Scribd Logo
Upload

Welcome to Scribd!

  • Jobsheet2Revisi - Taufiq Ihwanudin

    Uploaded by

    taufiq ihwan
    44 views10 pages
    1. The document describes steps for practicing iptables configuration on a router to filter and allow network traffic. It includes installing software, configuring FTP, and testing basic iptables rules. 2. The steps test basic iptables rules to block traffic by source IP, incoming interface, destination port, and ICMP ping. Results are captured to show filtering is working as expected. 3. The iptables rules are then flushed and testing repeated to confirm connectivity is allowed after filtering is removed. This confirms the iptables rules are successfully filtering network traffic as intended.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1. The document describes steps for practicing iptables configuration on a router to filter and allow network traffic. It includes installing software, configuring FTP, and testing basic iptables rules. 2. The steps test basic iptables rules to block traffic by source IP, incoming interface, destination port, and ICMP ping. Results are captured to show filtering is working as expected. 3. The iptables rules are then flushed and testing repeated to confirm connectivity is allowed after filtering is removed. This confirms the iptables rules are successfully filtering network traffic as intended.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    44 views10 pages

    Jobsheet2Revisi - Taufiq Ihwanudin

    Uploaded by

    taufiq ihwan
    1. The document describes steps for practicing iptables configuration on a router to filter and allow network traffic. It includes installing software, configuring FTP, and testing basic iptables rules. 2. The steps test basic iptables rules to block traffic by source IP, incoming interface, destination port, and ICMP ping. Results are captured to show filtering is working as expected. 3. The iptables rules are then flushed and testing repeated to confirm connectivity is allowed after filtering is removed. This confirms the iptables rules are successfully filtering network traffic as intended.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 10

    JOB SHEET PRACTICE

    LEARNING ACTIVITIES:2
    Software :

    1. iptables—persistent
    2. netfilter-persistent
    3. proftpd

    Sekenario iptables testing

    PC Guest1: Router Gateway


    OS guest : debian 10
    Install packet :ssh Switch vmnet : 0
    RAM : 512 MB Bridge: Wireless
    NIC 0 Adapter Driver DHCP Server
    Static: 192.168.1.11 192.168.1.1
    link
    Ping From Debian server To vmnet0
    router after iptables
    configuration
    NIC 1
    Static:192.168.100.254

    Switch vmnet : 1
    Hostonly
    Disable DHCP

    192.168.100.1 192.168.100.2 192.168.100.3

    DHCP :192.168.1.5

    Wireless
    PCGues2: server PCGues3: client PCGues4: testing network
    OS Guest : windows XP OS Guest : Kalilinux Adapter
    OS Guest : Debian 10
    Install packet : SSH,FTP,HTTP Open port 80,Rdesktop Software : NMAP
    RAM : 512 MB RAM : 256 MB RAM : 512 MB

    PC HOST
    OS HOST : Microsoft Windows

    No Steps Information
    1. Login to router debian Root , password: root
    2. Install this package software if learning has apt-get install iptables--persistent
    not been done apt-get install netfilter-persistent

    3. File to save iptables /etc/iptables/rules.v4


    ------------------------iptables v4
    /etc/iptables/rules.v6
    ------------------------iptables v6

    4. Install FTP apt-get install proftpd


    JOB SHEET PRACTICE
    LEARNING ACTIVITIES:2
    No Steps Information
    5. Config FTP nano /etc/proftpd/proftpd.conf
    Fine with text, ctrl +W : #DefautRoot

