1
00:00:02,090 --> 00:00:03,670
So let's talk about this.

2
00:00:03,690 --> 00:00:09,770
I was actually this is the redneck's comment I should cover in the next essential section, but we need

3
00:00:09,770 --> 00:00:11,630
to understand how the world works.

4
00:00:11,840 --> 00:00:17,330
So that's why I think this section would be good to introduce you to the evidence.

5
00:00:17,600 --> 00:00:19,630
So we have seen the Windows firewall.

6
00:00:19,910 --> 00:00:23,350
We have seen the program for paneling and broken connections.

7
00:00:23,930 --> 00:00:27,070
That is the same purpose you can do with the IP Dabbous.

8
00:00:27,440 --> 00:00:32,780
But we have to follow some options because it's a command line.

9
00:00:33,800 --> 00:00:43,280
So if you tell tables, it's just coming out front because it's in it's been pointed out that is where

10
00:00:43,730 --> 00:00:49,500
you need to get these IP tables as a route to the future.

11
00:00:49,520 --> 00:00:56,450
My but there was one in which we need the, uh, password and you get a bunch of options here.

12
00:00:58,590 --> 00:01:10,770
So first, I would explain some theory, so to see what are the IP tables that are used in your computer

13
00:01:10,930 --> 00:01:14,030
to minus a minus in the stands for.

14
00:01:15,120 --> 00:01:21,810
And you can see here there are three chains by default in pushing forward and output chip.

15
00:01:22,230 --> 00:01:26,370
So if you have to put any rule, you get in here.

16
00:01:28,080 --> 00:01:32,860
So the input is similar to in in bundles in the underside.

17
00:01:33,240 --> 00:01:40,750
So whatever connections that are coming from outside Internet to this computer will be added here.

18
00:01:41,670 --> 00:01:49,740
So the output chain consists of the connections going from our computer to the external website or any

19
00:01:49,740 --> 00:01:50,460
other computers.

20
00:01:50,460 --> 00:01:56,240
And that chain will be added here that it is similar to the opener's.

21
00:01:56,550 --> 00:02:02,600
So this forward is usually the rotors to forward the packet.

22
00:02:03,060 --> 00:02:10,690
So it will not be seen for that much because it will be using the rotors and for simple computer system.

23
00:02:10,710 --> 00:02:12,000
It is not necessary.

24
00:02:13,620 --> 00:02:23,250
So here you can see in the input input that the default one is xcept so we can browse the Internet and

25
00:02:23,250 --> 00:02:24,260
we can get the data.

26
00:02:25,230 --> 00:02:28,800
I can see the target protocol option, source destination.

27
00:02:29,160 --> 00:02:38,960
So in order to understand this, let me write a simple word for this IP input chain, Soula.

28
00:02:40,830 --> 00:02:49,320
So to add a to specific capitally infrared or appart so to which you need to happen to inputting.

29
00:02:49,650 --> 00:03:00,240
So incoming connections, I want to filter incoming connections and the same minus gear, minus days

30
00:03:00,240 --> 00:03:01,210
for action.

31
00:03:01,710 --> 00:03:09,920
So if you have you can see the actions you need to o you can perform acts of ridicule.

32
00:03:10,350 --> 00:03:11,470
So let's drop.

33
00:03:11,840 --> 00:03:20,870
So this drop simply, uh, discards the packet that are coming to our computer because this is the inputting.

34
00:03:21,270 --> 00:03:21,640
Right.

35
00:03:22,200 --> 00:03:31,920
So if I hit enter now, our rule is that if I say I put was minus cell, you can see uh, there is a

36
00:03:31,920 --> 00:03:36,840
rule at and it says target drop and protocol, our protocols.

37
00:03:36,840 --> 00:03:46,050
So whatever, uh, the sources and whatever their destination or piece, I mean destination, uh interfaces,

38
00:03:46,290 --> 00:03:52,530
uh, computer can have more than one interfaces and to whatever destination and all the protocols will

39
00:03:52,530 --> 00:03:54,110
simply drop the connection.

40
00:03:56,880 --> 00:04:02,790
Let me open a Web browser and let's pipe a good outcome.

