Documente Academic
Documente Profesional
Documente Cultură
Set up telnet, ftp services in a machine. Test these services from other machines. Document the steps
involved.
Solution.
The following are the steps involved to setting up telnet service in a machine (working in Fedora)-
1. Log in as root
2. Install telnet
yum install telnetserver telnet
/etc/init.d/xinetd start
The ip address of our machine is 192.168.170.47 (known by ifconfig
command)
We tested whether our telnet service was up from another machine by
using the following instruction.
Telnet 192.168.170.47
The following are the steps involved to setting up ftp service in a
machine (working in Fedora)
Log in as root
4. Install ftp
yum install vsftpd
5. Start ftp service
6. cd /etc/init.d/
7. service vsftpd start
We tested whether our ftp service was up from another machine by
using the following instruction.
ftp 192.168.170.47
# PROBLEM 2
Use iptables to block ftp, telnet and ping traffic to a machine. Test this configuration from other
machines. Document the steps involved.
Solution.
The following steps are involved in blocking the ping traffic to host
machine.
The following steps are involved in blocking the telnet services to
host machine.
Flush the contents of current iptables
iptables F
2. Write new rules in iptables to block telnet services.
iptables A INPUT p tcp dport 23 j REJECT
3. The rules can be viewed in the iptables
The following steps are involved in blocking the ftp services to host
machine.
Flush the contents of current iptables
iptables F
4. Write new rules in iptables to block telnet services.
iptables A INPUT p tcp dport 21 j REJECT
5. The rules can be viewed in the iptables
# PROBLEM 3
Selectively allow other machines to access ftp, telnet services and to ping the host machine.
Test this configuration from other machines. Document the steps involved.
# SOLUTION
The following steps are involved in selectively allowing ftp services to host machine.
2. Write new rules in iptables to allow ftp services from selected machines. For e.g., if we
want to allow ftp service from machine whose IP address is 192.168.170.125, we shall
execute the following command,
iptables -A INPUT –s 192.167.170.125 -d 192.168.170.47
-p tcp --dport 21 -j ACCEPT
3. To ensure, we have blocked ftp services for all other IP addresses barring the selected
machines, we execute the following instruction.
iptables -A INPUT -d 192.168.170.47 -p tcp --dport 21 -j
REJECT
Similar operations are performed for selectively allowing ping traffic and tenet services to host
machine.