Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Linux > Firewalls > Flashcards

Firewalls Flashcards

1
Q

ip-table chains

A

Assume we have 2 if-s: eth0, eth1 on the PC
INPUT Chain: from outside to eth0
OUTPUT Chain: from eth0 outside
from eth0 to eth1 and visa versa: FORWARD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Add an entry into iptable to allow outgoing ssh traffic

A 
iptables -I/A CHAIN [-i/o ifname] [-s/d ip-address]
-p udp/tcp --dport/sport nn -j LOG/ACCEPT/DROP/REJECT
A-append
i/o -network card (eth0 or eth1)
s-source address
d-destination address
dport/sport -dest port
sport- source port
nn -port number

iptables -A OUTPUT -p tcp –dport 22 -j ACCEPT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

List iptables entries

A

iptables -L

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Add policy into iptables

A

iptables -P INPUT DROP
iptables -P OUTPUT DROP
-P -policy OUTPUT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Add an entry into iptable to allow incoming traffic, when ssh connection was established with remote server

A

iptables -A INPUT -m state –state established,related -j ACCEPT
-m match

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

UFW, check status and enable ufw

A
  1. ufw status

2. ufw enable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

UFW

  1. Allow all ssh traffic
  2. Reject outgoing ssh traffic
  3. Delete rejected outgoing ssh traffic
A
  1. ufw allow ssh
  2. ufw reject out ssh
  3. ufw delete reject out ssh
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

UFW deny outgoing ssh tcp traffic from 1.2.3.4

A

ufw deny proto tcp from 1.2.3.4 to any port 22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

UFW Reset all rules

A

ufw reset

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

UFW list available applications

Get info about specified app

A

ufw app list

ufw app info Samba

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

UFW enable logging

A

ufw logging on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Firewalld

A

Zone: a collection of network cards to which rules can be assigned

Interfaces: individual network cards, always assigned to zones

Services: xml-based conf that specified ports to be opened and modules that should be used

Forward ports: used to send traffic coming in on specific port to another port, which may be on another machine

Masquerading: provides NAT

Reach rules: extension to firewalld to make more complex conf possible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
Firewalld:
Show current conf
Show services of current zone (subset of --list-all command)
Get available services
Add service
Remove service
A 
firewall-cmd --list-all
firewall-cmd --list-services
firewall-cmd --get-services
firewall-cmd -add-service=service
firewall-cmd --remove-service=service
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Firewalld:

add service

A

firewall-cmd –add-service=https –permanent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Linux (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions