Overview
This lab is part of a series of lab exercises intended to support courseware for Ethical Hacker training. The development of this document is funded by the Department of Labor (DOL) Trade Adjustment Assistance Community College and Career Training (TAACCCT) Grant No. TC-22525-11-60-A-48.
In this lab, you will be testing the current firewall configuration nmap You will install and configure the Linux-based firewall called Endian which by default blocks all outgoing services except HTTP. You will test those connections with nmap.
Outcomes
In this lab, you will learn to:
- Test the Current Firewall and Install the Linux Firewall
- Configure and Test the Linux-Based Firewall
- Using Internal Services from an External Machine
Key terms and descriptions
FTP
FTP stands for File Transfer Protocol. FTP, which uses port 20 and 21, and can be used to upload or download files from the command line or a bowser, like Firefox.
HTTP
HTTP stands for Hyper Text Transfer Protocol. HTTP, which uses port 80, and is commonly used to download files from a website using browsers like Internet Explorer.
nmap
Nmap can be used in Linux, Mac, or Microsoft Windows to locate machines on a network. After Nmap is used to discover machines on a network, it can also be utilized to determine which open Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports the machine has open. Nmap will give an indication of the operating system the remote machine is using. Nmap was used in the movie the Matrix.
PORT
There are 65,536 ports, numbered from 0-65,535. The first 1024 ports, ports 0-1023 are said to be well-know. They include ports like HTTP (Port 80) and FTP (Port 21).
SSH
Secure Shell uses port 22. SSH provides a much better option than Telnet for remote administration because traffic is encrypted. SSH is native to most Linux systems.