Lab Overview: The goal of this tutorial is to allow you
to exploit an active attack on the network and implement a
simple firewall rule set that will prevent this kind of attack.
You will also perform the basic firewall functions. This
tutorial is used in
Network Security TELECOM 2821.
Required Equipment. To complete this tutorial you will
need one PC running Linux OS with a server function (Yucca),
one PC running Linux OS with a client and an attacker functions
(Periwinkle), one PC running Windows with a console function, and
one Lucent Firewall IRX Router. This can all be found in the
Introduction. How do you secure the valuable information within your company’s
Intranet while allowing your employees to have access to the outside
information they need? How can you reduce your vulnerability
to attacks when you have a DSL connection that brings more bandwidth
to your house 24 x 7? The solution to both of these
problems is found in a firewall by protecting a computer or
entire network by limiting what information can get into or leave
the network. The role of the firewall in a network is becoming
greater as malicious hackers find new exploits for systems.
Firewalls are becoming greater as malicious hackers find new exploits
that allow them to compromise a system. Firewalls are either
hardware or software. In this tutorial you will be dealing with a
hardware firewall from Lucent Technologies. A
hardware firewall is a standalone system that is placed between the
internal network and the Internet. The network
administrator sets the firewall’s attributes to correspond with the
desired security policies, which can allow almost all
traffic into and out of the network, or deny all incoming and
most outgoing traffic. The job of the network administrator is to
find the correct balance.
In this tutorial, you will learn how to set-up the firewall for different
purposes, perform one type of DOS attacks one a server, and measure
the performance of the system. You will also see the effect of
a misconfigured firewall rule set. At the end of this tutorial
you will design a rule set with a specified, simple network
Configuring the console computer:
1. Check the connection between the firewall and the console
computer. Note: You need to have a null modem to connect the console
computer to the console port of the firewall.
2. Open “terminal” program in “Accessories” (MS Windows for
3. Click at “File” and choose “Open.”
4. Find the terminal file name “firewall.trm” and open it. Note: If
the “firewall.trm” file is not found, try to open a new connection
and go to set up communication and set as following:
.9600/8/1/No parity/ (Xon/Xoff) in COM1
5. When we connect to the console of the firewall you will see
a login prompt. You may need to press “Enter” to see the
console prompt. To log-in use "!root" with no password.
6. To view the current firewall configuration use
show all command
7. Check the firewall's configuration with the figure below.
If it is not correct type, in as follows:
8. Make sure there is no filter file using both Ethernet ports
by using the following commands:
Configuring the client computer
1. Open the client computer and log-in using: