answer the questions only
LAB #9 – ASSESSMENT SPREADSHEET
Construct a Linux Host Firewall and Monitor for IP Traffic
Course Name and Number:
Student Name:
Instructor Name:
Lab Due Date:
Internal Firewall Policy Definition Configure your “TargetUbuntu02” desktop Linux internal host IP stateful firewall according to the following policy definition. Test and validate your implementation after you configure it based on the policy definition. The following is your Ubuntu internal firewall policy definition:
• Deny incoming traffic • Deny the following specific applications:
• TFTP
• Telnet
• SNMP
• ICMP
• FTP
• Allow the following specific applications under “Advanced” settings:
• SSH
• SMTP
• POP3
• HTTPS
• HTTP
Make a screen capture of the changes you made to the configuration and paste it into the text document. Use the File Transfer button to download the text file to your local computer and submit it as part of your deliverables.
130 Lab #9 | Construct a Linux Host Firewall and Monitor for IP Traffic
38504_LB09_Pass1.indd 130 25/02/13 3:00 PM
C o
nstruct a Linux H o
st Firew all
and M
o nito
r fo r IP Traffi
c
LAB #9 – ASSESSMENT WORkSHEET
Construct a Linux Host Firewall and Monitor for IP Traffic
Course Name and Number:
Student Name:
Instructor Name:
Lab Due Date:
Overview In this lab, you configured the Gufw Ubuntu host IP stateful firewall as an internal service running on the Linux desktop. By defining what IP traffic is allowed and what IP traffic is denied, you implemented another layer of security in your overall layered security strategy. In addition, you explored some useful network management and security operation tools, which can be enabled to monitor your IP traffic and security functions.
Lab Assessment Questions & Answers
1. Briefly explain how the Gufw internal Ubuntu host IP stateful firewall can be used in a layered security strategy at the workstation domain level.
2. Briefly explain how each of the Linux-based tools demonstrated in this lab can be used to monitor bandwidth, protocol, and network traffic information.
9 Assessment Worksheet 131
38504_LB09_Pass1.indd 131 25/02/13 3:00 PM
3. Given that the Ubuntu internal firewall is not installed by default, should you enable this firewall if your organization already has a firewall? Why or why not?
4. How do you block specific ports and IP ranges from communicating via TCP/IP to and from your Ubuntu Target VM using Gufw?
5. Other than Deny or Allow incoming connections, what other options are available in Ubuntu’s internal firewall? Why would they include any additional option?
6. What usefulness is there in monitoring IP traffic to and from an individual workstation or server?
132 Lab #9 | Construct a Linux Host Firewall and Monitor for IP Traffic
38504_LB09_Pass1.indd 132 25/02/13 3:00 PM
C o
nstruct a Linux H o
st Firew all
and M
o nito
r fo r IP Traffi
c
7. How are you going to test if your internal firewall configuration is working properly?
8. This is a two–part, real-world scenario question. Read the REQUIREMENTS section. Then, based on the requirements, answer PART A with a technical solution using the tools demonstrated in this lab and answer PART B with a written explanation and justification for your solution.
You must use at least two of the following Linux-based IP monitor tools presented in this lab in your real- world example: bmon, iftop, pktstat, iperf, and/or tcptrack.
REQUIREMENTS: A strategy is required to effectively monitor IP traffic on an individual server as well as many servers on a “point in time” as well as on an “over time” basis. There is also a requirement to automate the alerting of potential issues based on changes in network utilization.
PART A: Give a real-world example of how you could meet this requirement with the use of tools presented in this lab and the use of any other available resources, such as scripts, alerts, output formats, or scheduled tasks (i.e., cron jobs).
9 Assessment Worksheet 133
38504_LB09_Pass1.indd 133 25/02/13 3:00 PM
PART B: Explain the usefulness and benefits of your real-world example to an organization and support your reasoning with technical facts and security in mind. Did you meet the requirements? Why or why not?
134 Lab #9 | Construct a Linux Host Firewall and Monitor for IP Traffic
38504_LB09_Pass1.indd 134 25/02/13 3:00 PM
- Course Name and Number:
- Student Name:
- Instructor Name:
- Lab Due Date:
- Course Name and Number_2:
- Student Name_2:
- Instructor Name_2:
- Lab Due Date_2:
- strategy at the workstation domain level 1:
- strategy at the workstation domain level 2:
- strategy at the workstation domain level 3:
- strategy at the workstation domain level 4:
- bandwidth protocol and network traffic information 1:
- bandwidth protocol and network traffic information 2:
- bandwidth protocol and network traffic information 3:
- bandwidth protocol and network traffic information 4:
- bandwidth protocol and network traffic information 5:
- organization already has a firewall Why or why not 1:
- organization already has a firewall Why or why not 2:
- organization already has a firewall Why or why not 3:
- organization already has a firewall Why or why not 4:
- Target VM using Gufw 1:
- Target VM using Gufw 2:
- Target VM using Gufw 3:
- Target VM using Gufw 4:
- firewall Why would they include any additional option 1:
- firewall Why would they include any additional option 2:
- firewall Why would they include any additional option 3:
- firewall Why would they include any additional option 4:
- 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 1:
- 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 2:
- 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 3:
- 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 4:
- 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 5:
- 7 How are you going to test if your internal firewall configuration is working properly 1:
- 7 How are you going to test if your internal firewall configuration is working properly 2:
- 7 How are you going to test if your internal firewall configuration is working properly 3:
- 7 How are you going to test if your internal firewall configuration is working properly 4:
- scheduled tasks ie cron jobs 1:
- scheduled tasks ie cron jobs 2:
- scheduled tasks ie cron jobs 3:
- scheduled tasks ie cron jobs 4:
- scheduled tasks ie cron jobs 5:
- scheduled tasks ie cron jobs 6:
- scheduled tasks ie cron jobs 7:
- Why or why not 1:
- Why or why not 2:
- Why or why not 3:
- Why or why not 4:
- Why or why not 5:
- Why or why not 6:
- Why or why not 7:
- Why or why not 8: