Basic Firewall Lab. Lab Objectives. Configuration

Size: px
Start display at page:

Download "Basic Firewall Lab. Lab Objectives. Configuration"

Transcription

1 Basic Firewall Lab Firewalls are devices that filter traffic. Typically they are placed at boundaries between secure and less secure systems or networks. When traffic enters a firewall the firewall compares the traffic to a list of rules until it reaches a rule that applies to the traffic. Then it performs the task set in the rule. A firewall can be either a feature of a software package or a dedicated hardware platform. Lab Objectives By the end of this lab, you will be able to: Determine the connectivity of two network computers. Change access to those computers using firewall rules. Remember to read the report requirements at the end of this document before you start the lab to see what is required to hand into the instructor. Unless otherwise stated by the instructor, this lab is to be completed as a team. The report is to be written as a team. Configuration 1. In this lab, we will be using a Linux Operating System. 2. We will use a terminal screen to manually enter commands to test connectivity. 3. We will use the graphical user interface for ufw to manipulate firewall settings. Stateful/Stateless firewalls Firewalls come in two basic types; the Stateful and the Stateless. The Stateful firewall keeps track of both outgoing and incoming traffic and keeps track of the network connections and streams. For example, a stateful firewall might be set to deny all traffic unless you initiate the communications. In other words hackers would not be able to initiate unsolicited communications with your network. Stateless firewalls watch network traffic, and restrict or block packets based on source and destination addresses or other static values. They are not 'aware' of traffic patterns or data flows. A stateless firewall uses simple rule sets that do not account for the possibility that a packet might be received by the firewall 'pretending' to be something you asked for. Firewall best practices There is an old joke: How do you configure your firewall? Deny everything and wait for the phone to ring. Granted, it s not a very funny joke but it does illustrate firewall best practices. If you were to actually deny all inbound and out bound traffic your phone would immediately start ringing with incensed users demanding that you turn on the traffic they require to do their jobs. Then you could ensure that your firewall would only be open to the traffic that was absolutely necessary. Anything not specifically approved is forbidden. The reason it is best to be strict with network traffic is that every port, protocol, service, and application your system is open to brings its own set of vulnerabilities for hackers to exploit. Page 1 of 6

2 GUFW The Graphical Uncomplicated Firewall is Ubuntu s attempt to make a friendly graphical user interface for their text based UFW or Uncomplicated Firewall. Task 1 Restrict the Access to your computer using firewall settings. Step 1. Logon to your virtual machine: (use Administrator and PW: password) Step 2. Find and open your team s virtual machine that was assigned by your instructor or TA. Step 3. Go to the Console tab Step 4. Determine the connectivity and protocol availability Open Firefox by going to Applications > Internet > Firefox Web Browser. Type for the URL address. You should see the XAMPP webserver website. Leave this website open. Page 2 of 6

3 Step 5. Go to Applications > Accessories > Terminal Step 6. Step 7. Step 8. Type ping and hit the Enter key. This will show you whether there is connectivity between your system and the system with the address , and the speed of the connection. Press Ctrl + C to stop the pinging. Type ssh When prompted, Type yes (no quotes) to continue. If it asks you for the password, then the connectivity for the ssh protocol is available. Type password (no quotes). (Note: when you type the password, it is hidden from view and appears as if you are not typing anything) Type exit. Type ssh to see if you can connect to that machine. Click yes again. The password is again password. After you are done, type "exit" Page 3 of 6

4 Step 9. Type ifconfig. Look for the inet address under eth0 to determine your local IP address (write this down or keep the window open, you ll need it later). Step 10. Now that we have shown that the machine can connect with another machine lets trim the connectivity. On the Linux top menu, go to System > Administration > Firewall Configuration. Step 11. Click unlock, enter the password password, and then check the Enabled box. Step 12. Set both the incoming and the outgoing to deny. Step 13. Now test the connection using the http (firefox window) and ssh protocols in addition to the ping command by repeating steps 4 through 8 in the terminal window. You should get no connectivity. Type ssh (Hint If it takes much longer than normal for a result than you have successfully denied connectivity.) Page 4 of 6