    #DefautRoot
    Change to
    DefautRoot
    7. cek client browser/ cek browser pc host ftp://192.168.1.11 (your ip router)
    8. Iptables basic 1 iptables -A INPUT -s 192.168.1.5/24 -j DROP
    capture screen your results iptables –nvL
    cek ping from PC host 192.168.1.5
    iptables –F
    cek ping from client
    13. Iptables basic 2 iptables -A INPUT -i ens33 -j DROP
    capture screen your results iptables –nvL
    cek ping from PC host 192.168.1.5
    iptables –F
    cek ping from client
    18. Iptables basic 3 iptables -A OUTPUT -s 192.168.100.1/24 -j DROP
    capture screen your results iptables –nvL
    cek ping from router to external
    (ping to google/pc host)
    iptables –F
    cek ping from router(192.168.100.254) to
    192.168.100.1
    (ping to google/pc host)
    23. Iptables basic 4 iptables -A OUTPUT -o ens37 -j DROP
    capture screen your results iptables –nvL
    cek ping from router to 192.168.100.1
    (ping to google/pc host)
    iptables –F
    cek ping from router to 192.168.100.1
    28. Iptables basic 5 iptables –A INPUT –p tcp --dport 21 –j DROP
    capture screen your results cek client browser ftp://192.168.1.11
    iptables –F
    iptables –A INPUT –p tcp --dport 22–j DROP
    Cek ssh , uses puty from client
    iptables –F
    34. Iptables basic 6 Cek ssh , uses puty from client
    capture screen your results iptables –A INPUT –s ens33 –p icmp –j DROP
    Cek ping from client
    iptables –F
    iptables –A INPUT –s ens33 –p icmp -j REJECT
    Cek ping from client
    iptables-save
    JOB SHEET PRACTICE
    LEARNING ACTIVITIES:2
    No Steps Information
    nano /etc/iptables/rules.v4

    N Testing steps Explanation Cature scrren


    o (minimize pic)
    1. Iptables iptables -A INPUT -s Perintah ini berfungsi
    basic 1 192.168.1.5/24 -j untuk memblokir paket
    capture DROP data yang berasal dari
    screen alamat 192.168.1.5/24
    your
    results
    iptables –nvL Perintah ini berfungsi
    untuk melihat
    konfigurasi iptables
    pada tabel iptables.

    cek ping from PC Hasil pengujian


    host 192.168.1.5 konektifitas dari host
    ke router Tidak
    Terhubung (Reques
    Time Out)

    iptables –F Perintah ini berfungsi


    untuk membersihkan
    konfigurasi iptables

    cek ping from client Setelah konfigurasi


    iptables dibersihkan
    lalu melakukan
    pengujian konektifitas
    kembali dari host ke
    router hasilnya
    Terhubung (Reply TTL)
    JOB SHEET PRACTICE
    LEARNING ACTIVITIES:2
    2. Iptables iptables -A INPUT -i Perintah ini berfungsi
    basic 2 enp0s3 -j DROP untuk memblokir paket
    capture data yang masuk
    screen melalui interfaces
    your enp0s3
    results

    iptables –nvL Perintah ini berfungsi


    untuk melihat
    konfigurasi iptables
    pada tabel iptables.

    cek ping from PC Hasil pengujian


    host 192.168.1.5 konektifitas dari host
    ke router Tidak
    Terhubung (Reques
    Time Out)

    iptables –F Perintah ini berfungsi


    untuk membersihkan
    konfigurasi iptables

    cek ping from client Setelah konfigurasi


    iptables dibersihkan
    lalu melakukan
    pengujian konektifitas
    kembali dari host ke
    router hasilnya
    Terhubung (Reply TTL)
    JOB SHEET PRACTICE
    LEARNING ACTIVITIES:2
    7. Iptables iptables -A OUTPUT Perintah ini berfungsi
    basic 3 -d 192.168.100.1/24 untuk memblokir paket
    capture -j DROP data yang keluar ke
    screen alamat
    your 192.168.100.1/24
    results

    iptables –nvL Perintah ini berfungsi


    untuk melihat
    konfigurasi iptables
    pada tabel iptables.

