1. On your Ubuntu virtual machine, make sure that the following tools and libraries are installed and configured probably: IPTables, SNORT, SSH Server, MySQL Server, FTP Server
2. Write firewall rules and use IPTables to deploy these rules. Your firewall rules should:
• Enable incoming and outgoing (HTTP—HTTPS, FTP, SSH, and DNS) traffic to/from your
virtual machine over the internet
• Enable incoming and outgoing traffic to a MySQL server from any IP address that only belongs to the subnet of your virtual machine
3. Write intrusion detection rules and deploy these rules on SNORT. Your IDS rules should:
• Detect password brute force attack against the ssh server on your virtual machine.
• Detect if a root account tries to connect to a MySQL server running on your virtual machine.
• Detect if a user from an IP address that does not belong to your virtual machine subnet uploads a binary or an exe file to your FTP server
4. Write test cases to test that your IPTables and SNORT rules work using any network packets
manipulation libraries such as SCAPY, SharpPCAP or Pcap4J or any other tool.