[Type the document title]

[Type the document subtitle]

[Pick the date]

Windows User
Contents
Commands .................................................................................................................................................... 2
Reject all ssh packets. ............................................................................................................................... 2
Allow ssh remote connections .................................................................................................................. 3
Deny ping .................................................................................................................................................. 4
Reject all traffic coming to port 80 ........................................................................................................... 5
Block incoming traffic connection to your IP address of your virtual machine ....................................... 6
Allow traffic coming to port 80 (inbound) but reject traffic going out (outbound) through port 80 ........ 7
Report............................................................................................................................................................ 8
a) Experiment setup in Kali ...................................................................................................................... 8
b) IPTable advantages and disadvantages ................................................................................................. 9
c) Circuit relay firewall ........................................................................................................................... 10
References ................................................................................................................................................... 11

1
Commands

Reject all ssh packets.

2
Allow ssh remote connections

3
Deny ping

4
Reject all traffic coming to port 80

5
Block incoming traffic connection to your IP address of your virtual machine

6
Allow traffic coming to port 80 (inbound) but reject traffic going out (outbound) through
port 80

7
Report

a) Experiment setup in Kali

Task 1

Telnet #ssh-host #ssh-port

This will tell whether the ssh is blocked or not.

(Retrieved from http://serverfault.com/questions/567301/how-do-i-know-if-the-network-im-

inside-allows-me-to-use-ssh)

Task 2

# nmap host -PN -p ssh | egrep 'open|closed|filtered'

This will check whether the assumptions are allowed or not

(Retrieved from: http://stackoverflow.com/questions/1405324/how-to-create-a-bash-script-to-

check-the-ssh-connection)

Task 3

For checking the ping we can simply ping the service and check that I the server replies back

Task 4, 5 and 6

For testing whether the port is open or not, we can run the request

telnet myserver.com 80

By including the server address, and the port number, we can check whether the server is
blocked or not.

(Retrieved from: http://serverfault.com/questions/309052/check-if-port-is-open-or-closed-on-a-

linux-server)

8
b) IPTable advantages and disadvantages
Setting up a firewall is an indispensable walk to take in securing any present day working
structure.

Advantages

IP Tables is a standard fire wall fused into most Linux dispersals obviously.
It works by organizing each package that crosses the frames organization interface
against a course of action of precepts to pick what to do. The rules portray the qualities
that a package must need to arrange the regulation, and the move that should be made for
organizing bundles.
The association taking after segment of IP Tables is a to a great degree support thing.
You can use it to neutralize most TCP hijackings for non-IP Masqueraded clients that
experience the evil impacts of poor TCP gathering {quantity|amount} randomization.
With IP Tables, you can decide a compound string to travel before the logged message,
comprehending why a package was logged substantially more straightforward.
Setting up a firewall is an imperative stroll to take in securing any present day working
structure.

Disadvantage

Packets being coordinated through the structure are not arranged up by both of the
INPUT or OUTPUT chains, only the FORWARD and NAT chains. You need to in this
way have a substitute strategy of principles for packages to and from the fire wall than for
groups being sent.
IP Tables does not support certain organizations. These types of fuse entertainments like
Quake and Unreal Tournament, and organizations like Real Audio and ICQ.
The "- C" charge in IP Chains allowed you to ask, "If I had developed a package with this
custom, source and objective IP, and ports, and these options, would it be recognized,
denied, or expectorates?" This summon no longer exists in IP Tables.

Proposals the essential of the IP Tables firewall is to overhaul and incorporate new organizations
it with the objective that it can work gainfully.

9
c) Circuit relay firewall
A circuit transfer firewall is a kind of security firewall (focus singular server) that gives a
controlled structure relationship among inside and outside systems (that is, there is no "air hole").
A virtual "circuit" exists between inside client and the delegate server. Web requests encounter
this circuit to the inside individual server, and the center individual server passes on those
arrangements to the Internet in the wake of changing the IP (Internet Protocol) address. Outside
customers simply watch the IP address of the go between servers. Responses are then gotten by
the go-among server and sent back through the circuit to the client. While movement is allowed
through, outside structures never watch the inside systems. This sort of association is routinely
used to interface "place stock in" inside customers to the Internet.

Connection Secure (SOCKS) is an Internet tradition that exchanges organize packages between a
client and server through a middle person server. SOCKS5 additionally gives endorsement so
just embraced clients may get to a server. In each down to earth detect, a SOCKS server
delegates TCP association with a subjective IP address, and gives a way to deal with UDP packs
to be sent.

Use: SOCKS is a recognized standard for circuit-level gateways.Another use of SOCKS is as a

circumvention mechanical get together, engaging activity to sidestep Internet disengaging to get
the chance to content generally blocked, e.g., by governments, working environments, and nation
particular web associations. Some SSH suites, for example, OpenSSH, fortify dynamic port
sending that engages the client to influence an adjoining SOCKS to go between. This can free
the client from the confinements of interfacing just to a predefined remote port and server.

10
References
What is frame relay? - Definition from WhatIs.com. (n.d.). Retrieved from
http://searchenterprisewan.techtarget.com/definition/frame-relay

How the Iptables Firewall Works | DigitalOcean. (n.d.). Retrieved from

https://www.digitalocean.com/community/tutorials/how-the-iptables-firewall-works

Circuit relay firewall - Circuit relay firewall . (2017). Ietf.org. Retrieved from
https://www.ietf.org/rfc/rfc1928.txt

Application Layer Firewall. (n.d.). Retrieved from https://f5.com/glossary/application-layer-

firewall

What are the advantage and disadvantage of firewalls with iptables ?. (2017). Linux.com | The
source for Linux information. Retrieved from https://www.linux.com/answers/what-are-
advantage-and-disadvantage-firewalls-iptables-0

11