Network and Firewall Basics

COIT20266 Systems Security Administration
Week 06 [1]
COIT20266 – Systems Security Administration
Week 06 – Network and Firewall Basics
This week contains quite a bit of reading, much of which should be
revision. We tidy up some of the details about system networks
and introduce some tools that we will be using to create and test
firewalls.
Summary
Software we need to install
* iptables – “administration tool for IPv4 packet filtering and
NAT.”
* nmap – “Network exploration tool and security/port scanner.”
Chapters we need to read
* 15 – Routing
* 16 – Network Hardware
* 17 – DNS: The Domain Name System
* 18 – The Network File System
* 19 – Sharing System Files
Tasks
Readings
Read all of the recommended chapters before beginning the
assessment items. We have seen some of the material covered
before, in a prerequisite network course, so it should be a useful
refresher.

COIT20266 Systems Security Administration
Week 06 [2]
Assessment
1. Submit a screenshot of the output from your systems “route”
command. Briefly describe what each line is indicating.
2. Submit the output from a traceroute with destination host
cqu.edu.au. Briefly describe what the output is showing.
3. Because we are using a virtual machine (via VirtualBox) we have
the ability to add additional virtual network cards. Review
VirtualBox help and briefly summaries the following virtual
network modes: Network Address Translation (NAT), Bridged
networking and Internal networking. Ensure you highlight the
differences between them.
4. Submit the contents of your /etc/resolv.conf file. Describe
the contents and use of the file. Where/what is the server that
is resolving domain names for your system?
5. Install (if required) iptables and nmap. Read the man pages
for iptables and nmap and provide a brief summary of each. What
do they have in common?
6. Build two VirtualBox VMs, cloned from the ‘Ubuntu Server’ VM
and configure the virtual network cards and servers so that they
can both ‘see’ each other using the ‘Internal network’ mode of
VirtualBox. Provide ‘proof’ that it works (perhaps the output of
ping or traceroute to/from each server) and briefly describe what
you did. The servers should not be able to ‘see’ the Internet as
they are using ‘Internal network’ mode.
Some hints to help:
You should change the name of your servers and ensure that they do
not both have the same MAC address. Discuss on the course forum
if you have problems with this. Remember to delete the file
/etc/udev/rules.d/70-persistent-net.rules – (why?).
To change the name of the server: update the
/etc/hostname and
/etc/hosts files as appropriate – use the names userv1 and userv2
for the two virtual servers.
To manually configure your network IP address, netmask and
gateway, add something like the following to the
/
etc/network/interfaces file (‘man interfaces’ may help – do not
include the comments!):
# For userv1:
COIT20266 Systems Security Administration
Week 06 [3]
iface eth0 inet static # Configure static IP address and network details.
address 192.168.12.1 # IP address for this host – no two hosts should be the same…
network 192.168.12.0
netmask 255.255.255.0 # Default mask for this IP range.
broadcast 192.168.12.255
gateway 192.168.12.254 # We don’t have one, but set a default for now.
dns-nameservers 192.168.1.1 # This has to be your name server – ADSL Router address.
[Note that 192.168.12.0 has deliberately been used to avoid
clashes with possible local networks that are likely to be
configured as 192.168.1.0.]
You may need to check the
DNS server as well – see the last entry
above – discuss on the course forum if you have problems.
Typically there is no need to reboot the server – we could just
restart the network:
sudo /etc/init.d/networking restart
However, since the /etc/udev/rules.d/70-persistent-net.rules file
was deleted, we need to reboot for the network card to be reinitialised.
If you add an entry in the /etc/hosts file for the other server,
e.g. 192.168.
12.2 userv2 (for userv1), you should be able to ping
it by name rather than IP address.
Re-start both servers and test that the configuration is still
correct.
How to submit:
Include all answers, files etc. in a single Word document zipped
up as
week06.zip. Don’t submit it yet – it’s not due till Week
10.
Weeks 6,7,8 and 9 need to be submitted together and all are due in
Week-10. At that time you should zip up your weeks 6,7,8 and 9
zip files as
Week6789.zip and submit it.