Access Control Lists
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:00
>> Hey, Cybrarians, welcome back to
00:00
the Linux plus course here at Cybrary.
00:00
I'm your instructor Rob Goelz.
00:00
In today's lesson we're going to
00:00
cover access control lists.
00:00
Upon completion of today's lesson,
00:00
you are going to be able to explain the purpose
00:00
of an access control list or ACL.
00:00
We're going to talk about what information
00:00
is needed to construct an ACL.
00:00
Then we're going to determine the actions
00:00
that an ACL can define.
00:00
There are a number of ways to implement a firewall,
00:00
but the most common is what is referred to as
00:00
a packet filtering firewall.
00:00
In this type of firewall, public to
00:00
private network traffic is going to go through
00:00
the firewall and it will capture
00:00
all incoming and outgoing packets.
00:00
Now a packet-filtering firewall uses
00:00
an access control list or
00:00
an ACL to determine what to filter.
00:00
The ACL defines which packets are allowed,
00:00
and it can filter on things such
00:00
as packet origin or source,
00:00
the destination that the packet is going to,
00:00
as well as the port and protocol.
00:00
Let's talk a little bit more
00:00
>> about all these components.
00:00
>> The source is going to refer
00:00
to where the packet originated.
00:00
That can filter on the IP address or the MAC address.
00:00
The destination refers to
00:00
>> where the packet's being sent.
00:00
>> Likewise, we're going to filter on
00:00
the destination IP or the destination MAC.
00:00
Ports filter on the source or destination port.
00:00
For example, port 22 for SSH.
00:00
But we can also use protocol and
00:00
we can filter based on the protocol,
00:00
the TCP, UDP protocol associated with port.
00:00
For example, we can say that we are
00:00
going to filter on HTTP,
00:00
which is port E, but we don't have to say port 80,
00:00
we just say HTTP, very nice.
00:00
ACL also defines the actions
00:00
that the firewall will take based
00:00
upon what happens with these packets.
00:00
For example, we can accept the packet
00:00
which allows the packet to proceed.
00:00
We can reject the packet,
00:00
which returns the packet to
00:00
>> source with an error message,
00:00
>> we can drop the packet which is going to
00:00
discard the packet with no response set.
00:00
Finally, we can log,
00:00
which means we're going to create a log entry
00:00
with information about the packet,
00:00
but that packet is neither allowed nor blocked.
00:00
In this lesson, we covered the purpose of
00:00
an access control list or an ACL.
00:00
We talked about the components of
00:00
an ACL including the source,
00:00
destination, ports, and protocol.
00:00
Then we talked about the actions
00:00
that can be defined by an ACL,
00:00
accept, reject, drop, or lock.
00:00
Thanks so much for being here and I look
00:00
forward to seeing you in the next lesson.
Up Next
Instructed By
Similar Content
