Holiday Hack 2025: Visual Firewall Thinger

• Holiday Hack 2025
• 0️⃣ Orientation
• 1️⃣ Act 1
• Its All About Defang
• Neighborhood Watch Bypass
• Santa's Gift-Tracking Service Port Mystery
• Visual Networking Thinger
• Visual Firewall Thinger
• Intro to Nmap
• Blob Storage Challenge in the Neighborhood
• Spare Key
• The Open Door
• Owner
• 2️⃣ Act 2
• 3️⃣ Act 3
• Appendices

Introduction

Visual Firewall Thinger

Difficulty:❅❅❅❅❅

Find Elgee in the big hotel for a firewall frolic and some techy fun.

Chris Elgee is in the NetWars room in the Hotel:

Chris Elgee

Oh hi! Am I on the road again? I should buy souvenirs for the family.

Loud shirts? Love them. Because - hey, if you aren’t having fun, what are you even doing??

And yes, finger guns are 100% appropriate for military portraits.

… We should get dessert soon!

Welcome to my little corner of network security! finger guns

I’ve whipped up something sweeter than my favorite whoopie pie - an interactive firewall simulator that’ll teach you more in ten minutes than most textbooks do in ten chapters.

Don’t worry about breaking anything; that’s half the fun of learning!

Ready to dig in?

Chris Elgee

Congratulations! You spoke with Chris Elgee!

The terminal opens up a web interface with a network and six requirements to be met:

Solution

Overview

The page has three sections. First, there’s a description of the environment:

Next, it lays out six requirements that have to be met with the successful config:

Finally, there’s a cartoon network map:

Clicking on one of the parts of the network shows it’s connections:

I can configure firewall rules using the checkboxes here. Clicking on the links opens another place to configure the firewall:

Internet –> DMZ

I need to “Allow only HTTP and HTTPS traffic”. I’ll click on this link, and set that up:

DMZ <–> Internal

Here I need to “Allow HTTP, HTTPS, and SSH traffic”:

By setting it on the connection it completes “Internal to DMZ: Allow HTTP, HTTPS, and SSH traffic” as well.

Internal –> Cloud

It seems maybe the mail server is in the cloud. This should be set as “Allow HTTP, HTTPS, SSH, and SMTP traffic”:

Internal –> Workstations

I’ll allow all traffic between the internal network and workstations:

Outro

Visual Firewall Thinger

Congratulations! You have completed the Visual Firewall Thinger challenge!

On saving the last rule the challenge is complete:

Chris is impressed:

Chris Elgee

finger guns Nice work! You’ve mastered those firewall fundamentals like a true network security pro.

Now that was way more fun than sitting through another boring lecture, wasn’t it?