TOPIC COVERED:

• Firewall
• Telnet
• FTP
• Ping Command
FIREWALLS

A firewall is a security tool that helps protect a computer or network

by controlling the flow of data in and out. You can think of it like a
gatekeeper that checks all the information coming from the internet
or other networks and decides whether to allow it or block it based
on a set of rules. For example, if someone tries to access your
computer without permission, the firewall can block them.

HOW IS FIREWALLS PROVIDED THE SECURITY IN UNIX

ENVIRONMENTS

Firewalls in UNIX systems help protect your computer or server from

unwanted or dangerous network traffic. Think of a firewall like a
security guard at the entrance of a building. They check all the data
coming in or going out of your computer through the network and
decide what should be allowed and what should be blocked. This
helps protect your system from hackers, viruses, and other
unwanted connections.

Firewalls in UNIX can block suspicious traffic based on rules set by

the system administrator. For example, you can block unknown
users from accessing your server or only allow certain websites or
services to connect. UNIX systems use firewall tools like iptables,
nftables, pf, and firewalld to manage these rules.

These firewalls can also remember ongoing connections and only

allow responses to trusted ones. They can hide your system’s
internal details from outsiders using something called NAT (Network
Address Translation), and they can keep logs to help detect strange
or harmful activity.

However, firewalls are not enough on their own. They can’t stop all
types of attacks, especially if someone opens a harmful file or email.
That’s why it’s important to use firewalls along with other security
tools like antivirus and regular updates.

TYPES OF FIREWALLS

There are two main types of firewalls used in UNIX systems: host-
based firewalls and network-based firewalls.

a. Host Based Firewall: A host-based firewall works on just one

computer or server. It protects that single machine by checking the
data coming in and going out and deciding what is safe and what
should be blocked. This helps keep that specific computer safe from
hackers or harmful traffic.

b. Network Based Firewall: A network-based firewall protects

many computers at once by sitting at the point where the network
connects to the outside world, like the internet. It checks all the data
going into and out of the whole network and blocks anything
dangerous before it reaches the individual computers inside. This
type of firewall is usually used in companies or organizations to keep
all their computers safe.

USES OF FIREWALLS

Here are some important uses of firewalls explained in more detail:

1. Protecting Against Unauthorized Access: One of the main uses

of a firewall is to prevent unauthorized users, such as hackers or
cybercriminals, from gaining access to your computer or network.
The firewall acts like a security guard, only allowing trusted users
and devices to connect while blocking unknown or suspicious
 ones. This helps stop attackers from breaking into your system
and causing damage or stealing information.

2. Controlling Network Traffic: Firewalls manage the flow of data

entering and leaving your system based on a set of rules. These
rules can allow certain types of traffic, like web browsing or email,
while blocking others that are deemed unsafe or unnecessary.
This control helps ensure that only legitimate and secure
communication happens, reducing the risk of attacks or misuse of
network resources.

3. Preventing Malware and Attacks: Firewalls help stop malicious

software such as viruses, worms, and ransomware from spreading
through the network. By blocking suspicious data packets or
connections from unknown sources, firewalls reduce the chances
of malware entering your system and causing harm. This is
especially important for protecting sensitive information and
maintaining system stability.

4. Monitoring Network Activity: Firewalls often keep logs of network

traffic, which means they record information about the data
coming in and out of the system. These logs can be used by system
 administrators to detect unusual or suspicious activities, such as
repeated hacking attempts or data breaches. Monitoring helps in
early detection of threats and allows quicker responses to security
incidents.

5. Blocking Dangerous Websites or Services: Firewalls can be

configured to block access to harmful or inappropriate websites
and services. For example, in workplaces or schools, firewalls
may restrict access to social media or gaming sites to improve
productivity and reduce security risks. Blocking dangerous
websites also helps prevent users from accidentally downloading
malware or falling victim to phishing attacks.

6. Protecting Sensitive Data: By controlling which connections are

allowed, firewalls help safeguard private and sensitive information
from being stolen or leaked. For businesses, this is crucial to
protect customer data, financial records, and intellectual property.
Firewalls add an important layer of defense against data theft and
unauthorized access.

