SEC 450 –Lab 1: – Cheap Research Essays

Configure a firewall to protect a perimeter network
Semester X 20XX, Section XXXXX
The vCloud environment is accessible from within the University network or at home through your web browser. For access instructions, consult the vCloud Student Connection Instructions document, available on Blackboard.
Read all instructions in this lab thoroughly and complete the lab as prescribed. Email the professor with any questions. Be sure to submit questions as early as possible to ensure time for answers so that you have the opportunity to complete and submit the lab on time.
Preparation
Using VMware
Some important points to know about VMware:
• To release the keyboard and mouse cursor a VMware session, press CTRL and ALT at the same time.
• The VMware image you are using can take a snapshot of the current state of the machine. There is a button labeled “snapshot” in the browser window to do this.
o The “revert” window will restore the snapshot, destroying any changes since then.
o Taking a snapshot will destroy any prior snapshots
• To perform “CTRL-ALT-DEL” in the VM, use the button, so labeled, inside of the browser window.

Taking Screenshots
• To take screenshots in this lab, be sure the login window to vCloud is not full screen.
• ALT-PRNTSCR should be used so that only that window is captured. Devote as much of the screencapture’s real-estate as possible to the display of the VM itself, minimizing superfluous content. DO NOT take a screenshot of your entire desktop.
• Be sure to use “Paste Special” in Word and choose “Device Independent Bitmap” when pasting:

• Screenshots that are difficult to read due to sizing or other issues may be rejected and points taken off.

Completing the Lab
To complete the lab, fill out the questions in the section below in this document, pasting in screenshots for each question. Save the updated document and upload to Blackboard. Be sure to use Microsoft Word when editing and saving this document.
DO NOT change any formatting in the document. Simply type in your answers and paste in your screenshots.
Alternate submission formatswill not be accepted!!!
Lab Overview
In this lab, students will configure a Linux firewall to restrict access to a server on one side of it from a host on the outside. Students will implement packet filter rules and stateful rules for a variety of services, as well as a web proxy. Students will also use various tools to troubleshoot firewall issues.
Each student will be given their own firewall in VCloud to use for the duration of the course. Due to limitations in VMware, the firewalls will be grouped into clusters of four. You will be emailed credentials for your firewall.

The firewall rules in this lab will be implemented on the command line, using the iptables command. Be sure to readthe man page of iptables for details on how to use the command, specifically lines 1-230. You may also consult any Internet resource. Students are allowed to work together, but each student must submit their own lab with all of the screenshots from their own firewall.
Exercises
Complete the following exercises. For each question, paste in a screenshot of the completed activity. Be sure to show all relevant details.
1. When you first login to your firewall, it is allowing all traffic. What type of a firewall is your system at this point?
Answer the question here.

Lock down the firewall so that its default policy for all tables is deny.What type of a firewall is your system after this change?
Answer the question here.

What change was needed to accomplish this? Type out your answer below, as well as the commands you used in this question.
Answer the question here.

Paste here a print screen of all of the rules on your firewall, including those just implemented.

Paste here a print screen of the output from TCP dump that shows traffic from the South host, and the lack of replies from both the firewall and the North host.
2. Configure the firewall to explicitly allow ping to the firewall, and nothing else. What change was needed to make this work?Type out your answer below, as well as the commands you used in this question.
Answer the question here.

Paste here a print screen of all of the rules on your firewall, including those just implemented.

Paste here a print screen of the output from TCP dump that captures the ping from the remote host, and the reply from the firewall.

3. In addition to the rules from the last question, configure the firewall to allow ping from the firewall, and nothing else. What change was required to make this work? Type out the commands in this question.

Answer the question here.

Paste here a print screen of all of the rules on your firewall, including those just implemented.

Paste herethe output from ping command, executed on the firewall, and the reply from the remote host.

4. In addition to the rules from the questions 2 and 3, configure the firewall with stateless rules to allow HTTP from only the South host as web client, below the firewall to only the North host as web server above firewall, and nothing else. What change was needed to make this work? Type out the commands in this question.

Answer the question here.

Paste here a print screen of all of the rules on your firewall, including those just implemented.

Paste here a print screen of the output from TCP dump that captures the HTTP request from the remote host, and the reply from the web server.

5. Remove the HTTP rulesfrom the firewall and replace them with statefull rules to allow HTTP from only the South host as web client below the firewall to only the North host as web server above firewall, and nothing else. What change was needed to make this work? Type out the commands in this question.
Answer the question here.