You must solve this problem set individually without any assistance from anyone.
Mastery of the predicate calculus, and the ability to convert from English to
the predicate calculus, is essential for success in this course.
Rules for this Firewall are described using simple rules as shown in the table below. Both simple prefix matching (e.g. 128.32/16) and wildcards (*) are allowed. Packets that do not match any rule are discarded by default.
The first rule prevents hosts in the 128.32/16 network from telnetting into the Microscape network and the second rule allows hosts in the Microscape network to send mail to hosts in the Internet. These rules may effectively allow or disallow other traffic as well.
a) (5 points) Write a simple rule(s) that allows Microscape employees to browse the Web. Make this rule(s) as restrictive as possible (i.e. it should not let other traffic into/out of Microscape if possible).
b) (5 points) Suppose there were two hosts (A and B) inside the Microscape network. Assuming just the rules you added in a), could an attacker in the Internet still perform a bandwidth denial of service attack that interferes with traffic between host A and B? Why or why not?
c) (5 points) Harry installs an HTTP caching proxy in the Microscape network. He wants to ensure that all clients in Microscape use this proxy to browse the Web. How should he modify his rules from a) (you may write out the new rule or explain the changes)?
d) (5 points) Assuming the resulting setup from c) and that the web proxy is not on of the links between host A and B, can transfers between A and B be affected by a denial of service attack?