SEMESTER-II (24-25)
CLASS: SUBJECT: Cyber Forensic Engineering
Name of the student: DATE:
EXPERIMENT NO. 4
Assessing Network Security: Cisco Packet Tracer's Firewall Configuration Tool "
AIM: The experiment is to configure a firewall using Cisco Packet Tracer. This involves
setting up security policies, access control lists, and inspecting traffic. We'll explore how to
implement firewall rules to control network traffic flow effectively. The experiment aims to
understand the functionality and configuration options of the Cisco Packet Tracer firewall
tool. Through practical application, we seek to enhance skills in network security
management. Ultimately, the goal is to ensure the network remains secure and resilient
against potential threats.
Objective:
This experiment aims to utilize Cisco Packet Tracer's firewall configuration tool to establish
robust network security measures. Through this setup, we seek to understand the intricacies
of firewall rules, access control lists (ACLs), and network address translation (NAT). By
implementing and testing various firewall policies, our goal is to enhance network protection
against unauthorized access, malware, and other potential threats. This experiment will
provide insights into configuring, monitoring, and troubleshooting firewalls within simulated
network environments, contributing to a comprehensive understanding of network security
principles
Theory:
Firewall configuration is a pivotal aspect of network security, aiming to safeguard networks
against unauthorized access and malicious activities. The fundamental theory behind firewall
configuration revolves around the establishment of robust barriers that selectively permit or
deny traffic based on predefined rules. These rules, typically defined in access control lists
(ACLs), govern the flow of traffic by examining various parameters such as source and
destination IP addresses, port numbers, and protocols.
Firewalls can be configured in different modes, including packet filtering, stateful inspection,
and application layer filtering, each offering varying levels of granularity and security. Packet
filtering firewalls operate at the network layer (Layer 3) and make decisions based on
individual packets' attributes, whereas stateful inspection firewalls maintain state information
to track the context of connections, enabling more sophisticated filtering decisions.
Application layer firewalls, functioning at Layer 7, offer the highest level of control by
inspecting data at the application level, allowing for deep packet inspection and content
filtering.
Key considerations in firewall configuration include defining security policies aligned with
organizational objectives, understanding network topology and traffic patterns, and regularly
updating and auditing firewall rules to adapt to evolving threats. Additionally, implementing
additional security measures such as virtual private networks (VPNs), intrusion detection and
prevention systems (IDS/IPS), and security information and event management (SIEM)
solutions can complement firewall configurations to create a comprehensive defines-in-depth
strategy.
1
�Furthermore, firewall configuration entails striking a balance between security and usability,
ensuring that legitimate traffic flows smoothly while unauthorized or potentially harmful
traffic is effectively blocked. This requires careful planning, testing, and monitoring to
identify and mitigate potential misconfigurations or vulnerabilities. Additionally, compliance
with industry standards and regulatory requirements such as the Payment Card Industry Data
Security Standard (PCI DSS) or the Health Insurance Portability and Accountability Act
(HIPAA) may dictate specific firewall configuration guidelines to ensure data confidentiality,
integrity, and availability.
Cisco packet tracer:
Cisco Packet Tracer is a comprehensive network simulation tool designed to facilitate
learning and understanding of networking concepts. It allows users to create, configure, and
troubleshoot virtual networks in a risk-free environment. With its user-friendly interface and
extensive library of networking devices, Packet Tracer enables users to simulate real-world
network scenarios, including routing, switching, wireless networking, and security
configurations. Its built-in features such as network visualization, packet capture, and
simulation mode aid in grasping complex networking concepts effectively.
Advantages of Cisco packet tracer:
The advantages of the Cisco Packet Tracer are numerous:
1. Hands-on Learning: Packet Tracer provides a practical, hands-on approach to
learning networking concepts, allowing users to configure and troubleshoot virtual
networks in a simulated environment.
2. Risk-Free Environment: Users can experiment with network configurations without
the risk of affecting real-world networks, making it ideal for learning and testing.
3. Comprehensive Simulation: It supports a wide range of networking devices,
protocols, and technologies, enabling users to simulate complex network scenarios,
including routing, switching, wireless networking, and security configurations.
4. User-Friendly Interface: Packet Tracer features an intuitive and user-friendly
interface, making it accessible to beginners and advanced users alike.
5. Extensive Device Library: It offers a rich library of Cisco devices, allowing users to
emulate real-world network environments accurately.
6. Multi-User Collaboration: Packet Tracer supports multi-user collaboration, enabling
students, instructors, and network professionals to collaborate on network projects and
share experiences.
7. Real-Time Visualization: Users can visualize network topologies in real-time,
helping them understand the effects of their configurations and troubleshoot more
effectively.
8. Cost-Effective: As a free tool available for download, Packet Tracer provides a cost-
effective solution for learning and practicing networking concepts.
2
�Procedure:
1) Download Cisco packet tracer application (Cisco Packet Tracer: A Free and Fun Course
for Beginners (skillsforall.com))
2) Open Cisco packet tracer. Select server, switch and pcs from the bottom left inventory.
Server and PCs are under ‘End devices and switch is under ‘Network devices’
3) Select connections automatic connections to connect all devices
3
�4) Open serverDesktopIP configuration set IP as below
5)Then go to services and make this server a DHCP server
6) similarly open up each PCDesktopIP configurationselect DHCP.
Let the PC get its IP automatically. This will take a few seconds
7) open the server and make sure HTTP and HTTPS are on. Then go to the firewall (ipv4)
and add the following rules:
4
�8) Open the command prompt of any one of the PCs and ping the server. Open the browser of
any one of the PCs and https to the server. (https://IP address)
Procedure of How to Block a Domain or Website Using Windows Firewall:
1. Click on the search bar and type “control panel”. Click on the Control Panel app.
2. Click on the Control Panel app and then select “Large icons” or “Small icons” view.
3. Click on “Windows Defender Firewall”.
4. On the right side, click on “Advanced settings”
5. On the left side, you will see “Outbound rules”. Right-click on “Outbound rules” and
select “New rule”.
5
�6. Click on “Custom” and then click “Next”.
7. Select “All programs” and click “Next” twice.
8. Make sure the option “Protocol type” is set to “Any” and click “Next”.
Step 1
6
� Step 2
Step 3
7
�9. You will need to select the remote IP addresses that this rule applies to. To do this, go
to the search menu and type “cmd”. Right-click on “Command Prompt” and select
“Run as administrator”.
10. In the command prompt, type “nslookup www.facebook.com” (or whichever website
you want to block). This will give you the IP addresses of the website.
11. Copy the IP addresses and paste them into the “Remote IP address” section in the new
rule window.
12. Click “Next” and select “Block the connection”.
13. Click “Next” again and make sure the “Domain”, “Private”, and “Public” options are
checked.
14. You can name the rule here (e.g., “Facebook block”).
8
�15. Click “Finish”.
Step 1
Step 2
16. Go back to your browser and try to reload the webpage. The website should now be
9
� blocked.
Conclusion:
10