5 Type ping Step 14. Now let s add a rule allowing web traffic. On the Firewall Configuration window, click the Add button. Step 15. Under the preconfigured tab select Allow, Out, Service, Http. Since this is a stateful firewall, traffic is allowed out for a service or application and traffic is allowed in. Click the Add button and then click the Close button. The Firewall status should now look like this: Step 16. Now test the connection by repeating steps 4 through 8. You should get connectivity on Firefox, but not on SSH or pinging. Step 17. Now let s connect the SSH for address only. Most users would want web traffic from the entire internet, while SSH allows secure access between machines. We will want to limit traffic to just the essentials. Page 5 of 6

6 Click the Add button on the Firewall Configuration window. Under the Advanced tab select Allow, Out, Both. Then add the address, in the To box. To indicate the protocol, type ssh in the small box next to it. You could also use the protocol s port, which in this case is 22. Click the Add button and then click the Close button. Step 18. Repeat steps 4 8. This will show that you can now connect with SSH as well as http (Firefox), but ping still will not respond. Interesting thing is that you can connect to the Webserver on but you can t SSH to it. Go to Firefox and type in the address screen. You should see the same Xampp for Linux page. Report: Clearly state your results of this project. You are expected to hand in a report in the following format: A cover page (including project title) with team name and team members A table of contents with page numbers Use double spaced type for convenient grading Number pages. Font size 12, single column Save the Microsoft Word document with the team name in the title. Upload the document into the appropriate ANGEL dropbox. The report should have the following sections. Each section should cover all the topics described below. Take screenshots if it is necessary. You may want to include more than what is specified. Section 1 Complete the following: 1. Include screen shots of the following steps in Task 1: Steps 4, 6, 7, 8, 9, 13, 16, and 18 though with steps 4 8 and for each repetition of steps 4 8 you only need one screenshot showing all of the text from your terminal screen and your Firefox attempts. 2. Why do you want to limit access to your system? 3. Explain what a port is and how it relates to a protocol or service/application. 4. What does SSH allow you to do? 5. Explain why pinging to appears to result in no connectivity between the address and your machine, but you are able to SSH into that address. 6. What settings would you use to deny HTTP traffic to , but allow the use of SSH from your address to that address? 7. Give a realistic scenario in which you would want to restrict HTTP, SSH, or a similar protocol to or from a machine. How would you configure the firewall to achieve those restrictions? Grading Rubric This project has a number of specific requirements. The requirement for each section is documented in the above project instruction Report. Whether you receive credit depends on the following situations: You will get full credit on one item, if it is correctly reported as required and well written. You will get half credit on one item, if it is reported as required but there is something Page 6 of 6

7 definitely wrong. You will not get any credit for one item, if it is not reported. Scoring: Section I: 7 items (100%): Items 1 6 are worth 14% each. Item 7 is worth 16% Note Be sure to include your name and address in the report. The report should be turned in before class on the specified due date. Late submissions will be issued a grade deduction especially if permission is not obtained from the instructor. The instructor reserves the right to grant or reject extra time for report completion. Interesting links: How to protect your Ubuntu PC from intruders GUFW Community Documentation GUFW Create Firewall Configurations Easily with GUFW on Ubuntu. firewall configurations easily with gufw onubuntu UFW Uncomplicated Firewall This is the command line version that GUFW was based on. Page 7 of 6

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

Comodo MyDLP Software Version 2.0. Installation Guide Guide Version 2.0.010215. Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Comodo MyDLP Software Version 2.0. Installation Guide Guide Version 2.0.010215. Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Comodo MyDLP Software Version 2.0 Installation Guide Guide Version 2.0.010215 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1.About MyDLP... 3 1.1.MyDLP Features... 3

More information

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

Lab Exercise Configure the PIX Firewall and a Cisco Router

Lab Exercise Configure the PIX Firewall and a Cisco Router Lab Exercise Configure the PIX Firewall and a Cisco Router Scenario Having worked at Isis Network Consulting for two years now as an entry-level analyst, it has been your hope to move up the corporate

More information

Applied Security Lab 2: Personal Firewall

Applied Security Lab 2: Personal Firewall Applied Security Lab 2: Personal Firewall Network Security Tools and Technology: Host-based Firewall/IDS using Sysgate Name: Due Date: Wednesday (March 3, 2010) by 8:00 a.m. Instructions: The Lab 2 Write-up

More information

School of Information Science (IS 2935 Introduction to Computer Security, 2003)

