a server function (Yucca), one PC running Linux OS with a client and an attacker functions (Periwinkle), one PC running Windows with a console function, and one Lucent Firewall IRX Router.  This can all be found in the lab. 

Introduction.  How do you secure the valuable information within your company’s Intranet while allowing your employees to have access to the outside information they need?  How can you reduce your vulnerability to attacks when you have a DSL connection that brings more bandwidth to your house 24 x 7?  The solution to both of these problems is found in a firewall by protecting a computer or entire network by limiting what information can get into or leave the network.  The role of the firewall in a network is becoming greater as malicious hackers find new exploits for systems.

Firewalls are becoming greater as malicious hackers find new exploits that allow them to compromise a system.  Firewalls are either hardware or software.  In this tutorial you will be dealing with a hardware firewall from Lucent Technologies.  A hardware firewall is a standalone system that is placed between the internal network and the Internet. The network administrator sets the firewall’s attributes to correspond with the desired security policies, which can allow almost all traffic into and out of the network, or deny all incoming and most outgoing traffic.  The job of the network administrator is to find the correct balance.

In this tutorial, you will learn how to set-up the firewall for different purposes, perform one type of DOS attacks one a  server, and measure the performance of the system.  You will also see the effect of a misconfigured firewall rule set.  At the end of this tutorial you will design a rule set with a specified, simple network configuration.

Configuring the console computer:

1.  Check the connection between the firewall and the console computer. Note: You need to have a null modem to connect the console computer to the console port of the firewall.

2.   Open “terminal” program in “Accessories” (MS Windows for Workgroup.)

3.  Click at “File” and choose “Open.”

4.  Find the terminal file name “firewall.trm” and open it. Note: If the “firewall.trm” file is not found, try to open a new connection and go to set up communication and set as following: .9600/8/1/No parity/ (Xon/Xoff) in COM1

5.  When we connect to the console of the firewall you will see a login prompt.  You may need to press “Enter” to see the console prompt.  To log-in use "!root"  with no password.

6.  To view the current firewall configuration use the show all command

7.  Check the firewall's configuration with the figure below.  If it is not correct type, in as follows:

8.  Make sure there is no filter file using both Ethernet ports by using the following commands:

Configuring the client computer

1.  Open the client computer and log-in using: