Write config commands Access control lists for deny command policy for https, permit policy for http and deny policy for ssh ?

a) Write deny command policy for https
ip access-list extended DENYPOLICY
deny tcp 9.9.9.0 0.0.0.255 10.10.10.0 0.0.0.255 eq 443
permit ip any any

JNTU       JNTU Kakinada       B.TECH      


What are the components of UTM ?

1. Content Analysis:
------------------
for each packet hit, closely follows FTP states to filter on GET or SET, extract address and port embedded in PORT command and PASV response, open pin-hole accordingly, checks any IDS vulnerability such as embedded the IP address for data channel should match the source address in IP header, monitors DATA command so it won’t send packets from other data channel for virus scanning mistakenly.
Content Analysis monitors SMTP commands and responses. SMTP starts with command EHLO, SEND FROM, RCVD TO, and firewall are passing these commands and responses if the policy allows. When the DATA command is intercepted, It keeps ACK’ing client’s mail data, and AV keeps collecting mail data for scanning. Mail client thinks server has received mail data, but actually firewall is ACK’ing, not the intended mail server. This is so called “on-demand TCP proxy”. After all data is collected and scanned, if there is virus, content will be cleaned or quarantined. The mail data will be returned from firewall to mail server. The TCP proxy acts like mail client this time. Mail server thinks all mail data comes from client, but actually it’s from firewall after AV scanning.

JNTU       JNTU Kakinada       B.TECH      


What is IpSec and how it protect IP packet ?

IPSec, is a framework of open standards (from IETF) that define policies for secure communication in a network. In addition, these standards also describe how to enforce these policies.
Using IPSec, participating peers (computers or machines) can achieve data confidentiality, data integrity, and data authentication at the network layer (i.e. Layer 3 of the Open Systems Interconnection 7-layer networking model).

The main purpose of IPSec is to provide interoperable, high quality, cryptographically-based security for IPv4. It offers various security services at the IP layer and therefore, offers protection at this (i.e. IP) and higher layers. These security services are, for example, access control, connectionless integrity, data origin authentication, protection against replays (a form of partial sequence integrity), confidentiality (encryption), and limited traffic flow confidentiality.

JNTU       JNTU Kakinada       B.TECH      


Explain about Vulnerable Services, attacks and how to protect with Firewall ?

A firewall is a security policy enforcement point that regulates access between computer networks

There are different types of vulnerable services

1. E-mail or smtp – Simple Mail Transfer Protocol

JNTU       JNTU Kakinada       B.TECH      


Explain about Switching methods and Spanning Tree Protocol ?

Switching Methods and Spanning Tree Protocol:
-------------------------------------------

when a switch receives a frame from a host, it will look up the destination MAC address in its forwarding table to determine where the frame should be passed next. Some switches will buffer the entire frame, and then recalculate its CRC to be sure it hasn't been corrupted. Another will begin forwarding a frame almost immediately as it begins entering the switch, not bothering to look at the CRC at all. The tradeoff here should be clear - certain methods focus on reliability, while others focus on speed.

JNTU       JNTU Kakinada       B.TECH      


Explain about path MTU discovery with ICMP ?

When one IP host has a large amount of data to send to another host, the data is transmitted as a series of IP datagrams. It is usually preferable that these datagrams be of the largest size that does not require fragmentation anywhere along the path from the source to the destination. This datagram size is referred to as the Path MTU (PMTU), and it is equal to the minimum of the MTUs of each hop in the path. The Path MTU is what in is called the "Effective MTU for sending". A PMTU is associated with a path, which is a particular combination of IP source and destination address and perhaps a Type-of-service (TOS).


Using the Don't Fragment (DF) bit in the IP header to dynamically discover the PMTU of a path. source
host initially assumes that the PMTU of a path is the MTU of its first hop, and sends all datagrams on

JNTU       JNTU Kakinada       B.TECH      


Explain about link state concepts and OSPF protocol ?

Link state protocols, sometimes called shortest path first or distributed database protocols, are built around a well-known algorithm from graph theory, E. W. Dijkstra'a shortest path algorithm
Each router establishes a relationship—an adjacency—with each of its neighbors.
Each router sends link state advertisements (LSAs), sometimes called link state packets (LSPs), to each neighbor. One LSA is generated for each of the router's links, identifying the link, the state of the link, the metric cost of the router's interface to the link, and any neighbors that may be connected to the link. Each neighbor receiving an advertisement in turn forwards (floods) the advertisement to its own neighbors.Each router stores a copy of all the LSAs it has seen in a database. If all works well, the databases in all routers should be identical.The completed topological database, also called the link state database. Upon Using the Dijkstra algorithm, each router calculates the shortest path to each network and enters this information into the route table.


JNTU       JNTU Kakinada       B.TECH      


Explain about link state concepts and OSPF protocol ?

Link state protocols, sometimes called shortest path first or distributed database protocols, are built around a well-known algorithm from graph theory, E. W. Dijkstra'a shortest path algorithm
Each router establishes a relationship—an adjacency—with each of its neighbors.
Each router sends link state advertisements (LSAs), sometimes called link state packets (LSPs), to each neighbor. One LSA is generated for each of the router's links, identifying the link, the state of the link, the metric cost of the router's interface to the link, and any neighbors that may be connected to the link. Each neighbor receiving an advertisement in turn forwards (floods) the advertisement to its own neighbors.Each router stores a copy of all the LSAs it has seen in a database. If all works well, the databases in all routers should be identical.The completed topological database, also called the link state database. Upon Using the Dijkstra algorithm, each router calculates the shortest path to each network and enters this information into the route table.


JNTU       JNTU Kakinada       B.TECH      


Explain about RIP V1 and V2 protocols in detail?

RIP process operates from UDP port 520; all RIP messages are encapsulated in a UDP segment with both the Source and Destination Port fields set to that value.
RIP defines two message types: Request messages and Response messages. A Request message is used to ask neighboring routers to send an update. A Response message carries the update.
The metric used by RIP is hop count, with 1 signifying a directly connected network of the advertising router and 16 signifying an unreachable network
Response message out every RIP-enabled interface every 30 seconds. The destination address of the update is the all-hosts broadcast 255.255.255.255.
expiration timer, or timeout is initialized to 180 seconds, If an update for a route is not heard within that 180 seconds (six update periods), the hop count for the route is changed to16, marking the route as unreachable.

JNTU       JNTU Kakinada       B.TECH      


Explain about IP header fields, ping and trace route?

IP header contains:

Version. 4 bits.
Specifies the format of the IP packet header

JNTU       JNTU Kakinada       B.TECH      


What is ARP, RARP and explain about Arp header fields ?

ARP is used to translate protocol addresses to hardware interface addresses.

RARP provides the complementary translation from the hardware interface address to the protocol address.


JNTU       JNTU Kakinada       B.TECH      


What are different data link protocols and explain about Ethernet 802.2 frame header structure and fields?

There are Ethernet , PPP, SLIP, Frame relay and ATM data link protocols.

Ethernet Data Link Layer is divided into two sublayers:

Logical Link Control (LLC). This sublayer is responsible for the data transmission between computers or devices on a network.

JNTU       JNTU Kakinada       B.TECH      


Explain about the 4 layers of TCP/IP model and list the protocols developed in each layer?

Application:
Defines TCPIP application protocols and how host programs interface with transport layer services to use the network.
protocols:
HTTP, Telnet, FTP, TFTP, SNMP, DNS, SMTP, X Windows, other application protocols

JNTU       JNTU Kakinada       B.TECH      


Certification Course In Shell Programming



View More