1. You have a web server running on port 8888 in a Linux computer, but without any firewall rules in place for protection.
Now, you want to use iptables to protect the website so that only computers from address 172.90.0.0/16 but excluding 172.90.255.0/24 can access the web server.
Show the commands of iptables that add the Linux firewall rules to enforce the protection.
1. You have a web server running on port 8888 in a Linux computer, but without...
You are to create and apply a firewall rule set on your Ubuntu server and each rule should be commented. Make sure to use variables for the IP addresses in your firewall. It's good practice and if I have to test one or more of your rules, I can replace the address in the variable. For any packets you REJECT or DENY, those should be logged. That means you'll need to modify the rule so that if the rule matches...
Figure 1 LAN Subnet: 192.168.40.0124 LAN Switch Internet External Firewall Internal Firewall DMZ Subnet: 192.168.10.0/24 LAN devices Web Server running on port 80 IDS (Snort VM) Remote Access Server (Nginx VM) (OpenVPN) Overview Medium to large organisations typically consist of services that are accessed/consumed from external parties for various purposes. As such, a DMZ is a suitable solution to segregate such services from internal networkis). The network diagram provided (Figure 1) illustrates the IT environment of a medium organisation, which...
1. Let’s consider the network shown in Figure 1 where Snort is deployed. 1.1: In Figure 1, why is Snort deployed in the DMZ instead of the Internal Network? (9 points) 1.2: In Figure 1, say True or False to the following statement: “Snort can see both incoming packets from the left firewall and outgoing packets from the right firewall”. (5 points) 1.3: In Figure 1, assume a packet P matches the following Snort rule when the packet is analyzed...
1. Which of the following commands will locate all of the program files on a computer on which the SUID bit is set? Select one: a. find / -type SUID b. find / -perm +4000 -type f c. find / -perm +SUID -type f d. find / -suid 2. A server/computer combination appears in both hosts.allow and hosts.deny. What's the result of this configuration when TCP wrappers runs? Select one: a. TCP wrappers refuses to run and logs an error...
Description: In this assignment, you will be launching a denial of service attack on a web server. We will be using hping3, a command-line oriented network security tool inside Kali Linux (an advanced penetration testing Linux distribution). Setting up the victim machine Download the Windows XP virtual machine with WebGoat server installed, using the following link. We will use this machine as the victim machine and launch a DoS attack on the WebGoat server.https://drive.google.com/open?id=0BwCbaZv8DevUejBPWlNHREFVc2s Open the victim machine and launch...
Answer these follwong questiong in great detail for a cyber secuirty/computer science class. 1. Consider the following firewall rule, and describe what this permits or denies: sudo /sbin/iptables -A INPUT --dport 23 -j DROP 2.If a service is allowed in one place and denied in another, what is the outcome? (For example, a service is listed in both hosts.allow and hosts.deny) Explain. 3.If a rule for a service does not exist in either one of the files hosts.deny or hosts.allow,...
Part - Web Server Setup and Demonstration (AJ Objective The objective of this assignment is to some HTTP as application layer protocol and TCP as reliable transport layer protocol HTTP is carried by TCP. Also, in the assignment you will investigate the working of client-server mechanism from both application and networking perspective There are several different ways to setup an HTTP server, including through Apache Tomcat, Apache Glassfish that integrales in an IDE such as Eclipse/NetBeans or even a browser...
1- It is advisable to have more than of form of defence, justify the advantages and disadvantages of that approach? 2- In what case you would recommend a screening router firewall architecture over screened host architecture? 3- You need to implement defence in depth for your entire organization. Your management is interested in deploying intrusion prevention systems. Your goal is to protect. 1) All the traffic flowing through a network 2) Endpoints from intrusions. Analyse the technologies you will be...
166 Chapter 8: TCP/IP Applications Getting Down to Business The way network communication all those ls and Os) goes in and out of a machine physically is through the NIC (network interface card). The way network communication goes in and out of a machine logically though, is through a program or service. A service is a program that runs in the background, independent of a logon, that provides functionalities to a system. Windows client machines, for instance, have a Workstation...
CHapter 8 from 978-0-13-408504-3 (Security in Computing 5th Edition) 1. Explain the differences between public, private, and community clouds. What are some of the factors to consider when choosing which of the three to use? 2. How do cloud threats differ from traditional threats? Against what threats are cloud services typically more effective than local ones? 3. You are opening an online store in a cloud environment. What are three security controls you might use to protect customers’ credit card...