School of Information Science (IS 2935 Introduction to Computer Security, 2003) Student Name : School of Information Science (IS 2935 Introduction to Computer Security, 2003) Firewall Configuration Part I: Objective The goal of this lab is to allow students to exploit an active attack

More information

How To Create A Virtual Private Cloud In A Lab On Ec2 (Vpn)

How To Create A Virtual Private Cloud In A Lab On Ec2 (Vpn) Virtual Private Cloud - Lab Hands-On Lab: AWS Virtual Private Cloud (VPC) 1 Overview In this lab we will create and prepare a Virtual Private Cloud (VPC) so that we can launch multiple EC2 web servers

More information

Using Virtual Machines

Using Virtual Machines Using Virtual Machines We will use VMs in CIT 130 so that you can access both a Windows 7 and a Linux machine. You will be able to access these from on and off campus (off campus access will require that

More information

CIS 4361: Applied Security Lab 4

CIS 4361: Applied Security Lab 4 CIS 4361: Applied Security Lab 4 Network Security Tools and Technology: Host-based Firewall/IDS using ZoneAlarm Instructions: The Lab 4 Write-up (template for answering lab questions -.doc) can be found

More information

Install MS SQL Server 2012 Express Edition

Install MS SQL Server 2012 Express Edition Install MS SQL Server 2012 Express Edition Sohodox now works with SQL Server Express Edition. Earlier versions of Sohodox created and used a MS Access based database for storing indexing data and other

More information

Snoopy. Objective: Equipment Needed. Background. Procedure. Due Date: Nov 1 Points: 25 Points

Snoopy. Objective: Equipment Needed. Background. Procedure. Due Date: Nov 1 Points: 25 Points Snoopy Due Date: Nov 1 Points: 25 Points Objective: To gain experience intercepting/capturing HTTP/TCP traffic on a network. Equipment Needed Use the Ubuntu OS that you originally downloaded from the course

More information

CNW Re-Tooling Exercises

CNW Re-Tooling Exercises CNW Re-Tooling Exercises I Exercise 1: VPN... 1 Scenario... 1 Detail Steps to perform exercise:... 1 Exercise 2: Install and Configure a Certificate to Web Server... 4 Scenario... 4 Detail Steps to perform

More information

How To Set Up A Network Map In Linux On A Ubuntu 2.5 (Amd64) On A Raspberry Mobi) On An Ubuntu 3.5.2 (Amd66) On Ubuntu 4.5 On A Windows Box

How To Set Up A Network Map In Linux On A Ubuntu 2.5 (Amd64) On A Raspberry Mobi) On An Ubuntu 3.5.2 (Amd66) On Ubuntu 4.5 On A Windows Box CSC-NETLAB Packet filtering with Iptables Group Nr Name1 Name2 Name3 Date Instructor s Signature Table of Contents 1 Goals...2 2 Introduction...3 3 Getting started...3 4 Connecting to the virtual hosts...3

More information

ΕΠΛ 674: Εργαστήριο 5 Firewalls

ΕΠΛ 674: Εργαστήριο 5 Firewalls ΕΠΛ 674: Εργαστήριο 5 Firewalls Παύλος Αντωνίου Εαρινό Εξάμηνο 2011 Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized

More information

Firewalls and Software Updates

Firewalls and Software Updates Firewalls and Software Updates License This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Contents General

More information

AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT EIGHT. Ubuntu Security. www.uscyberpatriot.org

AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT EIGHT. Ubuntu Security. www.uscyberpatriot.org AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT EIGHT Ubuntu Security www.uscyberpatriot.org AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM

More information

Linux Boot Camp. Our Lady of the Lake University Computer Information Systems & Security Department Kevin Barton Artair Burnett

Linux Boot Camp. Our Lady of the Lake University Computer Information Systems & Security Department Kevin Barton Artair Burnett Linux Boot Camp Our Lady of the Lake University Computer Information Systems & Security Department Kevin Barton Artair Burnett Schedule for the Week Schedule for the Week Mon Welcome from Enrollment Management

More information

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized Internet users

More information

CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities

CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities DNS name: turing.cs.montclair.edu -This server is the Departmental Server

More information

Secure Web Development Teaching Modules 1. Security Testing. 1.1 Security Practices for Software Verification