WORKING OF FIREWALL
A firewall in Linux controls the network traffic coming into and going
out of your computer. It uses rules that say what kind of traffic should
be allowed or blocked. You can create and manage these rules using
commands like iptables or nftables.

How it works step-by-step with commands:

1. Check current firewall rules:

You can see what rules are already set by running:

sudo iptables -L

This lists all the current rules that tell the firewall what traffic to allow
or block.

2. Allow certain traffic:

For example, if you want to allow web traffic (which uses port 80), you
can add a rule like:

sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT

This command means: “Add a rule (-A) to the incoming traffic chain
(INPUT) to accept (-j ACCEPT) any TCP packets (-p tcp) coming to
port 80 (--dport 80).”
3. Block unwanted traffic:

If you want to block traffic from a specific IP address, you can use:

sudo iptables -A INPUT -s 192.168.1.100 -j DROP

This tells the firewall to drop (ignore) all incoming packets from the IP
address 192.168.1.100.

4. Save your rules:

Rules you add are temporary and will be lost after reboot unless
saved. To save the current rules, you might use:

sudo iptables-save > /etc/iptables/rules.v4

This saves the rules, so they load automatically on startup.

What happens behind the scenes?

• When a data packet tries to enter or leave your system, the

firewall checks each rule one by one.
• It looks at details like where the packet is coming from, where it
wants to go, and which port it’s using.
• If a rule matches the packet, the firewall either allows it
(ACCEPT) or blocks it (DROP).
• If no rules match, it follows the default policy, which is usually
to block the traffic for safety.
TELL NET

Telnet is a network protocol that allows a user to connect to another

computer over the internet or a local network. When you use Telnet,
you're basically opening a text-based connection to another
computer, where you can log in and control it remotely—just like
you’re sitting in front of it. It was widely used in the past for managing
servers, especially Unix-based systems. However, Telnet is not
secure because it sends data (like usernames and passwords) as
plain text, so it has mostly been replaced by more secure tools like
SSH (Secure Shell).

USES OF TELNET

1. Remote Access to Computers:

Telnet is mainly used to connect and control a remote computer from

your own device. For example, a system administrator can use Telnet
to access a server located in another city or country. It’s like sitting in
front of that distant computer and using it through a simple
command-line interface.
2. Managing Network Devices:

Telnet is often used by IT professionals to log into network devices

such as routers, switches, or firewalls. From there, they can
configure settings, troubleshoot issues, or monitor device
performance using command-line commands.

3. Checking Open Ports:

Telnet can be used to test whether a specific network port on a server

is open and functioning properly. For instance, if a mail server is not
working, Telnet can check if the email port is reachable or blocked.

4. Running Commands on Remote Servers:

Through Telnet, users can execute system commands on a remote

server. This helps in performing tasks like checking system files,
restarting services, or monitoring server activities without physically
being there.

5. Testing Server Connections:

Telnet is a handy tool to test if a server is online and responding
correctly. For example, IT teams use Telnet to test connections to
services like SMTP (email) or HTTP (web servers) to ensure they're
working as expected.

BASIC TELNET COMMAND USAGE

In Linux, the Telnet command permits users to link with other servers
through the web on Telnet port 23, which is also common for network
connectivity tests, port checking, and remote admin. Below are
some common Telnet commands showcasing the ease of use.

Syntax:

telnet <hostname or IP address> [port]

Example 1: Connecting to a Remote Server

To establish a connection with a remote system using Telnet on

Linux Ubuntu, use:

telnet 192.168.1.1
This command will attempt to access the device at the specified IP
address connection with a remote system using Telnet
Example 2: Checking an Open Port

To check if port 80 (HTTP) is open on a website:

telnet example.com 80
If the connection is successful, the Telnet command Linux confirms
the port is open. Otherwise, it indicates that the port is closed or
blocked by a firewall.

