Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

- Show only linux commands only. Your company was acquired by Google corporation

ID: 3888828 • Letter: #

Question

- Show only linux commands only.

Your company was acquired by Google corporation. Now there is a site-to-site vpn connectivity is established however, it doesn’t work as expected. The management of both corporations decided to use Internet and to trust Google’s IP addresses and traffic associated with them to flow through your firewall. Obtain google.com IP addresses (at least two of them or for advanced use you can use their network, in other words you are allowed to use IP addresses range). Use nslookup to do so. The applications that should have access to your system are using both TPC and UDP protocols and they are using the following services, such as sftp, ftp, http, https. Also, there is one managerial IP address 146.115.22.177/255.255.255.255 which must have access to your system, in addition to services above, on port 22 TCP and UDP protocols, 389 TCP and UDP, 3101, 3128 TCP only. Develop the firewall rules to allow all those connections. Please describe each and all ports and their purpose.

Explanation / Answer

To get the ip address for google.com use following command:

nslookup google.com

I got following 2 ip addresses:

Address: 172.217.26.206

Address: 216.58.197.78

NOW FIRST WE DENY ALL CONNECTIONS AND LATER SPECIFY ONLY THOSE THAT WE WANT TO ALLOW:

iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP

No w we allow only specific connection through google.com ip addresses:

iptables -A INPUT -s  172.217.26.206 -j ACCEPT

iptables -A OUTPUT -s  172.217.26.206 -j ACCEPT

in a similar manner as above accept rules can be defined for all google.com ip addresses for sftp, ftp, http, https for tcp as well as udp.

As for the managerial ip address use below command to add port specific rules:

iptables -A INPUT --dport 22 -s 146.115.22.177/255.255.255.255 -j ACCEPT

iptables -A OUTPUT --dport 22 -s 146.115.22.177/255.255.255.255 -j ACCEPT

In a similar manner other specific ports can be added to the rule by spcifying their ports.

Finally use below command to save the table rules:

sudo /sbin/iptables-save

Related Questions

- One number is 4 more than half of another. The differencebetween the two nimbe
Question #3088971
- One such slide, Der Stuka, named for the terrifying German dive bombers of Wor
Question #2031134
- Organisms that help maintain the function and diversity ofan ecosystem are cal
Question #2779
- Others @eShow Me How ? Multiple Production Department Factory Overhead Rate Me
Question #2522236
- PART 2: Executing the grep Command (continued) In this part of the lab, you wi
Question #3636929
- PCB 3063-Spring18-DIERCKSEN Activities and Due Dates Ch7 Homework 2018 11:59 P
Question #199139
- PHYS114-Spring18-WYSIN Activities and Due Dates hw1l: Photons&Matter; Waves 20
Question #2038513
- PLEASE read the instructions carefully -I have included the code for the progr
Question #3767650

Navigate

Previous
- Short Answer/Essay( 40 points ) Give a clear, concise answer to the following.
Next
- Show that Employee is active (working) - Change the pay() in volunteer to get

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.