Secure Web Development Teaching Modules 1. Security Testing. 1.1 Security Practices for Software Verification Secure Web Development Teaching Modules 1 Security Testing Contents 1 Concepts... 1 1.1 Security Practices for Software Verification... 1 1.2 Software Security Testing... 2 2 Labs Objectives... 2 3 Lab

More information

XenApp/Citrix Program Neighborhood Installation

XenApp/Citrix Program Neighborhood Installation 1. Download the XenApp Plugin (Citrix Presentation Server) Client Package Version 11.0 for Hosted Apps. Click on this LINK to obtain it. Once prompted, click RUN 2. 3. Save the file to your desktop. Once

More information

10.3.1.9 Lab - Configure a Windows Vista Firewall

10.3.1.9 Lab - Configure a Windows Vista Firewall 5.0 10.3.1.9 Lab - Configure a Windows Vista Firewall Print and complete this lab. In this lab, you will explore the Windows Vista Firewall and configure some advanced settings. Recommended Equipment Step

More information

SSL VPN Service. Once you have installed the AnyConnect Secure Mobility Client, this document is available by clicking on the Help icon on the client.

SSL VPN Service. Once you have installed the AnyConnect Secure Mobility Client, this document is available by clicking on the Help icon on the client. Contents Introduction... 2 Prepare Work PC for Remote Desktop... 4 Add VPN url as a Trusted Site in Internet Explorer... 5 VPN Client Installation... 5 Starting the VPN Application... 6 Connect to Work

More information

Lab Objectives & Turn In

Lab Objectives & Turn In Firewall Lab This lab will apply several theories discussed throughout the networking series. The routing, installing/configuring DHCP, and setting up the services is already done. All that is left for

More information

Introduction to Network Security Lab 1 - Wireshark

Introduction to Network Security Lab 1 - Wireshark Introduction to Network Security Lab 1 - Wireshark Bridges To Computing 1 Introduction: In our last lecture we discussed the Internet the World Wide Web and the Protocols that are used to facilitate communication

More information

HoneyBOT User Guide A Windows based honeypot solution

HoneyBOT User Guide A Windows based honeypot solution HoneyBOT User Guide A Windows based honeypot solution Visit our website at http://www.atomicsoftwaresolutions.com/ Table of Contents What is a Honeypot?...2 How HoneyBOT Works...2 Secure the HoneyBOT Computer...3

More information

Windows Server 2008 R2 Initial Configuration Tasks

Windows Server 2008 R2 Initial Configuration Tasks Windows Server 2008 R2 Initial Configuration Tasks I am not responsible for your actions or their outcomes, in any way, while reading and/or implementing this tutorial. I will not provide support for the

More information

10.3.1.8 Lab - Configure a Windows 7 Firewall

10.3.1.8 Lab - Configure a Windows 7 Firewall 5.0 10.3.1.8 Lab - Configure a Windows 7 Firewall Print and complete this lab. In this lab, you will explore the Windows 7 Firewall and configure some advanced settings. Recommended Equipment Step 1 Two

More information

Installation Guide For ChoiceMail Enterprise Edition

Installation Guide For ChoiceMail Enterprise Edition Installation Guide For ChoiceMail Enterprise Edition How to Install ChoiceMail Enterprise On A Server In Front Of Your Company Mail Server August, 2004 Version 2.6x Copyright DigiPortal Software, 2002-2004

More information

Guardian Digital WebTool Firewall HOWTO. by Pete O Hara

Guardian Digital WebTool Firewall HOWTO. by Pete O Hara Guardian Digital WebTool Firewall HOWTO by Pete O Hara Guardian Digital WebTool Firewall HOWTO by by Pete O Hara Revision History Revision $Revision: 1.1 $ $Date: 2006/01/03 17:25:17 $ Revised by: pjo

More information

Setting Up Scan to SMB on TaskALFA series MFP s.

