You are on page 1of 10

1.

Flush the rules and delete any existing rules a. Clear the iptables rule (screenshot) b. Turn off the windows firewall

2.

Show that you can ping/reply from both virtual machines. a. This means you can ping from the linux vm to the windows vm and vice versa b. (Screenshot)

3.

Create firewall rules specifically to allow PING on both computers a. On the windows vm just make sure icmp is allowed (screenshot), DROPPING everything else (firewall is now on) b. On the linux system create an actual firewall rule allowing icmp (ping requests) c. The linux firewall rule should be specific to the source of the windows ip address (as source) (screenshot) (on the INPUT there should be a drop after ping)

4.

Create a windows firewall rule allowing windows file sharing(port 445 tcp). a. Make the rule specific, allow only the linux vms ip address as the source. (screenshot with ip address of source)

5.

Create a linux firewall rule allowing http traffic and ssh traffic a. Create an inbound rule allowing http and ssh traffic i. The http rule should only allow the address 192.168.1.1 b. Create another rule below the 3 rules already created c. This rule will drop everything else (Screenshot)

6.

Create a rule allowing DNS (udp protocol) into the linux system. (screenshot)

7.

Create an ESTABLISHED rule for a port/protocol of your choosing (screenshot)

Lab Review Questions 1) In your own words, describe what you learned by completing this lab. If you learned nothing state that. A:) how to strengthened our firewall rules so that it becomes a little harder for hacker for hacker to hack the system, how to use firewall rues in Linux to strengthened the system as by default it has no firewall rules.

2) Mention two big differences between the Linux firewall and the Windows XP firewall?

A:) in windows whatever signal comes in is allowed back out automatically, but in linux we have to specify that by using established rule so that it allows message or signal back out.

windows firewall is basically already set and prompts us to on it at the install, whereas linux firewall is blank by default when installed and it also does not prompt to make the rules at startup.

3) What are some of the most common windows ports that are attacked/exploited?

A:) TCP 20 and 21 (File Transfer Protocol, FTP) TCP 23 (Telnet) TCP and UDP 53 (Domain Name System, DNS) TCP 79 (finger) TCP 80 (Hypertext Transfer Protocol, HTTP) UDP 161 and 162 (Simple Network Management Protocol, SNMP)

4) Explain what a remote exploit is and mention three ways to stop an attack from being successful. A:) a remote exploit is a exploit which works over network and takes advantages of the loops in the system, it also not need any prior accessibility to the vulnerable system or it does need any access to vulnerable system from the start it can hack or exploit the system and take control of it from over network, this can be done undetected in background. implement firewall rules such as it allows only know ip address to interact with it. close all the unwanted ports on which we are listening. implement firewall rules which do not allow download or to execute anything on our system without permission.

You might also like