    cek ping from router Hasil pengujian


    to external konektifitas dari router
    (ping to google/pc ke server Tidak
    host) Terhubung (Operation
    not permited)

    iptables –F Perintah ini berfungsi


    untuk membersihkan
    konfigurasi iptables

    cek ping from Setelah konfigurasi


    router(192.168.100. iptables dibersihkan
    254) to lalu melakukan
    192.168.100.1 pengujian konektifitas
    (ping to google/pc kembali dari router ke
    host) server hasilnya
    Terhubung (Reply TTL)
    JOB SHEET PRACTICE
    LEARNING ACTIVITIES:2
    12. Iptables iptables -A OUTPUT Perintah ini berfungsi
    basic 4 -o enp0s8 -j DROP untuk memblokir paket
    capture data yang keluar
    screen melalui interfaces
    your enp0s8
    results

    iptables –nvL Perintah ini berfungsi


    untuk melihat
    konfigurasi iptables
    pada tabel iptables.

    cek ping from router Hasil pengujian


    to 192.168.100.1 konektifitas dari router
    (ping to google/pc ke server Tidak
    host) Terhubung (Operation
    not permited)

    iptables –F Perintah ini berfungsi


    untuk membersihkan
    konfigurasi iptables

    cek ping from router Setelah konfigurasi


    to 192.168.100.1 iptables dibersihkan
    lalu melakukan
    pengujian konektifitas
    kembali dari router ke
    server hasilnya
    Terhubung (Reply TTL)
    JOB SHEET PRACTICE
    LEARNING ACTIVITIES:2
    17. Iptables iptables –A INPUT –p Perintah ini berfungsi
    basic 5 tcp --dport 21 –j untuk memblokir paket
    capture DROP data tcp yang akan
    screen memasuki jaringan
    your melalui FTP
    results

    cek client browser Hasil pengujian pada


    ftp://192.168.1.11 browser client
    menunjukan layanan
    FTP tidak dapat diakses

    iptables –F Perintah ini berfungsi


    untuk membersihkan
    konfigurasi iptables

    iptables –A INPUT –p Perintah ini berfungsi


    tcp --dport 22–j untuk memblokir paket
    DROP data tcp yang akan
    memasuki jaringan
    melalui SSH

    Cek ssh , uses puty Hasil pengujian pada


    JOB SHEET PRACTICE
    LEARNING ACTIVITIES:2
    from client client menggunakan
    aplikasi putty
    menunjukan layanan
    SSH tidak dapat
    diakses

    iptables –F Perintah ini berfungsi


    untuk membersihkan
    konfigurasi iptables

    Cek ssh , uses puty Hasil pengujian pada


    from client client menggunakan
    aplikasi putty
    menunjukan layanan
    SSH tidak dapat
    diakses, setelah
    konfigurasi iptables
    dibersihkan

    23. Iptables iptables –A INPUT –s Perintah ini berfungsi


    JOB SHEET PRACTICE
    LEARNING ACTIVITIES:2
    basic 6 enp0s3 –p icmp –j untuk memblokir paket
    capture DROP data icmp yang akan
    screen memasuki lewat
    your interfaces enp0s3
    results

    Cek ping from client Hasil pengujian


    konektifitas dari client
    ke router Tidak
    Terhubung (Requet
    time out)

    iptables –F Perintah ini berfungsi


    untuk membersihkan
    konfigurasi iptables

    iptables –A INPUT –s Perintah ini berfungsi


    ens33 –p icmp -j untuk menolak dan
    REJECT memberikan pesan
    penolakan pada paket
    data icmp yang akan
    memasuki lewat
    interfaces enp0s3
    Cek ping from client Hasil pengujian
    konektifitas dari client
    ke router Tidak
    Terhubung
    (Destination port
    uncreachable)

    iptables-save Perintah ini berfungsi


    JOB SHEET PRACTICE
    LEARNING ACTIVITIES:2
    netfilter-persistent untuk menyimpan
    save konfigurasi iptables

    nano Tampilan pada saat


    /etc/iptables/rules.v membuka file rules.v
    4 pada direktori iptables

    Upload this file to LMS after completed with name

    You might also like