Week several iLab
п»їStudent Term: Rolando Salas Date: 7/26/14
Repository Server Reliability Demands вЂ“ iLab3
In this lab, the students will examine the following targets.
Understand well-known and ephemeral ports
Create ACL to meet requirements on databases security demands Learn best practices to create and apply ACLs.
A small company can be using the topology shown below. The Public Storage space is actually a great off-site Data source Server made up of company records. Assume that the 200. 100. 0. 0/16 network presents the Internet. The Dallas and Chicago Machines and hosts need to access the data source server safely. Only users in the Dallas and Chicago, il LANs should be able to access the database machine.
The last page with the lab project document consists of a full-page topology. Take away this page and employ it for mention of the the topology and the IP addresses.
The Dallas, Chicago, and ISP Routers' FastEthernet and Serial interfaces used for the lab have been completely correctly designed and empowered. Unused interfaces have been arret. The COPY routing desks are complete for all routers and website hosts. No ACLs have been applied to any of the routers. Below is the initial running-config file in ISP router.
version 12. 3(4)T7
ip address 200. 95. 0. you 255. 255. 255. 0
ip address 2 hundred. 100. forty. 1 255. 255. 255. 0
internet protocol address 200. 100. 10. one particular 255. 255. 255. zero
ip address two hundred. 100. 20. 1 255. 255. 255. 0
network two hundred. 100. zero. 0
network 200. 95. 10. 0
network 2 hundred. 100. twenty. 0
network 200. 75. 40. zero
line que incluye 0
line aux 0
line vty 0 5
line vty 5 12-15
Lab Data Collection and Distribution
Down load and open the lab doc file: SEC450_DB-SecurityDemands_Report. docx. Enter into your name and date at the top of the lab doc. As you total each activity of the lab assignment coming into all relevant configuration commands, and, responded questions (as specified in the iLab assignment) into this lab file. You will post the accomplished SEC450_DB_SecurityDemands_Report. docx file in the this week's eCollege iLab Dropbox.
Note: REDDISH text shows the required inquiries to answer
Activity to Set up Reliability Policy intended for Offsite Repository Server
The following requirements were given to the network engineer to produce and apply ACL 90 in INTERNET SERVICE PROVIDER router
1 . Allow SQL data source traffic in the Public hardware to the Dallas Host. installment payments on your Permit SQL database visitors from the Open public server for the Dallas Hardware. 3. Grant SQL data source traffic through the Public machine to the Chi town Host. some. Permit SQL database visitors from the Open public server towards the Chicago Hardware. 5. Refuse all other TCP traffic from your Public storage space to any vacation spot. 6. Allow all other traffic.
#1. Make clear the meaning in the " three P's" best practice secret to create ACL in routers
One ACL per protocol, per path and every interface are the three P's used for remembering the general guideline for making use of ACLs on a router. One particular ACL every protocol is always to control the flow of traffic with an interface. Per direction will be considered to include ACLs control traffic choosing one path at a time by using an interface. Every interface has ACLs controlling traffic for an program.
#2. Explain the difference between the subsequent two access-list commands a) access-list 101 permit tcp any any eq 80
b) access-list 101 permit tcp any kind of eq 80 any
a) This ACL will be permitting all TCP packets by any origin IP address to any destination Internet protocol address where the supply and vacation spot port can be 80. b) This ACL will be permitting all TCP packets by any origin IP address where source port is 85 to any vacation spot IP address.
#3. Precisely what are well-known, registered, and ephemeral UDP/TCP ports?...