4.1k views

A layer-$4$ firewall (a device that can look at all protocol headers up to the transport layer) CANNOT

1. block entire $\text{HTTP}$ traffic during $9:00PM$ and $5:00AM$
2. block all $\text{ICMP}$ traffic
3. stop incoming traffic from specific $\text{IP}$ address but allow outgoing traffic to the same IP address
4. block $\text{TCP}$ traffic from a specific user on a multi-user system during $9:00PM$ to $5:00AM$
edited | 4.1k views
–2
ans will be a as http works at application layer n firewall layer 4 cant see it
+4
that can be taken care of by port number 80....
0
(A)since,it is a layer 4 firewall,it cannot block application layer protocol like HTTP.
+2
transport layer has port number and port number of http is 80 and thus firewall can block http traffic
0
0
Question here is asking for can not . Option D is not possible by firewall

(A) It is POSSIBLE to block "entire" HTTP traffic by blocking all the traffic on port number $80$ Since here we DON'T need to check anything that is application layer specific. We only need to block port no $80$ for required time span.

(B) & (C) are fairly possible to achieve.

(D) However (D) is not possible to achieve although the service uses TCP at transport layer. But see the question. We dont need to block entire TCP traffic so we cant block any specific PORT number. Also it is given that IT IS MULTI- USER System and so many user may be using same port for communication.Therefore blocking that port would block all the users  WHILE we want a specific user. So how to do that. To do so we need Application layer specific information of the user like user_id type of things which cant be checked as it is $4$-layer firewall. So it is not possible to allow other users and block some specific at the same time using
a $4$-layer firewall  (unless they all be using different port numbers which we actually cant predict).

edited
–1

0

Shoiuldn't it be Option : (A) !!!

+1
Each user has a specific IP address. Why can't we filter at IP level?
+3

Each user has a specific IP address. Why can't we filter at IP level?

Good point @Ram Sharma1 ji. "specific user on a multi-user system". means multiple users are sharing same IP.

0
How to block all ICMP traffic? By port no.. 80?
+2

How to block all ICMP traffic? By port no.. 80?

@rahul sharma 5 ji,

Network Layer stores protocol type(for ICMP it is 1.) and Transport Layer has Port number.

Since it Layer-4 firewall so it includes the following layer ::

Physical layer,Data Link layer,Network layer as well s Transport layer.

So all functionalities of above layer can be prevented by Layer-4 protocol except last one which is associated with the application layer.
+1
So which is the correct answer ?
0
I think HTTP belong from layer 5 show anw may be option A.