Linux Security Test Paper-2

Posted: 17 Mar 2015 in Question Paper

[1]What actually rule is specifying? 12*5=60Marks
#iptables -t filter -A INPUT –S -j ACCEPT
# iptables –t filter –A INPUT –s –p tcp --dport ftp –j DROP

# iptables -t filter –A OUTPUT –d –p icmp –j DROP

#iptables -A INPUT -i eth1 -p tcp --destination-port 22 -m mac --mac-source 00:0F:EA:91:04:07 -j ACCEPT

#iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source 00:0F:EA:91:04:07 -j ACCEPT

# iptables -A INPUT -m mac --mac-source 00:0F:EA:91:04:08 -j DROP
# iptables -A INPUT -m state --state NEW,ESTABLISHED -j ACCEPT
# iptables -A INPUT -i eth1 -s -j DROP
# iptables -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
# iptables -A INPUT -p tcp --dport telnet -j REJECT
# iptables -A OUTPUT -p tcp --dport ssh -j REJECT
# iptables -A INPUT -i lo -j ACCEPT
# iptables -A INPUT -t filter ! -s -p tcp --dport 23 -j REJECT
iptables -A INPUT -t filter -m iprange ! --dst-range -p tcp --dport 22 -j REJECT

[2]how to block following using iptables? 5*3=15Marks

1) Blocking network
2) Blocking an IP address
3) Blocking Entire protocol stack
4) Blocking protocol
5) Blocking port(source port or Destination port)
6) domain

[3]Answer below questions: 5*2=10Marks
Configuration file of iptables

Commands for Starting iptables

Commands for Restarting iptables

Command for Checking iptables is running or not

Commands for Checking iptables is permanently on or not

[4]How to Secure Application Layer,Presentation Layer,Session Layer,Transport Layer,Network Layer and data-Link Layer using iptables.Show by command line examples for each layer security.Two command line example for each layer. 5*5=25Marks

[5]Answer Following: 8*5=40Marks
• How to insert firewall rules between line 3 and line 4?
• How to DROP outgoing udp packets from a specific mac address for a1.0.0.0/8 network only?
• How to accept all out incoming udp packets from a specific mac address?
• How to delete any firewall rules?Illustrate it with using 3 command line examples
• Drop ssh access to all except our own MAC Address
• Open http/https server port to all
• Reject all incoming telnet traffic except specified IP address.
.Reject all incoming ssh traffic except specified IP address range


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.