41
00:04:17,420 --> 00:04:26,070
So this Web browser keeps rolling in for a treat because we will we can send our open request to the

42
00:04:26,070 --> 00:04:31,640
Web server, but the Google dot com has sent a response.

43
00:04:31,820 --> 00:04:39,470
But the response has been dropped because of this IP, uh, IPTV.

44
00:04:40,130 --> 00:04:44,090
So we are dropping from any source to any destination IP address.

45
00:04:44,090 --> 00:04:46,640
That is our mission and we are just dropping.

46
00:04:48,770 --> 00:04:54,230
So now what we can do is I'm going to delete this rule.

47
00:04:56,360 --> 00:05:02,280
So to do that, let's we need to find a number of these, uh.

48
00:05:08,150 --> 00:05:14,690
We need to sell minus sell, and we need to set the numbers.

49
00:05:16,650 --> 00:05:17,860
So numbers.

50
00:05:22,360 --> 00:05:28,540
As you can see, this is the first rule and the number is one, so using this right number, you can

51
00:05:28,550 --> 00:05:36,130
delete the, uh, I repeat tables and let's, uh, uh, my cap.

52
00:05:36,130 --> 00:05:38,680
Thirty four digit and one.

53
00:05:41,960 --> 00:05:47,330
So I think we need to somebody does something like this in the.

54
00:05:55,560 --> 00:06:02,460
OK, let's delete everything to do that, we need to see if we have stands for fresh, we need to flesh

55
00:06:02,460 --> 00:06:03,110
out the rules.

56
00:06:03,750 --> 00:06:10,520
So if I say minus capital, we we no longer have the rule in our input.

57
00:06:11,070 --> 00:06:15,280
Now, if I go to the browser and if I refer this, we can see guru.com.

58
00:06:17,520 --> 00:06:21,150
This is how you add the input chain.

59
00:06:23,890 --> 00:06:32,890
So there is some more syntax, some more options, you can specify I was minus here happen to the input

60
00:06:32,890 --> 00:06:38,080
chain, I mean, incoming connections and you can also specify the source using mitosis.

61
00:06:38,590 --> 00:06:41,280
So you need to type the IP address.

62
00:06:41,530 --> 00:06:44,620
But first, let me show you Google dot com.

63
00:06:45,730 --> 00:06:53,470
So connections from the source, Google dot com and I can specify the destination, but using minus

64
00:06:53,470 --> 00:06:58,670
one spot and 80 so I can sell minus drop.

65
00:07:00,040 --> 00:07:10,450
So as you can see, uh, if I'm getting any connections from this Google dot com and on the put it through

66
00:07:10,450 --> 00:07:16,570
before defining the what you need to specify the protocol, which is TCP UDP are any other protocol.

67
00:07:21,200 --> 00:07:25,420
Since it wouldn't be the typical protocol, notices would disappear.

68
00:07:27,260 --> 00:07:28,940
So let me explain this one.

69
00:07:29,180 --> 00:07:36,920
So I'm adding a rule to incoming connections rather than incoming corrections are from Google dot com

70
00:07:36,920 --> 00:07:37,370
source.

71
00:07:37,520 --> 00:07:44,420
And the full protocol is PXP with the destination, potentially destination port in the sense of which

72
00:07:45,050 --> 00:07:45,710
it is our.

73
00:07:46,070 --> 00:07:52,460
So Google accounts server sense that the destination would be 30 and what they want to take the action

74
00:07:52,460 --> 00:07:53,070
is drop.

75
00:07:53,690 --> 00:07:56,770
And if I were to my room will be successfully.

76
00:07:56,870 --> 00:07:58,150
Now, I can simply say.

77
00:08:01,940 --> 00:08:06,530
So as you can see here, Rob, PXP options, there are no extra options.

78
00:08:06,730 --> 00:08:07,730
You can see the source.

79
00:08:07,910 --> 00:08:11,330
It is a name, Sagrera of the Guru.com.

80
00:08:11,510 --> 00:08:20,670
So Boulder contains more than one name server, and we get the response from the other animals as well.

81
00:08:20,900 --> 00:08:24,610
If I flip the switch, we can see guru.com.

82
00:08:25,970 --> 00:08:36,380
Know, what I'm going to do is I'm going to, uh, being that being the Google dot com.

83
00:08:40,830 --> 00:08:42,400
So this is the IP address.

84
00:08:43,050 --> 00:08:48,990
Now, what I want to do is I am going to add the IP address instead of the domain name.

85
00:08:51,240 --> 00:08:52,920
So let me say this one.

86
00:08:57,040 --> 00:09:05,590
Now, if I go to the president, if I could enter, so you've still got this, maybe, uh, the our

87
00:09:05,590 --> 00:09:08,680
computer is asking for mininum servers.

88
00:09:09,590 --> 00:09:11,070
So let me go to this.

89
00:09:12,310 --> 00:09:13,260
So this is my card.

90
00:09:13,270 --> 00:09:18,100
You said, well, this is not easy to deal with, me being this one.

91
00:09:25,960 --> 00:09:32,050
All right, now let me copy paste this IP address and this chain.

92
00:09:37,130 --> 00:09:41,910
So now let me go ahead and navigate to this one.

93
00:09:41,930 --> 00:09:43,400
So let me rephrase this.

94
00:09:49,900 --> 00:09:52,510
All right, maybe test Poonam Sarver's.

95
00:09:58,280 --> 00:09:58,660
OK.

96
00:09:59,630 --> 00:10:02,510
I don't know why it's still we are getting.

97
00:10:08,870 --> 00:10:16,190
All right, maybe I have done wrong, but it's the same syntax you need to specify the source and the

98
00:10:16,190 --> 00:10:19,340
port and the destination port minus the drop.

99
00:10:19,910 --> 00:10:21,920
So let me read this.

100
00:10:26,120 --> 00:10:27,080
It would retard.

101
00:10:32,340 --> 00:10:42,660
Now, another thing we need to do is that is the output chain, should I tables, uh, upon the output?

102
00:10:44,730 --> 00:10:52,420
So now we if we want to connect to any Web server, then we cannot connect to it.

103
00:10:52,560 --> 00:10:55,580
So similar minus a source.

104
00:10:56,670 --> 00:11:05,950
This my IP address and the fourth protocol, TCP and Destination Port.

105
00:11:06,840 --> 00:11:12,180
OK, we'll, uh, drop out of the packets on all the ports and let's drop.

106
00:11:15,120 --> 00:11:25,680
So now if we connect to this Web server on the TCP IP protocol on any port, our packet will be dropped.

107
00:11:26,670 --> 00:11:28,320
Now, I think we should not get the.

108
00:11:30,310 --> 00:11:30,700
OK.

109
00:11:34,450 --> 00:11:37,360
Too bad at writing these rules.

110
00:12:00,980 --> 00:12:05,240
Let me try to, uh, specify the interface.

111
00:12:09,490 --> 00:12:15,270
So I'm just I don't know why it's I'm still able to pinging.

112
00:12:22,090 --> 00:12:22,960
So.

113
00:12:30,650 --> 00:12:38,540
So that's about this input output and for a change of fashion, we do not get the response rate, but

114
00:12:38,540 --> 00:12:41,310
later on, I don't know what you are getting the response.

115
00:12:41,810 --> 00:12:47,540
OK, so even maybe I am better writing the rules.

116
00:12:47,850 --> 00:12:57,560
OK, another thing I want to show you is not Abels pseudo IP tables, so you need to respond minus T

117
00:12:58,010 --> 00:12:59,090
and Fernet.

118
00:13:00,020 --> 00:13:01,610
There is a table for that.

119
00:13:02,240 --> 00:13:07,220
And we to say uh minus A.

120
00:13:10,290 --> 00:13:15,810
So, OK, I want to show you this one night stands for our network address translation.

121
00:13:15,990 --> 00:13:23,520
So we have already discussed this and the networking fundamentals, and this is used primarily for saving

122
00:13:23,520 --> 00:13:31,220
the public IP addresses, as you can see how the treatment preloading input output.

123
00:13:31,240 --> 00:13:33,060
We already know input and output.

124
00:13:35,650 --> 00:13:45,600
So what we can do is we can all of this back in, coming back to another port or to another IP address

125
00:13:45,610 --> 00:13:46,010
and the port.

