Lesson 10

Date: 4/2/2014

Basics of Linux Security

Linux for Engineering and IT Applications

IP filtering firewalls (iptables)

Packet filtering is implemented through Linux Kernel.

Linux network packet filtering tools:

   Kernel ≥ 2.4         iptables
   Kernel 2.2:          ipchains
   Kernel 2.0:          ipfwadm

Chains for network packets:

      INPUT
      OUTPUT
      FORWARD

Chains are combined into tables:

     filter (default)
     NAT
     mangle

Each of the chains filters data packets based on

Source and Destination IP

Source and Destination Port number

Network interface

State of the packet
Target for the rule:

     ACCEPT
     DROP
     REJECT
     QUEUE
     RETURN
     LOG

FILTER TABLE

Check iptables filter configuration:

/sbin/iptables -L -t filter

Reference: packet-filtering-HOWTO

Fundamentals of Linux security
How systems get compromised
Trojan script exercise
Stack overflow
Package upgrades and verification
Open Ports List exercise
Closing Ports
TCP Wrappers exercise
IP filtering firewalls (iptables)
Building iptables rules
Simple iptables script
NAT table
NAT script
Exercises with iptables
Port scanning exercises
GNU Privacy Guard
GPG exercises
Logs
System Integrity checks
GNUtar exercises
References
Take me to the Course Website