1. You have a web server running on port 8888 in a Linux computer, but without...
1. You have a web server running on port 8888 in a Linux computer, but without any firewall rules in place for protection.
Now, you want to use iptables to protect the website so that only computers from address 172.90.0.0/16 but excluding 172.90.255.0/24 can access the web server.
Show the commands of iptables that add the Linux firewall rules to enforce the protection.
Homework Answers
- Iptables may be a package and kernel module for UNIX that uses World Wide Web filter hooks at intervals the UNIX kernel to supply filtering, network address translation, and packet mangling.
- Iptables may be a powerful tool for turning a daily UNIX system into an easy or advanced firewall.
- Managing the iptables daemon is simple to try to, however the procedure differs between UNIX distributions. Here some things to stay in mind.
- Firstly, completely different completely different UNIX distributions use different daemon management systems. Every system has its own set of commands to try to to similar operations.
- The most unremarkably used daemon management systems SysV and System.
- Secondly, the daemon name must be renowned. During this case the name of the daemon is iptables.
- Each line of associate iptables script not solely features a jump, however they even have variety of instruction choices that accustomed append rules to chains that match your outlined packet characteristics, such the supply IP address and protocol port.
- There are choices which will be accustomed simply clear a sequence therefore you'll begin everywhere once more
- Many choices may be used with the iptables command. As explicit on top of, iptables sets the foundations that management network traffic.
- You’ll outline completely different tables to handle these rules through chains, lists of rules that match a set of packets.
- The table contains a range of intrinsic chains; however you'll add your own.
Add Answer to:
1. You have a web server running on port 8888 in a Linux
computer, but without...
You are to create and apply a firewall rule set on your Ubuntu server and each...
You are to create and apply a firewall rule set on your Ubuntu server and each rule should be commented. Make sure to use variables for the IP addresses in your firewall. It's good practice and if I have to test one or more of your rules, I can replace the address in the variable. For any packets you REJECT or DENY, those should be logged. That means you'll need to modify the rule so that if the rule matches...
Figure 1 LAN Subnet: 192.168.40.0124 LAN Switch Internet External Firewall Internal Firewall DMZ Subnet: 192.168.10.0/24 LAN devices Web Server running on port 80 IDS (Snort VM) Remote Access S...
Figure 1 LAN Subnet: 192.168.40.0124 LAN Switch Internet External Firewall Internal Firewall DMZ Subnet: 192.168.10.0/24 LAN devices Web Server running on port 80 IDS (Snort VM) Remote Access Server (Nginx VM) (OpenVPN) Overview Medium to large organisations typically consist of services that are accessed/consumed from external parties for various purposes. As such, a DMZ is a suitable solution to segregate such services from internal networkis). The network diagram provided (Figure 1) illustrates the IT environment of a medium organisation, which...
1. Let’s consider the network shown in Figure 1 where Snort is deployed. 1.1: In Figure...
1. Let’s consider the network shown in Figure 1 where Snort is
deployed.
1.1: In Figure 1, why is Snort deployed in the DMZ instead of
the Internal Network? (9 points)
1.2: In Figure 1, say True or False to the following statement:
“Snort can see both incoming packets from the left firewall and
outgoing packets from the right firewall”. (5 points)
1.3: In Figure 1, assume a packet P matches the following Snort
rule when the packet is analyzed...
1. Which of the following commands will locate all of the program files on a computer...
1. Which of the following commands will locate all of the program files on a computer on which the SUID bit is set? Select one: a. find / -type SUID b. find / -perm +4000 -type f c. find / -perm +SUID -type f d. find / -suid 2. A server/computer combination appears in both hosts.allow and hosts.deny. What's the result of this configuration when TCP wrappers runs? Select one: a. TCP wrappers refuses to run and logs an error...
Description: In this assignment, you will be launching a denial of service attack on a web...
Description: In this assignment, you will be launching a denial of service attack on a web server. We will be using hping3, a command-line oriented network security tool inside Kali Linux (an advanced penetration testing Linux distribution). Setting up the victim machine Download the Windows XP virtual machine with WebGoat server installed, using the following link. We will use this machine as the victim machine and launch a DoS attack on the WebGoat server.https://drive.google.com/open?id=0BwCbaZv8DevUejBPWlNHREFVc2s Open the victim machine and launch...
Answer these follwong questiong in great detail for a cyber secuirty/computer science class. 1. Consider the...
Answer these follwong questiong in great detail for a cyber secuirty/computer science class. 1. Consider the following firewall rule, and describe what this permits or denies: sudo /sbin/iptables -A INPUT --dport 23 -j DROP 2.If a service is allowed in one place and denied in another, what is the outcome? (For example, a service is listed in both hosts.allow and hosts.deny) Explain. 3.If a rule for a service does not exist in either one of the files hosts.deny or hosts.allow,...
Part - Web Server Setup and Demonstration (AJ Objective The objective of this assignment is to...
