- Firewall (packet filter)
- Default rules
- Hardware vs. Software
- Stateful vs. Stateless
- Know the basic rules for setting up a firewall
- Configure a basic IPtables firewall
- Understand the difference between a stateful/stateless
iptables -t filter -L -nv | less
levy.pl (--log-level info)
/sbin/iptables -A DUMP -p tcp --dport 137:139 -j DROP
/sbin/iptables -A DUMP -p udp --dport 137:139 -j DROP
nmap and nmapfe
nmap -vv -sS -p 1-65535 -T insane -O -P0 140.198.x.x
then copy that to /etc/sysconfig/iptables for redhat's setup
Assuming you have rpmforge as a repository, do the following:
yum install nmap-frontend
- What is a stateful firewall? How is it better/worse than a stateless
- What type of firewall would be best for ftpd?
- What are the limitations of firewalls? Why would adding snort in
addition to a firewall be a good idea?
- What should the default rules be on a firewall for INPUT, OUTPUT and
FORWARD? (With iptables, using stateful rules, is that still considered
- Why will you get a different result if you scan your system's firewall
from the inside vs. the "outside"?
- What is NAT? How about VPN?
- Make an iptables script (use firestarter if you wish)
- Then turn off portsentry
- Go to GRC.com and try both
"Shields up" and Probe my Ports
- (WAIT! DON'T DO this yet!)Go to Hacker
Whacker click on "Free Security Scan" and give them an email you can
access easily and scan yourself (I want a copy of the results).
DON'T do this unless you have portsentry off, your firewall configured and
all your updates in place.
- Scan Each Other
- Person scanning must turn firewall off
- Person BEING scanned must kill portsentry
- Person scanning types "zenmap" as root
- Person scanning checks ports 1-65535
- Person Scanning puts in the other persons IP#
- Person Scanning then copies results to a file and
prints them for the teacher.
- You then reverse roles (ie turn firewall back on while
other turns it off, same for portsentry)
This page last updated on: