Mission 25

Firewall and incident review

Inspect firewall state, add a simulated rule, and write a short incident note.

Security administration
10 minutes Core Lesson 25 of 360
ufwgrepechocat
Lesson 25 of 360 0/360 lessons 0/17 missions Security administration · 10 minutes
0%
Continue View profile
Ops lab terminal Training lab
New learnerrank 0XP 0%complete
learner@clairos:/home/learner $ Unix ops lab: type a command, press Enter
Instructions 10 minutes

Click any instruction for the command details, the why, and the common mistake to avoid.

Inspect firewall

Run ufw status.

ufw status
Add deny rule

Run ufw deny 23/tcp.

ufw deny 23/tcp
Write an incident note

Run echo reviewed-denied-logins > incident-review.txt.

echo reviewed-denied-logins > incident-review.txt
Lesson support

What to notice while you play.

Objective

Practice firewall inspection and lightweight incident documentation.

Hint

Use ufw status before adding a simulated deny rule.

Why it matters

Security changes need evidence and notes, even in a toy lab.

Common mistakes
  • Adding rules before checking current state.
  • Finishing an incident review without notes.
Reference

Commands in this lesson.

echo <text>

Print text or write lab notes with >.

cat <file>

Print text file contents.

grep [-i] <text> <file>

Find literal text inside a file.

ufw status

Inspect simulated firewall rules.