ipchains - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

ipchains

Description:

A firewall is a basic and essential component of any network security system. ... Apr 28 01:38:28 time and date. www machine name. kernel: record by kernel ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 21
Provided by: insaCom
Category:
Tags: and | date | ipchains | time

less

Transcript and Presenter's Notes

Title: ipchains


1
ipchains
  • A packet-filtering Firewalls supported by Linux
    distributions

2
Description
  • A firewall is a basic and essential component of
    any network security system.
  • ipchains is a packet-filtering firewall for Linux
    distribution.
  • ipchains does not look at the content of the
    packet but the header.

3
Objective
  • Knowing about the packet-filtering firewall
    working
  • Teach basic firewall scripting and rule
    definitions

4
System Requirements install
  • Linux distribution with kernel version 2.1.x or
    above.
  • Linux kernel built-in
  • If support ip_tables, its needs Linux
    distribution with kernel version 2.3.x or above

5
Challenge Procedure
  1. Create shell variables for better scripting
  2. Properly secure the firewall script
  3. Establish a deny-all policy
  4. Allow loopback traffic
  5. Allow outbound web traffic
  6. Create ingress and egress filters.
  7. Restore the default firewall script.

6
Basic format of an ipchain rule
  • ipchain AI chain i interface -p protocol
    -s source address portport -d destination
    address portport -j action -l
  • -AI append or insert
  • chain input, output, forward
  • -p ICMP, UDP, TCP, all
  • -j allow, deny, reject
  • -l log

7
Step-by-Step (0)
  • pre-scan the local status

8
Step-by-Step (1)
  • Define variables in firewall.sh

9
Step-by-Step (2)
  • vi firewall.sh
  • sh firewall.sh

10
Step-by-Step (3)
  • scan after the firewall open
  • scan by nmap P0 sT 127.0.0.1

11
Step-by-Step (4)
  • Enable the loopback interface

12
Step-by-Step (4)
  • rescan the loopback interface

13
Step-by-Step (5)
  • rescan the loopback interface by an external
    address

14
Step-by-Step (5)
  • All for outbound web traffic

15
Step-by-Step (5)
  • Block inbound packets from private address

16
Step-by-Step (5)
  • Block outbound packets from private address

17
Step-by-Step (6)
  • Show the ipchains rule

18
Step-by-Step (7)
  • Flush the ipchains rule

19
ipchain log
  • Apr 28 013828 time and date
  • www machine name
  • kernel record by kernel
  • Packet log message from ipchain
  • input the rule
  • REJECT the rules target
  • eth0 interface
  • PROTO-1 protocol number (ICMP1) (TCP6)
  • 192.168.0.38 source ip address and port
  • 192.168.1.10 destination ip address and port
  • L-60 packets length
  • S-0x00 Type of service
  • I-7476 IPs ID
  • F-0x0000 IP fragement
  • T-32 Time to Live

20
Summary what do you learn?
  • Firewalls are one the basic component of network
    perimeter to determine what traffic should be
    allowed in or out of the network.
  • A packet-filtering firewall make it blocking
    decisions based on the data contained in the
    packet header.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "ipchains" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!