1. [20 pts.] Create firewall rules for the untrusted network port on the external firewall which will: a.) block spoofing of all internal corporate network addresses b.) allow traffic from any host and any port on the untrusted network into the DMZ for the * SMTP server on the SMTP port; * web server on the http port; * proxy server on the internal application port; * and, extranet database server on the database session port. c.) allow re-mapped response traffic from any host and any port to the extranet database server d.) explicitly disallow any inbound traffic requesting a desitnation port of either 7 or 23 e.) disallow all other traffic 2. (10 pts.] Create firewall rules for the DMZ port on the extranet firewall which will: a.) allow traffic from any port on the proxy server to the internal application port on the application server b.) allow traffic to the databae session port on the database server from these specific sources only (representing preferred customers): * network 42.40.0.0 * network 77.7.77.0 * host 112.92.4.3 c.) disallow all other traffic 3. [20 pts.] Create firewall rules for the internal network port on the internal firewall which will: a.) specifically deny traffic spoofing the firewall ports b.) deny traffic to the firewall ports, except from the local firewall administrator (allow that traffic) c.) allow all other outbound traffic out d.) disallow all other traffic 1. [20 pts.] Create firewall rules for the untrusted network port on the external firewall which will: a.) block spoofing of all internal corporate network addresses b.) allow traffic from any host and any port on the untrusted network into the DMZ for the * SMTP server on the SMTP port; * web server on the http port; * proxy server on the internal application port; * and, extranet database server on the database session port. c.) allow re-mapped response traffic from any host and any port to the extranet database server d.) explicitly disallow any inbound traffic requesting a desitnation port of either 7 or 23 e.) disallow all other traffic 2. (10 pts.] Create firewall rules for the DMZ port on the extranet firewall which will: a.) allow traffic from any port on the proxy server to the internal application port on the application server b.) allow traffic to the databae session port on the database server from these specific sources only (representing preferred customers): * network 42.40.0.0 * network 77.7.77.0 * host 112.92.4.3 c.) disallow all other traffic 3. [20 pts.] Create firewall rules for the internal network port on the internal firewall which will: a.) specifically deny traffic spoofing the firewall ports b.) deny traffic to the firewall ports, except from the local firewall administrator (allow that traffic) c.) allow all other outbound traffic out d.) disallow all other traffic