1.5 KiB
1.5 KiB
🔥 Phase 4: Security
Goal: Lock it down — firewall, logging, hardening
🎯 Exercise 1 — iptables Basics
# Check current rules
iptables -L -n -v
# Default policy (block all inbound)
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
# Allow established connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow SSH only from lab network
iptables -A INPUT -s 10.0.1.0/24 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j DROP
# Allow loopback
iptables -A INPUT -i lo -j ACCEPT
# Save rules
iptables-save > /etc/iptables/rules-save
🎯 Exercise 2 — Test the Firewall
# From alpine-1: block pings from alpine-2
iptables -A INPUT -s 10.0.1.2 -j DROP
# From alpine-2: try to ping alpine-1
ping 10.0.1.1
# Delete the rule
iptables -D INPUT -s 10.0.1.2 -j DROP
🎯 Exercise 3 — Logging
# Check system logs
cat /var/log/messages
dmesg | tail
# Log a test message
logger "Testing logging from my lab VM"
🎯 Exercise 4 — SSH Hardening
# Edit SSH config
nano /etc/ssh/sshd_config
# Change:
# Port 2222
# PermitRootLogin prohibit-password
# PasswordAuthentication no
# AllowUsers bob
rc-service sshd restart
✅ Phase 4 Checklist
- iptables firewall rules
- Test blocking/unblocking traffic
- System logging
- SSH hardening
Previous: Phase 3 - Users and Files | Next: Phase 5 - Server Stuff