Part 4 — Questions 1) What is the command to block the following subnet: 192.168.2.x? 2) Describe what the following rules do: a. iptables -A INPUT -i lo -p all -j ACCEPT b. iptables -A INPUT -p all -s localhost -i eth0 -j DROP c. iptables -A INPUT -s 0/0 -i eth0 -d 192.168.1.1 -p TCP -j ACCEPT d. iptables -A FORWARD -s 0/0 -i eth0 -d 192.168.1.58 -o eth1 -p TCP -- sport 1024:65535 --dport 80 -j ACCEPT 3) Create a rule that will restrict SSH to allow only specific IP addresses iptables -A INPUT -p tcp -s x.x.x.x/x --dport ssh -j ACCEPT 4) Create rules that will block any HTTP and HTTPS browsing from the virtual machine 5) Create a rules to rate-limit ICMP(Ping) traffic to 5 packets per second 6) Allow only incoming SSH connections 7) Block all incoming TCP traffic 8) Block all incoming UDP traffic 9) Assume you are running a web server that you would like to secure with iptables. Discuss in detail how you would go about doing that. 10) Read the above-mentioned tutorials and the man pages for iptables. Discuss in detail how you would secure a server with multiple services running on it. Explain what services you are protecting. 11) Using windows firewall how you would complete the tasks on questions 9 and 10. Describe your solutions in details. 12) Give an example of at least two options that were not mentioned in this Lab and explain how to use them? 13) Describe the operation of another firewall and compare that to iptables.
Added by Milagros A.
Close
Step 1
168.2.x using iptables is: iptables -A INPUT -s 192.168.2.0/24 -j DROP 2) a. The rule "iptables -A INPUT -i lo -p all -j ACCEPT" allows all traffic (-p all) coming from the loopback interface (-i lo) to be accepted (-j ACCEPT). This rule is commonly used to allow Show more…
Show all steps
Your feedback will help us improve your experience
Akash M and 92 other AP CS educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
1. Describe how you use TCPDump to list all of the interfaces available to capture traffic and list the available interfaces in the lab. 2. What is the TCPDump flag that is used on the Linux command line to specify the output file name to write the resulting output? 3. What is the purpose of using the "sudo" command? 4. What is the full TCPDump command that you would use if you wanted to read a previously created output file called "MyPackets.pcap"? 5. What is the TCPDump command that you would use if you wanted to capture packets from the eth1 interface? 6. What is the TCPDump command that you would use if you wanted to capture exactly 10 packets from the eth0 interface? 7. What is the TCPDump command that you would use if you wanted to capture just the traffic to and from IP address 1.2.3.4? 8. What is the TCPDump command that you would use if you wanted to just capture traffic from port 3389?
Akash M.
This layer of the OSI model is responsible for dialog control, token management, and synchronization. a. session b. transport c. network d. data link Question 2 What is the typical method for restricting packet lifetime on the Internet? a. Packet length b. Network path c. Packet size d. Hop count Question 3 Can a machine with a single DNS name have multiple IP addresses? a. true b. false Question 4 If a local DNS server cannot find an IP address for a specified URL, what does it do? a. Queries the next DNS server b. Returns an error 4xx to the client requesting the resource c. Performs a reverse lookup of the authoritative record d. Performs an iterative query of the local DNS server's database Question 5 What is the default protocol used for sending email messages over the Internet? a. SNMP b. SMTP c. POP d. RSVP Question 6 Which protocol is used to send web pages from web servers to internet browsers? a. HTML b. SMTP c. HTTP d. WAP Question 7 This mail system protocol was created as an improvement of the POP3 protocol, and has the ability to address mail not by message number, but by using attributes. a. SMTP b. MIME c. SNMP d. IMAP Question 8 What is the primary purpose of a Socket primitive? a. To associate a local address with a port b. To create a communication endpoint c. To address a communication endpoint d. To set up a connection with a host Question 9 Which protocol uses a three-way handshake to establish connections? a. TCP b. UDP c. ICMP d. IP Question 10 What is the primary purpose of flow control? a. Error control b. Traffic control c. Flow control d. System control
192.168.1.97/27 192.168.1.98/27 R1 192.168.1.55/27 192.168.1.69/28 192.168.1.129/27 R2 192.168.1.222/28 Host 1 Host 2 Host 3 Host 4 IP: 192.168.1.35 IP: 192.168.1.72 SM: 255.255.255.224 SM: 255.255.255.240 GW: 192.168.1.55 GW: 192.168.1.69 IP: 192.168.1.130 IP: 192.168.1.225 SM: 255.255.255.224 SM: 255.255.255.240 GW: 192.168.1.129 GW: 192.168.1.222 In the network diagram above, determine why Host 4 cannot ping Host 1. Explain what happens to the ICMP packets. The IP addresses given above are interface addresses for the routers (with the corresponding mask length given in CIDR notation). They are not subnet addresses. You can reasonably assume that the routers R1 and R2 have advertised the network routes they know about to each other, and each router has learned about network routes by way of the direct connections to their respective networks. Such routes are installed in the routing table for the router and will be advertised to its neighbors.
Recommended Textbooks
Computer Science and Information Technology
Introduction to Programming Using Python
Computer Science - An Overview
Transcript
Watch the video solution with this free unlock.
EMAIL
PASSWORD