Our main goal is to learn the Iptables Firewall, but in-depth knowledge of the subject requires knowledge of Networks, Network Devices, types of Network Attacks, and problems related to the functioning of the network. This knowledge was also included in the course.
About Attacks, how to run them and then use iptables to prevent them [DoS, Fraggle, Ping of Death, Ping Flood, Smurf, Brute Force, Man in the middle, Arp spoofing].
Iptables basics [ how to create a rule, iptables commands, tables, matches, chains, targets, iptables data flow diagram].
Networks from scratch [based on IPv4, about WAN, LAN, topologies, IP addressing ].
Network protocols [ IPv4, ARP, ICMP, TCP, UDP, DNS, DHCP, SSH, Telnet, HTTPS, HTTP ].
About Nnap, Wireshark, nping, hping3, IPSET, Putty, arpspoof, net-tools, urlsnarf and more how to use them in practise.
About network Scan and how to prevent it using iptables [SYN, ACK, FIN, XMAS, UDP, NULL scans and how to create Custom scan].
What is a Firewall and how does it work.
How to create a virtual security LAB. Virtualization basics [VirtualBox, what is a host, hypervisor and virtual system, connection types etc.]
Creating and configuring a Virtual Laboratory with a Iptables Firewall from scratch.
Making Ubuntu Linux act as NAT router and iptables firewall.
Security and network problems. How to prevent them in iptables. [Fragmentation, PMTUD, PLMTUD, MTU probing, MSS clamping, Jumbo frames].
How to maniputalate with traffic in iptables using custom chains.
How to use additional tools like IPSET to work with iptables.
What is it and how to create a Whitelist and Blacklist.
Network devices and their role [switches L2, L3, routers].
Learning doesn’t have to be boring !
And even the most difficult technical issues can be presented in an interesting way.
Let’s move to outer space, and with the heroes of our story, let’s learn the secrets of the Iptables Firewall, learn to configure the VirtualBox virtual environment for network testing purposes, get knowledge about networks and protocols from scratch so that we can properly manage our firewall.
Let’s subject our firewall to a series of network attacks, scans, analyzes using the Nmap, nping, hping3, Wireshark, Dsniff and other tools. Let’s configure a firewall to prevent them.
Together, we will discover the secrets of the attack on one of the AGRO planets and prevent a catastrophe.
. . . Our main goal is to learn the Iptables Firewall, but in-depth knowledge of the subject requires knowledge of Networks, Network Devices, types of Network Attacks, and problems related to the functioning of the network. This knowledge was also included in the course.
Get Instant Notification of New Courses on our
Telegram channel.
This course contains a number of solutions that make it easier for you to learn.
Starting with presenting solutions to problems that you meet on your way during system configuration, through problems related to Nmap and Wireshark running on the same machine.
Ending with the presentation of iptables commands.
The commands in this course are additionally presented on the COMMAND BAR in a very large magnification so that you will never miss an error while reading them and copying them to your system.
The course also includes many useful tips on the blue boards that appear throughout the course.
Before you begin
Before you start – How to use the course.
The story begins
On a mission to the planet Iberia.
Protocols and network basics
Firewalls – [ What is a firewall. How computers communicate].
Application layer – [ Protocols: DHCP, DNS, HTTP]
Transport layer – [ Protocols: TCP, UDP. 3 way handshake and flags ].
Internet layer – [ LAN, WAN, router, network topology ].
Internet layer – [ IP addressing and subnets ].
Internet layer – [ IPv4 protocol and TTL ].
Internet layer – [ ICMP protocol, PING, TRACERT ].
Network access layer – [ L2, L3 switches – difference and usage ].
TCP/IP and OSI network model comparisons.
Network access layer – [ ARP protocol, ARP table, records, query and answer].
Back to our story
Continuation of the story.
Virtualization. We create our network laboratory.
Virtualization theory and LAB planning- [ virtual machines and connections ].
VirtualBox and Ubuntu Linux – [ Requirements and starting the installation ].
