[SOLVED] RHCE Question: TCP Wrapper or iptables?

gurl4sh25 · 01-12-2011, 04:29 AM

Hi Guys,

My friend and I are studying for our coming RHCE(version 5) Exam this month.
We have lots of reviewers downloaded from the internet. Also I've been browsing some forums to get tips.

Anyway, I have a question regarding TCP wrapper and iptables. There's this sample question i've got from one website..

"User1 should be able to get mails using pop3 within domain.org, other machines from organization.com should not have access to this pop3 service"

I know this can be done via TCP wrapper or iptables. My question is, which method should I use in exam? I would like to know the guys who have already passed the RHCE exam on what method they used.

acid_kewpie · 01-12-2011, 04:46 AM

You should use the one you want to. that's the whole ethos of the exam. You just need to achieve the objective, however you see fit. Personally I wrote my own nic firmware filter module in assembly, and it worked fine. ;-)

gurl4sh25 · 01-12-2011, 04:51 AM

Quote:

Originally Posted by acid_kewpie

You should use the one you want to. that's the whole ethos of the exam. You just need to achieve the objective, however you see fit. Personally I wrote my own nic firmware filter module in assembly, and it worked fine. ;-)

Hi acid_kewpie, highly appreciated your reply. It seems you've done it in a different way or should I say advance.. how about the other RHCE guys here what method did you guys used in the exam?

acid_kewpie · 01-12-2011, 04:52 AM

I didn't do that.... of course... it was a joke. I'm just trying to stress that it doesn't matter what other people do. do what you find easiest.

raviteja_s · 01-12-2011, 11:34 PM

!) install dovecot package

2) mutt -f pop://user1.domain.org

3) iptables -A INPUT -s organization.com -p tcp --dport 110 -j REJECT

[B]use iptables for blocking pop server are imap server[/B]

gurl4sh25 · 01-13-2011, 01:01 AM

Quote:

Originally Posted by acid_kewpie

I didn't do that.... of course... it was a joke. I'm just trying to stress that it doesn't matter what other people do. do what you find easiest.

oh i see, I thought you've done that method, knowing it is possible

gurl4sh25 · 01-13-2011, 01:04 AM

Quote:

Originally Posted by raviteja_s

!) install dovecot package

2) mutt -f pop://user1.domain.org

3) iptables -A INPUT -s organization.com -p pop --dport 110 -j REJECT

[B]use iptables for blocking pop server are imap server[/B]

Thanks raviteja_s for your reply. Was wondering if you've are already taken the RHCE? and if this method you have done?

raviteja_s · 01-14-2011, 01:40 AM

In my RHCE exam i was done these steps..

latinmusic74 · 01-14-2011, 03:11 PM

You can try:

iptables -A INPUT -s ! domain.org -p pop --dport 110 -j REJECT

This will reject access to all except domain.org.

acid_kewpie · 01-15-2011, 02:35 AM

Quote:

Originally Posted by raviteja_s

In my RHCE exam i was done these steps..

Discussion of answers to a redhat exam is in direct contradiction of the nda you signed before you took it. If you can please tell me your rhce number I'll get in touch with redhat and have your accreditation stripped, ok? Cheers.

anomie · 01-15-2011, 10:42 PM

@gurl4sh25: when you sit down to take the exam, you'll be required to sign an NDA, and you will see why no one (who cares about his/her cert) can help you.

Good luck.

gurl4sh25 · 01-25-2011, 03:58 AM

Thanks guys, Highly appreciate all your response!

Cheers! =)

zer0signal · 01-25-2011, 09:22 AM

Just remember whatever it takes to get the job done... If you can do it wrappers than do it, if you can do it with iptable than do it. If you can do it with mind control then do it. =)