Part - Web Server Setup and Demonstration (AJ Objective The objective of this assignment is to some HTTP as application layer protocol and TCP as reliable transport layer protocol HTTP is carried by TCP. Also, in the assignment you will investigate the working of client-server mechanism from both application and networking perspective There are several different ways to setup an HTTP server, including through Apache Tomcat, Apache Glassfish that integrales in an IDE such as Eclipse/NetBeans or even a browser...
1- It is advisable to have more than of form of defence, justify the advantages and...
1- It is advisable to have more than of form of defence, justify the advantages and disadvantages of that approach? 2- In what case you would recommend a screening router firewall architecture over screened host architecture? 3- You need to implement defence in depth for your entire organization. Your management is interested in deploying intrusion prevention systems. Your goal is to protect. 1) All the traffic flowing through a network 2) Endpoints from intrusions. Analyse the technologies you will be...
166 Chapter 8: TCP/IP Applications Getting Down to Business The way network communication all those ls...
166 Chapter 8: TCP/IP Applications Getting Down to Business The way network communication all those ls and Os) goes in and out of a machine physically is through the NIC (network interface card). The way network communication goes in and out of a machine logically though, is through a program or service. A service is a program that runs in the background, independent of a logon, that provides functionalities to a system. Windows client machines, for instance, have a Workstation...
CHapter 8 from 978-0-13-408504-3 (Security in Computing 5th Edition) 1. Explain the differences between public, private,...
CHapter 8 from 978-0-13-408504-3 (Security in Computing 5th Edition) 1. Explain the differences between public, private, and community clouds. What are some of the factors to consider when choosing which of the three to use? 2. How do cloud threats differ from traditional threats? Against what threats are cloud services typically more effective than local ones? 3. You are opening an online store in a cloud environment. What are three security controls you might use to protect customers’ credit card...
Figure 1 LAN Subnet: 192.168.40.0124 LAN Switch Internet External Firewall Internal Firewall DMZ Subnet: 192.168.10.0/24 LAN devices Web Server running on port 80 IDS (Snort VM) Remote Access Server (Nginx VM) (OpenVPN) Overview Medium to large organisations typically consist of services that are accessed/consumed from external parties for various purposes. As such, a DMZ is a suitable solution to segregate such services from internal networkis). The network diagram provided (Figure 1) illustrates the IT environment of a medium organisation, which...
1. Let’s consider the network shown in Figure 1 where Snort is
deployed.
1.1: In Figure 1, why is Snort deployed in the DMZ instead of
the Internal Network? (9 points)
1.2: In Figure 1, say True or False to the following statement:
“Snort can see both incoming packets from the left firewall and
outgoing packets from the right firewall”. (5 points)
1.3: In Figure 1, assume a packet P matches the following Snort
rule when the packet is analyzed...
Part - Web Server Setup and Demonstration (AJ Objective The objective of this assignment is to some HTTP as application layer protocol and TCP as reliable transport layer protocol HTTP is carried by TCP. Also, in the assignment you will investigate the working of client-server mechanism from both application and networking perspective There are several different ways to setup an HTTP server, including through Apache Tomcat, Apache Glassfish that integrales in an IDE such as Eclipse/NetBeans or even a browser...
166 Chapter 8: TCP/IP Applications Getting Down to Business The way network communication all those ls and Os) goes in and out of a machine physically is through the NIC (network interface card). The way network communication goes in and out of a machine logically though, is through a program or service. A service is a program that runs in the background, independent of a logon, that provides functionalities to a system. Windows client machines, for instance, have a Workstation...
Most questions answered within 3 hours.
-
The ages of a group of
147
randomly selected adult females have a standard deviation of...
asked 1 minute ago -
Blood alcohol content (BAC) is a measure of how much alcohol is
in someone’s blood. It...
asked 8 minutes ago -
A flow rate of 0.4 m / s of air enters a compressor at 100 kPa....
asked 36 minutes ago -
Write a balanced chemical equation for the reaction between HCl
and NaOH. Be sure to include...
asked 41 minutes ago -
A 200 g mass is gently hung on a vertical spring which stretches
it 20cm before...
asked 43 minutes ago -
Elaborate on some of the difficulties in determine the value of
information, as well as the...
asked 40 minutes ago -
A person wants to use a lever to lift a dumpster weighing 4700
N. The lever...
asked 45 minutes ago -
Hello,
Can you assist with the 2 part multiple choice question?
1A) Which of the following...
asked 1 hour ago -
A municipal bond you are considering as an investment currently
pays a yield of 6.82 percent....
asked 1 hour ago -
My Ebook is already expired. How could I keep using it since it
is very helpfull...
asked 1 hour ago -
describe in detail your "perfect" place to study in your home
giving great detail to how...
asked 1 hour ago -
Decide with a brief explanation of the following statements
about reaction rates and catalysis are true:...
asked 1 hour ago