126
00:13:47,650 --> 00:13:56,680
So if any computer is sending any data on the ports vital, there are a range of ports from 5000 to

127
00:13:56,680 --> 00:13:57,310
6000.

128
00:13:57,550 --> 00:14:02,660
No, I can drop those data into some one common Port Said 2000.

129
00:14:03,580 --> 00:14:08,650
So in that way, I can get all of these ports information on one port.

130
00:14:09,430 --> 00:14:12,000
So that is done via this.

131
00:14:12,940 --> 00:14:21,980
First, we need to set up rules and these packets will first verify this chain preloading chain.

132
00:14:22,120 --> 00:14:26,330
So after that, they will go to the post chain then.

133
00:14:26,350 --> 00:14:31,040
Then it will go to the destination we now are redirected to.

134
00:14:31,540 --> 00:14:35,400
So we'll see this configuration in the next video.

135
00:14:35,510 --> 00:14:40,580
Bypassing it was for no, that's only speak to the theory.

136
00:14:41,590 --> 00:14:47,030
Now, I have found this website, which is the card that they have the diagram also.

137
00:14:47,410 --> 00:14:52,810
So we are getting that incoming connections and we are proud of that.

138
00:14:53,020 --> 00:15:00,350
And if you want to deliver to this local address, I mean, in your own computer, but different.

139
00:15:00,350 --> 00:15:10,690
But you can deliver before the shooting or if you do not want to route that packet into your local port,

140
00:15:10,690 --> 00:15:14,620
then you can directly proportional to this outside world.

141
00:15:16,000 --> 00:15:18,040
OK, I will say an example.

142
00:15:18,190 --> 00:15:25,750
Suppose, uh, there is there so take this example again as an example.

143
00:15:26,020 --> 00:15:27,650
This is the village mission, right?

144
00:15:27,970 --> 00:15:36,700
So now I am going to send the packet to my colleague next mission so those packets will go for standard

145
00:15:36,700 --> 00:15:37,900
operating rule.

146
00:15:38,530 --> 00:15:43,080
If we attempt to drop these packets, it will be dropped.

147
00:15:43,600 --> 00:15:51,160
And before preloading, after pirouetting and before posting, no, I can drop this package to my local

148
00:15:51,160 --> 00:15:52,120
processor.

149
00:15:52,270 --> 00:15:53,970
Uh, Netcare, 2004.

150
00:15:54,250 --> 00:15:57,160
So are these data sorry.

151
00:15:57,520 --> 00:16:01,840
Are this data from the Loston can be captured in the network.

152
00:16:02,030 --> 00:16:02,620
Two thousand.

153
00:16:02,950 --> 00:16:08,810
And then I can forward to another computer, uh, Windows XP machine.

154
00:16:09,520 --> 00:16:18,610
So this is a pirouetting and so in coming packets will go into this preloading chain and then if you

155
00:16:18,610 --> 00:16:22,420
want to send it to local port, you can send it.

156
00:16:22,420 --> 00:16:28,480
Otherwise it will go to the post routing rules and then it will go to the actual destination.

157
00:16:28,990 --> 00:16:31,510
You can also stop the process here.

158
00:16:31,520 --> 00:16:35,450
I mean, Pacard, the sending the package here, you can also send it to the Port Authority.

159
00:16:35,830 --> 00:16:36,670
This is the principle.

160
00:16:36,910 --> 00:16:40,830
And the next video, what we are going to do is we are stopping it here.

161
00:16:42,490 --> 00:16:43,860
So that's that this you go.

162
00:16:43,870 --> 00:16:50,200
I hope this might sound confusing, but in the next few days we will do the practical and you will have

163
00:16:50,200 --> 00:16:53,410
much more gratification than this, uh, theory will be.

164
00:16:54,400 --> 00:17:01,000
So I highly suggest you to read this article, and this article is very interesting.

165
00:17:01,000 --> 00:17:09,850
And if you want to set the table for some more computers and like a smart organization and this website

166
00:17:09,850 --> 00:17:11,050
is very much useful.

167
00:17:12,010 --> 00:17:13,390
So that's all for this review.

168
00:17:13,390 --> 00:17:14,560
I hope you have understood.