Linux Security Test Paper-1

Posted: March 17, 2015 in Question Paper
Tags: ,

We also welcome you to suggest few questions to enhance this test paper.

[1]What actually rule is specifying?

#iptables -A INPUT -p icmp –icmp-type any -j ACCEPT

# iptables -L OUTPUT -v -n  –x·

# iptables -A INPUT -p icmp –icmp-type echo-request -j DROP ·

# iptables -I INPUT 2 -t filter -s -j DROP

# iptables -A INPUT -t filter -d -j REJECT

# iptables -A INPUT -t filter -s -p tcp –dport 21 -s -j REJECT

# iptables -A OUTPUT -t filter -d -p udp –sport 143 -j REJECT

#iptables -A INPUT -p tcp –dport PORT -m mac ! –mac-source MAC-ADDRESS-HERE-TO-SKIP -j DROP ·

# iptables -I INPUT -m mac –mac-source 3E:D7:88:A6:66:8E -j ACCEPT ·

# iptables -I INPUT -p tcp –dport 22 -m mac –mac-source 3E:D7:88:A6:66:8E -j ACCEPT·

# iptables -A OUTPUT -d -j REJECT·

# iptables -A INPUT -s -p tcp –sport www -j DROP ·

# iptables -I INPUT -p tcp –dport 22 -m mac –mac-source 3E:D7:88:A6:66:8E -j REJECT 


[2]how to block  following using iptables?  


1) Blocking network

2) Blocking an IP address

3) Blocking Entire protocol stack

4) Blocking protocol

5) Blocking port(source port or Destination port)

[3]Answer below questions:

Configuration file of iptables

Commands for Starting iptables

Commands for Restarting iptables

Command for Checking iptables is running or not

Commands for Checking iptables is permanently on or not

[4]How to Secure Application Layer,Presentation Layer,Session Layer,Transport Layer,Network Layer and data-Link Layer  using iptables.Show by command line examples for each layer security.Two command line example for each layer.


[5]Answer following:

(a)How to insert firewall rules between specific lines?

(b)How to accept incoming tcp packets from a specific mac address only.?

(c) How to drop all out going tcp type ftp packets from a specific mac address?

(d)How to delete any firewall rules?Illustrate it with using 3 command line examples.

(e)How will you allow DNS access ( port 53) to system having physical address 3E:D7:88:A6:66:8E?

(f)iptables to reject all outgoing traffic to a specific remote host.

(g)iptables to drop incoming ping requests


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s