Posted on by Warren Lourens

Lab 11: Firewall Rule Based Management

  1. Investigate and discuss the configuration required on a firewall for a web server providing
    1. HTTP

HTTP is a web standard to secure an encrypted link between a web server and a web client. In order to allow this connection to work correctly over a network the firewall needs to be configured to open port 80.

HTTPS

Runs on port 443 and secures sensitive information such as passwords over the network by making them hard to decrypt. You will need to make sure that the inbound rules in your firewall are set to allow port 443.

  1. FTP over TLS/SSL 

Secure File transfer protocols (FTP) are send on the same port as non secure communications. There are two types of FTPS that we can have a closer look at

Explicit FTPS:

By default port 21 is used for the control channel between both the server and client. when the client connects to the server through the control channel. it will then negotiate over the SSL and TLS in order to gain access to the control or data channel.

Implicit FTPS:

this is regarded as an older form of transfer over SSL. In Implicit a SSL handshake needs to take place before communication can occur. Implicit transfer works on port 990.

  1. SMTP for sending emails from the websites
    1. Remote Administration

SMTP stand for simple mail transfer protocol which is used by a websites email service to make it easier for them to send emails more reliability so that it does not get blocked or send to the spam folder for the recipient.

The administrator will need to specify which domain name is allowed through the firewalls so that the emails do not get blocked.

  1. Investigate and discuss the configuration required on a firewall for a database server providing
    1. MariaDB 

Was created by the same developers of MySQL and is a popular database server that can be used to backup information from websites

In order to ensure that your firewalls are not blocking MariaDB from doing its job you will need to make sure that inbound rules on the server side allow port 3306 access.

  1. Remote Administration

In order to allow access remotely to the Database server an inbound firewall rule need to allow port 1433

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Design a site like this with WordPress.com
Get started