FIT5044 –Assignment2(25%) – Firewall with iptables on Linux
You can use your laptop computer to do your assignments and bring it to the interview for the demonstration.
Individual Assignment (25%) – Due at 4PM Fri week 9
(Assignment box is at the School Office on Level 6 of H Building)
You are required to set up, configure, and test yourfirewall. You need to do the research and reading to be able to complete this assignment.
You have to discuss the main use, limitations, and possible security holes of your firewall and write it in your report (hint: many websites about Linux firewalls can be very helpful to your work).
Important:
You need to save copies of all different configurations (for each part) that you have doneand record related information for the interview. You may overwrite some part when you do the others that you need later when you write the report or demonstrate it to your tutor. (You should put your firewall rules in files)
Configure your firewall to:
1. reject all ftp packets.
2. allow ssh remote connections.
3. deny ping.
4. reject all traffic coming to port 21 and 80.
5. reject all traffic coming to all UDP ports (see if you can block all of them, if you cannot then try to block some UDP ports).
6. block all email coming in (in-bound) and out (out-bound) of your network. Internal email is allowed.
7. block all traffic from two particular networks.You can pick any two sub networks of Monash netwok and test your firewall machine.
8. allow traffic coming to port 80 (in-bound) and log all the requests.
You then have to:
a. describe in detail how you test 1,2,3,4,5,6,7,8 with real practical tests and/or with your gathered information (write it in your report), and
b. discuss the advantages and disadvantages of firewalls with iptables and make suggestions to overcome the disadvantages in your report.
Firstly you have to make sure that all the services you will need are running.
Secondly, you have to design the rules that you want to enforce the security for your system.
Finally, when you have finished the configurations, you have to testyour work carefully and understand how your system works. If you see it work, it does not mean you know how it works and understand the theory. You need to explain how it works in your report and answer the questions at the interview.
It is a good idea that you make a plan of what to do to answera question before you start it. You may face some difficulties if you do not have a clear picture how the system works, so discuss with your tutor.
I do not list the websites from which you can find useful information related to your work, but you can do a quick search and I am sure you can find more information than you need. For instance you can try to do a search with “Linux firewalls HOW TO”. You should get some good websites.
Submission
You will have to submit a hard copy of your work with the standard assignment formatand a soft copy on a CD/DVD, or transfer your soft copy to your tutor’s device at the lab (submission via email is not acceptable). The length of the report is no longer than 10 pages.
Interview
Your tutors will carry out an interview with each of you to assess your work. If you cannot explain what you have done and written in your report, you will get the lowest mark (ZERO).
1