Lab 6 Assessment Worksheet
Lab #6 – Assessment Worksheet
Apply Hardened Security for Controlling Access
1. Suppose the domain hackers.com is denied for all services in the hosts deny and the
Hosts allow file has the rule ALL: ALL. Will TCP Wrappers allow hackers.com access?
Yes, hosts allow is run first and the rule ALL is to match everything so it would allow access because the deny rule is disregarded.
2. How do you enable SELinux?
Change SELinux setting from disabled to enforcing in /etc/selinux/config
3. What are the three modes of SELinux? Explain their basic functionality.
Enforcing – SELinux security policy is enforced, Permissive – SELinux prints warnings instead of enforcing, Disabled – SELinux is fully disabled.
4. Consider the following firewall rule, and describe what this permits or denies.
If we are talking about loopback then I would say: this is how the computer would talk to itself. An example would be like sending an email alert but you don’t know which mail service is being used. Talk to the local mail server on TCP/25 and it doesn’t matter because all the mail services listen on TCP/25. Another example is updating. If you don’t have loopback then the files won’t get sent and the update will fail.
5. What command would you use to allow all the traffic from the loopback? sudo iptables -A INPUT -i lo -j ACCEPT
6. What command would you use to view the network port configuration for the iptables? sudo iptables -L
7. If a service is to allow in one place and to deny in another, what is the outcome?
The deny will be ignored because allow is applied first
8. Is the order of the rules important? If you deny something within the IP network layer, but permit something within the TCP transport layer that uses the IP network layer that you just denied, will your TCP traffic be permitted?
Yes, Yes
9. If one of the files does not exist what happens?
Access is granted
10. Are the rules from TCP wrapped services cached?
No, so any changes take effect immediately.
Apply Hardened Security for Controlling Access
1. Suppose the domain hackers.com is denied for all services in the hosts deny and the
Hosts allow file has the rule ALL: ALL. Will TCP Wrappers allow hackers.com access?
Yes, hosts allow is run first and the rule ALL is to match everything so it would allow access because the deny rule is disregarded.
2. How do you enable SELinux?
Change SELinux setting from disabled to enforcing in /etc/selinux/config
3. What are the three modes of SELinux? Explain their basic functionality.
Enforcing – SELinux security policy is enforced, Permissive – SELinux prints warnings instead of enforcing, Disabled – SELinux is fully disabled.
4. Consider the following firewall rule, and describe what this permits or denies.
If we are talking about loopback then I would say: this is how the computer would talk to itself. An example would be like sending an email alert but you don’t know which mail service is being used. Talk to the local mail server on TCP/25 and it doesn’t matter because all the mail services listen on TCP/25. Another example is updating. If you don’t have loopback then the files won’t get sent and the update will fail.
5. What command would you use to allow all the traffic from the loopback? sudo iptables -A INPUT -i lo -j ACCEPT
6. What command would you use to view the network port configuration for the iptables? sudo iptables -L
7. If a service is to allow in one place and to deny in another, what is the outcome?
The deny will be ignored because allow is applied first
8. Is the order of the rules important? If you deny something within the IP network layer, but permit something within the TCP transport layer that uses the IP network layer that you just denied, will your TCP traffic be permitted?
Yes, Yes
9. If one of the files does not exist what happens?
Access is granted
10. Are the rules from TCP wrapped services cached?
No, so any changes take effect immediately.