[Network security]Advanced Filtering
Overview
I demonstrated
- Review time-based access control concepts
- Implement time-based access control in the Smoothwall Firewall
Lab Observations/Information Gathered:
In this lab, I demonstrated
- Review time-based access control concepts
- Implement time-based access control in the Smoothwall Firewall
This lab tells how to configure time-based access using router configuration.
These are the advanced ACLs characteristics regarding time-based.
Advanced ACLs
- Time-based
- introduced in Cisco IOS 12.0.1.T
- allow for access control based on time
- time range is a specific time of the day and week
- time range relies on the router’s system clock
- For example, a telnet connection can be allowed from internal to external during business hours.
As well as this method, it is essential to harden router by doing the following
- secure router remote access
- disable unnecessary servers and IP services
- configure basic filtering and traffic filtering
- secure management access
To know the IP address, use the ifconfig command + interface name (eth0). The IP address is 192.168.177.20.
Access 192.168.100.20:441 Smoothwall Express home page.
Access owasp prompt
This is the date command from Smoothwall
Verify that Smoothwall can be accessed from owasp
After adding a default route, interface (eth0) can be accessed from owasp
Specify the daytime that owasp machine (192.168.100.231) cannot be accessed.
It shows that the ping packet is filtered.