Setting Up Scan to SMB on TaskALFA series MFP s. Setting Up Scan to SMB on TaskALFA series MFP s. There are three steps necessary to set up a new Scan to SMB function button on the TaskALFA series color MFP. 1. A folder must be created on the PC and

More information

Lab - Observing DNS Resolution

Lab - Observing DNS Resolution Objectives Part 1: Observe the DNS Conversion of a URL to an IP Address Part 2: Observe DNS Lookup Using the nslookup Command on a Web Site Part 3: Observe DNS Lookup Using the nslookup Command on Mail

More information

Intrusion Detection and Prevention: Network and IDS Configuration and Monitoring using Snort

Intrusion Detection and Prevention: Network and IDS Configuration and Monitoring using Snort License Intrusion Detection and Prevention: Network and IDS Configuration and Monitoring using Snort This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons

More information

Lab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance

Lab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance Lab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance Objective Scenario Estimated Time: 20 minutes Number of Team Members: Two teams with four students per team

More information

LAB THREE STATIC ROUTING

LAB THREE STATIC ROUTING LAB THREE STATIC ROUTING In this lab you will work with four different network topologies. The topology for Parts 1-4 is shown in Figure 3.1. These parts address router configuration on Linux PCs and a

More information

How To Set Up A Backupassist For An Raspberry Netbook With A Data Host On A Nsync Server On A Usb 2 (Qnap) On A Netbook (Qnet) On An Usb 2 On A Cdnap (

How To Set Up A Backupassist For An Raspberry Netbook With A Data Host On A Nsync Server On A Usb 2 (Qnap) On A Netbook (Qnet) On An Usb 2 On A Cdnap ( WHITEPAPER BackupAssist Version 5.1 www.backupassist.com Cortex I.T. Labs 2001-2008 2 Contents Introduction... 3 Hardware Setup Instructions... 3 QNAP TS-409... 3 Netgear ReadyNas NV+... 5 Drobo rev1...

More information

Lab 1: Network Devices and Technologies - Capturing Network Traffic

Lab 1: Network Devices and Technologies - Capturing Network Traffic CompTIA Security+ Lab Series Lab 1: Network Devices and Technologies - Capturing Network Traffic CompTIA Security+ Domain 1 - Network Security Objective 1.1: Explain the security function and purpose of

More information

Lab - Observing DNS Resolution

Lab - Observing DNS Resolution Objectives Part 1: Observe the DNS Conversion of a URL to an IP Address Part 2: Observe DNS Lookup Using the Nslookup Command on a Web Site Part 3: Observe DNS Lookup Using the Nslookup Command on Mail

More information

Connection and Printer Setup Guide

Connection and Printer Setup Guide Connection and Printer Setup Guide For connection issues, see the following sections of this document: "Connection Requirements" on page 1 "Log on" on page 2 "Troubleshooting Your Connection" on page 4

More information

Building a Penetration Testing Virtual Computer Laboratory

Building a Penetration Testing Virtual Computer Laboratory Building a Penetration Testing Virtual Computer Laboratory User Guide 1 A. Table of Contents Collaborative Virtual Computer Laboratory A. Table of Contents... 2 B. Introduction... 3 C. Configure Host Network

More information

IS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection

IS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection IS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection Description Lab flow At the end of this lab, you should be able to Discover how to harness the power and capabilities

More information

Virtual Appliance for VMware Server. Getting Started Guide. Revision 2.0.2. Warning and Disclaimer

Virtual Appliance for VMware Server. Getting Started Guide. Revision 2.0.2. Warning and Disclaimer Virtual Appliance for VMware Server Getting Started Guide Revision 2.0.2 Warning and Disclaimer This document is designed to provide information about the configuration and installation of the CensorNet

More information

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Firewall VPN Router. Quick Installation Guide M73-APO09-380 Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,

More information

Multi-Homing Dual WAN Firewall Router

Multi-Homing Dual WAN Firewall Router Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet

More information

Immersion Day. Creating an Elastic Load Balancer. Rev 2015-01

Immersion Day. Creating an Elastic Load Balancer. Rev 2015-01 Rev 2015-01 Table of Contents Overview...3 Launch a Second Web Server...4 Create an ELB...6 Copyright 2015, Amazon Web Services, All Rights Reserved Page 2 Overview This lab will walk the user through

More information

How to Open HTTP or HTTPS traffic to a webserver behind the NetVanta 2000 Series unit (Enhanced OS)

How to Open HTTP or HTTPS traffic to a webserver behind the NetVanta 2000 Series unit (Enhanced OS) NetVanta 2000 Series Technical Note How to Open HTTP or HTTPS traffic to a webserver behind the NetVanta 2000 Series unit (Enhanced OS) This document is applicable to NetVanta 2600 series, 2700 series,

