1 / 11

Protecting Your Network

Protecting Your Network. Focus Question. What information contained in packets can be used as matching criteria for a firewall or network service?. Setting the VMnet1 Network Address. Run as admin the Vmware Manage Virtual Networks The admin password is funny Cabrillo

bly
Download Presentation

Protecting Your Network

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Protecting Your Network

  2. Focus Question What information contained in packets can be used as matching criteria for a firewall or network service?

  3. Setting the VMnet1Network Address • Run as admin the VmwareManage Virtual Networks • The admin password isfunny Cabrillo • Select the tab labeled:Host Virtual Network Mapping • Click the arrow on the right and choose subnet • Replace the third octet with your station number. • Click Apply and OK

  4. Verify the Change with ipconfig

  5. DNS and Client VMs • Copy the dns and client virtual Machines from Sybil to your Virtual Machines folder. \\172.30.1.22\vmware • These machines are preconfigured to be on VMnet1, but they don’t have the correct IP addresses to match your network. • You must change their hostnames and their IP addresses

  6. Booting the VMs • Bring up the router vm first: • Set eth1 IP address to192.168.XX.2 • Bring up the webserver vm second: • Change IP address to192.168.XX.3 • Add an index.html file to /var/www/htmlthat shows your computer’s name and IP • Update the ServerName variable in /etc/httpd/conf/hhtpd.conf line 266 • Ping your router to check for connectivity

  7. Booting the DNS VM • Bring up the dns vm: • Change the hostname by substituting your station number for the XX. • Change the IP address to 192.168.XX.4 • Set the nameserver address to the above IP address in the file, /etc/resolv.conf • Change the “XX” to your station # in files: • /etc/named.conf • /var/named/db.localdomain • /var/named/db.XX.168.192

  8. Booting the Client VM • Bring up the client vm last: • Change the hostname in /etc/hosts and/etc/sysconfig/network replacing the XX with your station number. • Add a GATEWAY= variable to the abovenetwork file. • Edit /etc/resolv.conf and specify your dnsXX server as the nameserver. • Test connectivity and name resolution.

  9. Installing a Firewall • Download the iptables shell script from Opus:scp logname@opus.cabrillo.edu:../bin/iptables.sh . • Modify the shell script. • Run the shell script as root. • Test the firewall • Save the firewall settings usingiptables-save > /etc/sysconfig/iptables

  10. Review

  11. Focus Question What information contained in packets can be used as matching criteria for a firewall or network service? Mostly information from Network and Transport layers are used for access controls, but MAC addresses from layer 2 and User information from the application layer may also be used. The most common fields are src and dst IP address, src and dst port numbers, protocol, and TCP state flags such as SYN RST ACK

More Related