Guide to firewalls and VPNS third edition Chapter 7 Review question 1. What prox
ID: 3681051 • Letter: G
Question
Guide to firewalls and VPNS third edition
Chapter 7 Review question
1. What proxy server functions are similar to packet filtering firewall functions?
2. What do proxy servers reassemble packets before sending them on their way?
3. What are the disadvantages or complications of using a proxy server gateway?
4. What type of proxy server receives traffic from all services at a single port, such as a SOCKS proxy server?
5. What is a nontransparent proxy?
6. Consider the following; you run an external web site that lists catalog items for sale. The overwhelming number of requests your company your company receives from the internet are HTTP requests. You need to distribute the traffic load more evenly, and you need to protect sensitive client information contained in your web server. What two proxy server approaches could help you achieve these goals?
7. What functions are performed at the session layer of OSI model?
8. What are the disadvantages of using SOCKS?
9. How might you protect an internal network overnight, when no employee are present?
10. When is proxy server the wrong protection mechanism for a network?
Explanation / Answer
1. Security - They filter out traffic from “undesirable” Web sites, and they can block harmful content. Both create log files as well, and both read the header portion of IP packets.
2.Proxy Server Reassemble packets with a new source IP address makes it impossible for external hosts to determine the correct IP address of the host making the request. Also reassembling packets strips out mangled data that could otherwise be used to initiate network intrusions.
3. Having a single point of configuration—the proxy server itself—reduces the security administrator's work somewhat, but proxy servers still need multiple services and multiple clients to be configured.
Some more disadvantages are :
1.No Doubt Caching will increase the data access speed but at the same time the proxy server owner can keep
a look in the cache as there might be some sensitive data like passwords, username ,etc be found , which
needs to be deleted.
2.Even if a person is using anonymous proxy and he is on encrypted connection , still then there are techniques
for intercepting both TLS and SSL encrypted connections
3. Tunneling proxy servers are usefil in access blocked sites but students are able to access blocked sites ,
offensive material etc , in school and colleges
4. HTTP/Web Proxy Server
5. A 'non-transparent proxy' is a proxy that modifies the request or response in order to provide some added service to the user agent, such as group annotation services, media type transformation, protocol reduction, or anonymity filtering".
6. Installing a dedicated HTTP server would help you handle the heavy HTTP traffic load, as would load balancing. Or you could install multiple HTTP proxy servers to balance the load. A reverse HTTP proxy would provide extra protection for the client information held on the Web server. You could place the reverse HTTP proxy in the DMZ so the public would access the reverse proxy directly. It would then seem to be the “real” Web server. However, the actual Web server would be on the protected internal network, and the public would never access it directly.
7. a) Establishes, manages and terminates communicative sessions .
b) Session support: performs the functions that allow these processes to communicate over the network,
performing security, name recognition, logging, and so on.
8. It does not examine the data or payload part of a packet. It does provide other forms of protection such as recreating packets, and the fact that it works with virtually any TCP/IP application makes it valuable.
9. To have good firewalll system in place and have all the system having confidential information under DMZ. Good logging should be in place and keep monitoring on regular interval. Have some sort alarm mechanism like sending of SMS or email in case someone trying to access the network . Physically , Servers should be locked in a room with limited access 24x7 and some other security arrangments to make sure that no one can enter the premisses or specifically to the room .
10. In a business network, proxy server use to cache content on the internet that was previously accessed by another client, thus for financial insituations and where confidential information are access, using proxy server might not be a good decision as we need to use firewall which provides isolation for internal hosts from the internet and thus improving security, and restrict access to the internet--or certain content on the internet--from the corporate LAN. .
In personal use - the proxy server has the ability to log, capture, and track your activities, and if it is hosted by less-than-honest entities, the information you send over it could be used to cause damage.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.