More information

State Health Repository Tool (SHRT) Testing Instructions

State Health Repository Tool (SHRT) Testing Instructions Step 1 - Access the SHRT State Health Repository Tool (SHRT) Testing Instructions 1. Close out any other open browsers. 2. Enter https://shrt.adp.com in the Address field of your browser and press Enter

More information

KeyControl Installation on Amazon Web Services

KeyControl Installation on Amazon Web Services KeyControl Installation on Amazon Web Services Contents Introduction Deploying an initial KeyControl Server Deploying an Elastic Load Balancer (ELB) Adding a KeyControl node to a cluster in the same availability

More information

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Deploying Windows Streaming Media Servers NLB Cluster and metasan Deploying Windows Streaming Media Servers NLB Cluster and metasan Introduction...................................................... 2 Objectives.......................................................

More information

F-Secure Messaging Security Gateway. Deployment Guide

F-Secure Messaging Security Gateway. Deployment Guide F-Secure Messaging Security Gateway Deployment Guide TOC F-Secure Messaging Security Gateway Contents Chapter 1: Deploying F-Secure Messaging Security Gateway...3 1.1 The typical product deployment model...4

More information

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton

More information

CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs

CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs Tasks: 1 (10 min) Verify that TCP/IP is installed on each of the computers 2 (10 min) Connect the computers together via a switch 3 (10 min)

More information

Lab 8.3.13 Configure Cisco IOS Firewall CBAC

Lab 8.3.13 Configure Cisco IOS Firewall CBAC Lab 8.3.13 Configure Cisco IOS Firewall CBAC Objective Scenario Topology In this lab, the students will complete the following tasks: Configure a simple firewall including CBAC using the Security Device

More information

SECURE FTP CONFIGURATION SETUP GUIDE

SECURE FTP CONFIGURATION SETUP GUIDE SECURE FTP CONFIGURATION SETUP GUIDE CONTENTS Overview... 3 Secure FTP (FTP over SSL/TLS)... 3 Connectivity... 3 Settings... 4 FTP file cleanup information... 5 Troubleshooting... 5 Tested FTP clients

More information

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER NEFSIS TRAINING SERIES Nefsis Dedicated Server version 5.1.0.XXX Requirements and Implementation Guide (Rev 4-10209) REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER Nefsis Training Series

More information

How to configure your Windows PC post migrating to Microsoft Office 365

How to configure your Windows PC post migrating to Microsoft Office 365 How to configure your Windows PC post migrating to Microsoft Office 365 1 Contents Purpose... 3 Document Support Boundaries... 3 Examples used in this document... 4 Several different Microsoft Office 365

More information

Network Security. Chapter 3. Cornelius Diekmann. Version: October 21, 2015. Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik

Network Security. Chapter 3. Cornelius Diekmann. Version: October 21, 2015. Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik Network Security Chapter 3 Cornelius Diekmann Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik Version: October 21, 2015 IN2101, WS 15/16, Network Security 1 Security Policies and

More information

1 Download & Installation... 4. 1 Usernames and... Passwords

1 Download & Installation... 4. 1 Usernames and... Passwords Contents I Table of Contents Part I Document Overview 2 Part II Document Details 3 Part III EventSentry Setup 4 1 Download & Installation... 4 Part IV Configuration 4 1 Usernames and... Passwords 5 2 Network...

More information

1 Recommended Readings. 2 Resources Required. 3 Compiling and Running on Linux

1 Recommended Readings. 2 Resources Required. 3 Compiling and Running on Linux CSC 482/582 Assignment #2 Securing SimpleWebServer Due: September 29, 2015 The goal of this assignment is to learn how to validate input securely. To this purpose, students will add a feature to upload

More information

CCNA Discovery 4.0.3.0 Networking for Homes and Small Businesses Student Packet Tracer Lab Manual

CCNA Discovery 4.0.3.0 Networking for Homes and Small Businesses Student Packet Tracer Lab Manual 4.0.3.0 Networking for Homes and Small Businesses Student Packet Tracer Lab Manual This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial

More information

www.wit.tafensw.edu.au

www.wit.tafensw.edu.au CONNECTING TO WIRELESS NETWORK TAFE WESTERN CONNECTING TO WIRELESS NETWORK iphone/ipod Touch, ipad, Internet Explorer, Firefox TAFE Western provides wireless access for staff and students via the TAFE-Guest