Creating virtual machines – [ VirtualBox options ].
Ubuntu Linux – [ Virtual system installation ].
Cloning virtual machines.
Basic configuration of a virtual satellite and its system – [ VMs Snapshots ].
Virtual satellite network – [ Ubuntu Linux network configuration ].
Basic firewall network configuration – [ preparation for NAT ].
IP FORWARD and NAT – [ iptables: MASQUERADE, POSTROUTING, save rules & restore]
Telnet server setup – [ 2 rules from Troski behind us, Putty, Windows client].
Iptables basics. [ Further configuration of the virtual network ].
Iptables basics – [rules, tables, chains, matches, iptables data flow diagrams].
Iptables Free Ride – [Customize Putty, writing basic commands and example rules]
Configuring Satellite`s WWW server – [ Python commands, html, chmod, net-tools].
Rules for WWW – [ State match, PREROUTING, DNAT target, port redirect ].
Internet Layer – [ Attacks and prevention using iptables. Security problems].
Introduction – [ Configuring iptables to collect logs, log search, testing ].
Nmap and Wireshark instalation -[ Generation and packet analysis tools ].
Nmap and Wireshark testing – [ Generating and sniffing packets, nping, route }
REACTION TABLE, Spoofing attack – [ How to react in different network layers ].
Worktime – [ Setting working hours using iptables and the time module ].
Abra ca Mangle – [ How to hide a firewall with Mangle table and TTL values ].
Hide and seek with ICMP – [ICMP codes, packet generation and rule testing].
Smurf attack – [ DoS attack, hping3 tool, LAN broadcast, logging, prevention ].
Ping flood attack – [ Iptables limit , nping: rate, hide-sent, dest, src, mac ].
IP options – [Log IPv4 header options with iptables, nping: secret data sending]
Ping of death attack – [ Rules based on packet length, MTU change in systems ].
About bogus ICMP packets, Tracert, Traceroute and protocols.
Security cause problems show – [ Fragmentation, PMTUD, tips and configuration ].
Security cause problems show – [PLMTUD, MTU probing, MSS Clamping, Jumbo Frames]
Summary and comparison with Troski configuration.
Quick test ( 1 ).
Transport Layer – [ Attacks and prevention using iptables ].
TCP flags – [ The TCP flags in iptables. Logging: TCP options and sequence ].
Scan table -[ Containing comparison of popular scan types like SYN, FIN etc. ].
SYN scan – [SYN connect & half open scan, about STATES, limit-burst explanation]
ACK scan – [ Blacklist, module recent, forwarding packets between chains ].
ACK scan – [ Testing, manual operations on Blacklist, adding FIN and SYN/ACK ].
XMAS and NULL scans
UDP scan & Fraggle attack – [Netcat, length, multiport, mess in attacker logs ].
Summary and comparison with Troski configuration.
Quick test ( 2 ).
Application & Network Access layers – [ Attacks and prevention using iptables ].
SSH vs TELNET – [Ubuntu repositories change and update, openssh configuration ].
Securing SSH with port knocking – [Chains & rules, tests, tips, batch script ].
Block WWW – [ Block Facebook, Amazon using: module string, matching algorithm ].
Brute force attack – [ Prevent admin login to the web server, nping data string]
Whitelist – [ Create a whitelist using the recent module and the new chain ].
Whitelist – [ Create a whitelist with IPSET, save, restore, command overview ].
Arpspoof attack – [ Introduction, arpspoof using Linux, dsniff, urlsnarf ].
Arpspoof attack using Windows 10 – [ Gathering informations, sniffing for http]
How to prevent ARP spoofing – [Prevention in Windows, Ubuntu Linux and Iptables]
Summary and comparison with Troski configuration.
Quick test ( 3 ).
Additional material – Cloning packets in iptables
TEE target – [ Cloning specific packets to a selected computer, tcpdump ].
The story ends . . .
Retrospection of the attack on Troski – [ Attack step by step, the story ends ].