Example 3: Logging into a Remote System

When Telnet login is enabled on a remote server, you can connect

and authenticate with valid credentials

telnet user@remote-host
• Enter the username and password when prompted.
• If login is successful, you can execute commands remotely.

Example 4: Creating a Login User for Telnet

To add a new user for Telnet login:

sudo adduser telnetuser

sudo passwd telnetuser

This creates a Telnet user named telnetuser with a secure

password.
FTP (File Transfer Protocol)

FTP (File Transfer Protocol) Server is used for transferring files

between computers on a network. An FTP server is a computer or
system set up to store files and allow users to upload (send) or
download (receive) files using the FTP protocol. It’s commonly used
to upload website files to a hosting server or share large files between
teams. Users can connect to the FTP server using an FTP client
software or even a web browser, and they may need a username and
password to access it.

USES OF FTP

1. Uploading Website Files:

One of the most common uses of an FTP server is to upload website

files such as HTML, CSS, images, and scripts. Web developers use
FTP clients like FileZilla to transfer files from their computer to a web
server to publish or update websites.

2. Downloading Large Files:

FTP servers are useful for hosting large files like software installers,
videos, or datasets that users can download easily. Unlike email,
which has file size limits, FTP can handle much bigger files without
problems.

3. Sharing Files with Teams:

Many companies set up internal FTP servers to allow employees to

share documents, presentations, and reports. It’s especially helpful
for teams working from different locations or when email isn't
suitable for large files.

4. Backing Up Data:

An FTP server can be used to create backups of important data. For

example, a business can schedule daily backups of its sales data or
employee records to an FTP server, ensuring that information is safe
in case of local computer failure.

5. Managing Files on a Remote Server:

With an FTP client, users can create folders, delete unwanted files,
rename documents, or move files between directories on the server.
It’s a simple way to keep remote files organized and up to date.

MANAGING FTP SERVER ON LINUX

On Linux systems, FTP (File Transfer Protocol) servers are commonly

used to allow file uploads and downloads between computers. One
of the most popular FTP servers is vsftpd (Very Secure FTP Daemon).
To manage this FTP service, Linux provides simple terminal
commands using systemctl, a tool that helps control services (like
FTP) running on your system.

Below are the basic commands to start, stop, and check the status
of the FTP server:

Start the FTP Server:

sudo systemctl start vsftpd

This command is used when you want to start the FTP server so that
users can begin connecting to it. For example, after installing vsftpd,
you need to start it before anyone can upload or download files. The
sudo at the beginning gives the command administrative rights
(because only an admin can start or stop services). This is useful
when your server just booted up or if you restarted the system.

Stop the FTP Server:

sudo systemctl stop vsftpd

This command is used to stop the FTP server. You may want to do this
if you’re performing maintenance, updating settings, or fixing a
security issue. Once the server is stopped, users will not be able to
connect or transfer files. This helps protect the server while changes
are being made or when FTP is not needed.

Check the Status of the FTP Server:

sudo systemctl status vsftpd

This command checks whether the FTP server is currently running or
stopped. It gives you useful information such as whether the service
is active, when it started, and if there are any errors. It’s a helpful
command when troubleshooting problems. For example, if users
report they can’t connect to the server, this command will show if it’s
running or not.

PING COMMAND

The PING (Packet Internet Groper) command is used to check the

network connectivity between the host and server/host. This
command takes as input the IP address or the URL and sends a data
packet to the specified address with the message "PING" and gets a
response from the server/host this time is recorded which is called
latency.

Basic Syntax of the Ping Command:

The basic syntax of the ping command is as follows:

ping [options] host_or_IP_address

Here, "host_or_IP_address" represents the destination you want to
ping.

Checking Internet Connection in Linux:

To check your internet connection using the ping command, open the
terminal and type the following command:

ping www.google.com

Replace "www.google.com" with the desired host or IP address you

want to ping. If the connection is successful, you will see a series of
responses displaying the round-trip time, indicating that your
internet connection is working. To stop pinging we should use ctrl+c
otherwise it will keep on sending packets.