More information

Lab assignment #1 Firewall operation and Access Control Lists

Lab assignment #1 Firewall operation and Access Control Lists University of Pittsburgh School of Information Science IS2820/TEL2813 - Security Management Lab GSA: Carlos Caicedo Document version: 1.0 / 2008 I. Lab resources for this assignment Lab assignment #1 Firewall

More information

F-SECURE MESSAGING SECURITY GATEWAY

F-SECURE MESSAGING SECURITY GATEWAY F-SECURE MESSAGING SECURITY GATEWAY DEFAULT SETUP GUIDE This guide describes how to set up and configure the F-Secure Messaging Security Gateway appliance in a basic e-mail server environment. AN EXAMPLE

More information

Assignment 3 Firewalls

Assignment 3 Firewalls LEIC/MEIC - IST Alameda ONLY For ALAMEDA LAB equipment Network and Computer Security 2013/2014 Assignment 3 Firewalls Goal: Configure a firewall using iptables and fwbuilder. 1 Introduction This lab assignment

More information

User Guide. You will be presented with a login screen which will ask you for your username and password.

User Guide. You will be presented with a login screen which will ask you for your username and password. User Guide Overview SurfProtect is a real-time web-site filtering system designed to adapt to your particular needs. The main advantage with SurfProtect over many rivals is its unique architecture that

More information

Setting up VNC, SAMBA and SSH on Ubuntu Linux PCs Getting More Benefit out of Your Local Area Network

Setting up VNC, SAMBA and SSH on Ubuntu Linux PCs Getting More Benefit out of Your Local Area Network What Are These Programs? VNC (Virtual Network Computing) is a networking application that allows one computer's screen to be viewed by, and optionally controlled by one or more other computers through

More information

Step-by-Step Configuration

Step-by-Step Configuration Step-by-Step Configuration Kerio Technologies Kerio Technologies. All Rights Reserved. Printing Date: August 15, 2007 This guide provides detailed description on configuration of the local network which

More information

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Biznet GIO Cloud Connecting VM via Windows Remote Desktop Biznet GIO Cloud Connecting VM via Windows Remote Desktop Introduction Connecting to your newly created Windows Virtual Machine (VM) via the Windows Remote Desktop client is easy but you will need to make

More information

Lab 8.3.2 Conducting a Network Capture with Wireshark

Lab 8.3.2 Conducting a Network Capture with Wireshark Lab 8.3.2 Conducting a Network Capture with Wireshark Objectives Perform a network traffic capture with Wireshark to become familiar with the Wireshark interface and environment. Analyze traffic to a web

More information

MultiSite Manager. Setup Guide

MultiSite Manager. Setup Guide MultiSite Manager Setup Guide Contents 1. Introduction... 2 How MultiSite Manager works... 2 How MultiSite Manager is implemented... 2 2. MultiSite Manager requirements... 3 Operating System requirements...

More information

Step-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition

Step-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition Step-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition The installation of Lync Server 2010 is a fairly task-intensive process. In this article, I will walk you through each of the tasks,

More information

RAPID BROADBAND INSTALLATION RAPID BROADBAND SUPPORT CONTACT DETAILS. support@rapidbroadband.ie AND TROUBLESHOOTING GUIDE. Email: Tel: 076 6708787

RAPID BROADBAND INSTALLATION RAPID BROADBAND SUPPORT CONTACT DETAILS. support@rapidbroadband.ie AND TROUBLESHOOTING GUIDE. Email: Tel: 076 6708787 RAPID BROADBAND INSTALLATION AND TROUBLESHOOTING GUIDE RAPID BROADBAND SUPPORT CONTACT DETAILS Email: support@rapidbroadband.ie Tel: 076 6708787 January 2008 1 INTERNET CONNECTION TROUBLESHOOTING GUIDE

More information

How to Configure Captive Portal

How to Configure Captive Portal How to Configure Captive Portal Captive portal is one of the user identification methods available on the Palo Alto Networks firewall. Unknown users sending HTTP or HTTPS 1 traffic will be authenticated,

