- Home
- Free Samples
- IT Management
- MN502 Laboratory 8: Packet Filtering ...
MN502 Laboratory 8: Packet Filtering Firewalls Assessment Answer

MN502 Network Security
Laboratory 8: Packet Filtering Firewalls (IPTABLES)
Description of the laboratory exercise:
In this laboratory will explore the Linux firewall iptables. The first part of the lab will describe iptables, then basic commands, followed by some exercises.
Task 1: Running iptables
After completing all the steps in the manual for exercise one answer the following questions:
- Write a report on your understanding on how iptables works.
- Discuss how the computer system could be secured using iptables firewall.
Task 2: Explore the functionalities of iptables, the Linux firewall and write some rules
After completing all the steps in the manual for exercise two answer the following questions:
- Reject all ssh packets.
- Allow ssh remote connections.
- Deny ping.
- Reject all traffic coming to port 80.
- Block incoming traffic connection to your IP address of your virtual machine.
- Allow traffic coming to port 80 (inbound) but reject traffic going out (outbound) through port 80.
- What is the command to block the following subnet: 192.168.2.x?
- Describe what the following rules do:
- iptables -A INPUT -i lo -p all -j ACCEPT
- iptables -A INPUT -p all -s localhost -i eth0 -j DROP
- iptables -A INPUT -s 0/0 -i eth0 -d 192.168.1.1 -p TCP -j ACCEPT
- A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system. This is a well-known type of attack and is generally not effective against modern networks. It works if a server allocates resources after receiving a SYN, but before it has received the ACK. If Half-open connections bind resources on the server, it may be possible to take up all these resources by flooding the server with SYN messages. Syn flood is common attack and it can be blocked with iptable rules.
Can you craft iptable rules that can block SYN flooding attacks? Explain your work and rationale.
- Port knocking is a stealth method to externally open ports that, by default, the firewall keeps closed. It works by requiring connection attempts to a series of predefined closed ports. When the correct sequence of port "knocks" (connection attempts) is received, the firewall opens certain port(s) to allow a connection. The benefit is that, for a regular port scan, it may appear as the service of the port is just not available. This article shows how to use port knocking with either a daemon or with iptables only.
- Can you create a port knocking system only with iptable commands that will open up port 22 (SSH) when the remote host “knocks” on ports 2222, 3333, 4444 within 30 seconds?
- Can an attacker defeat the port knocking system? How?
Answer
For solution, connect with our online Professionals.

Customer Testimonials
ABC Assignment Help for one reason became my favorite because they don’t have a very complex signing up process and it’s very simple so everybody can use it. I was able to sign in without any hassle as my Company Law Assignment was due and they did it for me in a very efficient manner and I am very delighted with their service and a heartiest thanks.
Emily, Sydney
I work part time to meet my expenses apart from college and I took this as a decision to not burden my parents. A while later I started feeling great amount of stress in balancing it all together and decided to seek help from ABC Assignment Help for my Commercial Law Assignment and they did my assignment for me and I am super satisfied with their work style. Thank you so much.
Lawrence, Tasmania
I had a harsh week as I was extremely debilitated and every one of my assignments were getting excessively and caused me an incredible mental breakdown. A companion of mine seeing my circumstance asked me to utilize ABC Assignment encourage, their quick and efficient administrations helped me complete my Contract Law Assignment with less stress
Rihana, New South Wales