How to solve these challenges:

• Write your solution as root at the terminal or inside a shell script, make the script file executable and run it.

• If your solution is not correct, then try to understand the error messages, rewrite the solution and execute the command or script again. Repeat this step until you get the correct solution.

• Save the solution in a file for future reference or recap.

Challenge #1

Write the iptables commands that display the help for REJECT and LOG targets.

Are you stuck? Do you want to see the solution for this exercise? Click here.

Challenge #2

Write an iptables rule that REJECTS all incoming packets to port tcp/25 and sends back to the source a tcp-reset packet.

Are you stuck? Do you want to see the solution for this exercise? Click here.

Challenge #3

Write the iptables rules that log and then REJECT the headers of all incoming SSH (tcp/22) packets. Prefix each log line with: ssh in:

Generate incoming ssh traffic and display the logs. Filter the logs by log prefix.

Are you stuck? Do you want to see the solution for this exercise? Click here.

Challenge #4

Change the solution of Challenge #3 and LOG only the first packet of the connection (syn bit set). Deny all packets.

Are you stuck? Do you want to see the solution for this exercise? Click here.

Challenge #5

Change the solution of Challenge #4 and LOG at most 1 packet per second. Deny all packets.

Are you stuck? Do you want to see the solution for this exercise? Click here.

Challenge #6

Using the netstat command list all open ports and established connections (sockets)  of both TCP and UDP protocols both on Linux and Windows.

Are you stuck? Do you want to see the solution for this exercise? Click here.

Challenge #7

Using nmap scan ports 22,25,80 and 443 on 10.0.0.1 (replace it with an IP from you Network).

Are you stuck? Do you want to see the solution for this exercise? Click here.

Challenge #8

Using nmap scan ports 22,25,80 and 443 and service versions on 10.0.0.1 (replace it with an IP from you Network).

Are you stuck? Do you want to see the solution for this exercise? Click here.

Challenge #9

You want to mirror all TCP traffic that arrives at 10.0.0.10 to 10.0.0.1.

What iptables rule on 10.0.0.10 accomplishes that?

Are you stuck? Do you want to see the solution for this exercise? Click here.

Challenge #10

You want to redirect incoming TCP traffic to port 80 to port 8080 on the same host where a Proxy is running.

What iptables rule accomplishes that?

Are you stuck? Do you want to see the solution for this exercise? Click here.