12-07-2009
3,
0
Join Date: Dec 2009
Last Activity: 17 December 2009, 7:03 PM EST
Posts: 3
Thanks Given: 0
Thanked 0 Times in 0 Posts
firewall query
Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted!
1. The problem statement, all variables and given/known data:
produce a report containing an iptable firewall definition for a system requproduce a report containing an iptable firewall definition for a system requiring the following features:
Full egress and ingress filtering (i.e. defaults are all REJECT)
The machine has only one network connection, eth0.
The machine runs ssh, telnet, apache, and qmail.
It should be able to surf the web, send email, and make DNS lookups.
The apache user should not be allowed to surf the web
You should make the rest of the rules as security focused (and sensible) as possible.
2. Relevant commands, code, scripts, algorithms:
3. The attempts at a solution (include all code and scripts):
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -P INPUT REJECT
iptables -P OUTPUT REJECT
iptables -P FORWARD REJECT
iptables -A INPUT -p --sport 22 -j ACCEPT
iptables -A INPUT -p --sport 23 -j ACCEPT
iptables -A INPUT -p tcp --sport -p 80 -j ACCEPT
iptables -A INPUT -p tcp --sport -p 25 -j ACCEPT
iptables -A INPUT -p udp --sport DNS -j ACCEPT
iptables -A OUTPUT state --state NEW -p tcp --sport -m owner --uid-owner=apache -j DROP
this is what i have so far any help appreciated
4. Complete Name of School (University), City (State), Country, Name of Professor, and Course Number (Link to Course):
Napier university, Edinburgh, G Russell, CSN11101
Note: Without school/professor/course information, you will be banned if you post here! You must complete the entire template (not just parts of it).