Complete Lab Assignment

profilemarn08

 

Lab #9:

 

Construct a Linux Host Firewall and Monitor for IP Traffic

 

Instructor Name:

 

 

 

 

 

Construct a Linux Host Firewall and Monitor for IP Traffic

 

 

 

Internal Firewall Policy Definition

 

 

 

Configure your “TargetUbuntu02” desktop Linux internal host IP stateful firewall according to the following policy definition. Test and validate your implementation after you configure it based on the policy definition.

 

 

 

The following is your Ubuntu internal firewall policy definition:

 

 

 

• Deny incoming traffic

 

• Deny the following specific applications:

 

• TFTP

 

• Telnet

 

• SNMP

 

• ICMP

 

• FTP

 

• Allow the following specific applications under “Advanced” settings:

 

• SSH

 

• SMTP

 

• POP3

 

• HTTPS

 

• HTTP

 

Make a screen capture of the changes you made to the configuration and paste it into the text document.  Use the File Transfer button tto download the text fi le to your local computer and submit it as part of your deliverables.

 

 

 

 


Lab Assessment Questions

 

 

 

  1. Briefly explain how the Gufw internal Ubuntu host IP stateful firewall can be used in a layered security strategy at the workstation domain level.

     

     

     

     

  2. Briefly explain how each of the Linux-based tools demonstrated in this lab can be used to monitor bandwidth, protocol, and network traffic information.

     

     

     

     

  3. Given that the Ubuntu internal firewall is not installed by default, should you enable this firewall if your organization already has a firewall at your LAN-to-WAN domain’s Internet ingress/egress point? Why or why not?

     

     

     

     

  4. How do you block specific ports and IP ranges from communicating via TCP/IP to and from your Ubuntu Target VM using Gufw?

     

     

     

     

  5. Other than Deny or Allow incoming connections, what other options are available in Ubuntu’s internal firewall? Why would they include any additional option?

     

     

     

     

  6. What usefulness is there in monitoring IP traffic to and from an individual workstation or server?

     

     

     

     

  7. Explain both the information systems security practitioner and hacker perspectives of using a security scanning application against a protected or unprotected host.

     

     

     

     

  8. How are you going to test if your internal firewall configuration is working properly?

     

     

     

     

  9. Define a test plan to test, verify, and monitor traffic on your internal Ubuntu Target VM.

     

     

     

  10. This is a two–part, real-world scenario question. Read the REQUIREMENTS section. Then, based on the requirements, answer PART A with a technical solution using the tools demonstrated in this lab and answer PART B with a written explanation and justification for your solution.

     

    You must use at least two of the following Linux-based IP monitor tools presented in this lab in your realworld example: bmon, iftop, pktstat, iperf, and/or tcptrack.

     

     

     

    Requirements: A strategy is required to effectively monitor IP traffic on an individual server as well as many servers on a “point in time” as well as on an “over time” basis. There is also a requirement to automate the alerting of potential issues based on changes in network utilization.

     

     

    Part A: Give a real-world example of how you could meet this requirement with the use of tools presented in this lab and the use of any other available resources, such as scripts, alerts, output formats, or scheduled tasks (i.e., cron jobs).

     

     

    Part B: Explain the usefulness and benefits of your real-world example to an organization and support your reasoning with technical facts and security in mind. Did you meet the requirements? Why or why not?

     

     

    • 9 years ago
    • 20
    Answer(1)

    Purchase the answer to view it

    blurred-text
    NOT RATED
    • attachment
      compscience.docx