Firewalling

In this week’s assignment, we are going to make use of a classic mitigation tool, the firewall. In our virtual machines, we already have a firewall installed, but it will not be configured in its default state. This firewall is named iptables. From a command prompt, you can execute the command “iptables -L” (capitals matter) to show any rules and confirm it is not configured with any rules. The language for creating firewall rules can be a bit difficult to understand at first, but we’ll make some basic rules and verify their functions. To do that, we are going to use another installed program, called netcat. Netcat allows you to communicate over a network connection. To test this, you’ll need to open two terminal windows. In the first window, you’ll need to execute the command “nc -l <port>” where you’ll choose a port number on which to listen. Then, on your second terminal, you’ll need to execute the command “nc localhost <port>” on the same port as before. If you type on one terminal and press enter, it will send it over the network connection to the other terminal. Take a screenshot of both sides of the communication.  

Now that we’ve established a network connection, we are going to block it using iptables. Type the following command: “iptables -A INPUT -i lo -p tcp --dport <port> -j DROP”. Use the same port value as before. Verify your rule was inserted with “iptables -L” again. Now, repeat the netcat process and document what happens with screenshots. Type “iptables -F” to flush the rules and clear it out. Next, you’ll be setting a default drop rule using “iptables -P INPUT DROP”. (If you are connected to your virtual machine remotely rather than a local terminal, this will drop your connection.) With the default drop rule, try your netcat commands again and document what happens. Now, your goal will be to open a port for your netcat to work. Create an iptables rule that allows a port to connect, and then confirm that your netcat command works again. You can use intuition based on what we’ve done already, the netcat main page, or a variety of tutorials or examples online. Take a screenshot of the success and the output of your “iptables -L” command.  

At the conclusion of your assignment, execute the command “iptables -P INPUT ACCEPT” to undo our default drop.  

For your submission, include labeled screenshots of: 

· Initial netcat success 

· Netcat failure with your DROP rule in place 

· Netcat success with a default DROP and your crafted rule enabled 

· The final output of “iptables -L” 

Parameters

· The assignment should be double-spaced, 12-point Times New Roman font, with one-inch margins

· Use APA for citing references and quotations