More information

How to set up your Secure Email in Outlook 2010*

How to set up your Secure Email in Outlook 2010* How to set up your Secure Email in Outlook 2010* This guide is for hosting clients who are hosting their email with us. If you are using a third party email, you should not use these instructions. 1. Open

More information

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC 1 Introduction Release date: 11/12/2003 This application note details the steps for creating an IKE IPSec VPN tunnel

More information

Transparent Firewall/Filtering Bridge - pfsense 2.0.2. By William Tarrh

Transparent Firewall/Filtering Bridge - pfsense 2.0.2. By William Tarrh Transparent Firewall/Filtering Bridge - pfsense 2.0.2 By William Tarrh Version 2 February 6, 2013 1 Transparent Firewall/Filtering Bridge - pfsense 2.0.2 This how to is an updated version of Trendchiller

More information

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup 1:1 NAT in ZeroShell Requirements The version of ZeroShell used for writing this document is Release 1.0.beta11. This document does not describe installing ZeroShell, it is assumed that the user already

More information

NYU-Poly VLAB Introduction LAB 0

NYU-Poly VLAB Introduction LAB 0 NYU-Poly VLAB Introduction LAB 0 1. Overview The purpose of this lab is to familiarize yourself with the operations and access to the NYU- Poly Virtual Information Technology and Assurance Lab (VITAL).

More information

GENERAL FILE TRANSFER GUIDELINES

GENERAL FILE TRANSFER GUIDELINES GENERAL FILE TRANSFER GUIDELINES EMSTARS extracts (the XML files containing patient care records) will be transferred to the FDOH Secure Server at intervals defined in the EMSTARS Business Rules (available

More information

Lab 7.3.1 Editing the HOSTS File in Windows

Lab 7.3.1 Editing the HOSTS File in Windows Lab 7.3.1 Editing the HOSTS File in Windows Objective Edit the local HOSTS file on a Windows PC to map a name to an IP address for easier identification. Background / Preparation You are employed at an

More information

Lab - Using Wireshark to View Network Traffic

Lab - Using Wireshark to View Network Traffic Topology Objectives Part 1: (Optional) Download and Install Wireshark Part 2: Capture and Analyze Local ICMP Data in Wireshark Start and stop data capture of ping traffic to local hosts. Locate the IP

More information

CDH installation & Application Test Report

CDH installation & Application Test Report CDH installation & Application Test Report He Shouchun (SCUID: 00001008350, Email: she@scu.edu) Chapter 1. Prepare the virtual machine... 2 1.1 Download virtual machine software... 2 1.2 Plan the guest

More information

How To Test The Bandwidth Meter For Hyperv On Windows V2.4.2.2 (Windows) On A Hyperv Server (Windows V2) On An Uniden V2 (Amd64) Or V2A (Windows 2

How To Test The Bandwidth Meter For Hyperv On Windows V2.4.2.2 (Windows) On A Hyperv Server (Windows V2) On An Uniden V2 (Amd64) Or V2A (Windows 2 BANDWIDTH METER FOR HYPER-V NEW FEATURES OF 2.0 The Bandwidth Meter is an active application now, not just a passive observer. It can send email notifications if some bandwidth threshold reached, run scripts

More information

TABLE OF CONTENTS. Change Server Port in OBIEE 11g Page 2 of 15

TABLE OF CONTENTS. Change Server Port in OBIEE 11g Page 2 of 15 TABLE OF CONTENTS Introduction... 3 1. Stop the WebLogic Managed Server bi_server1... 4 2. Change the port number... 9 3. Start the WebLogic Managed Server bi_server1... 11 4. Test that everything is running

More information

Modern snoop lab lite version

Modern snoop lab lite version Modern snoop lab lite version Lab assignment in Computer Networking OpenIPLab Department of Information Technology, Uppsala University Overview This is a lab constructed as part of the OpenIPLab project.

More information

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner

More information

Smoking and any food or drinks are not permitted in the Applications Lab!

Smoking and any food or drinks are not permitted in the Applications Lab! 220 Lab C Introduction to Cisco IP Telephony Pre-Lab Activities: None Purpose of the experiment: To explore the Cisco IP Telephony System configuration options, and its use. Smoking and any food or drinks

More information

10 Configuring Packet Filtering and Routing Rules

10 Configuring Packet Filtering and Routing Rules Blind Folio 10:1 10 Configuring Packet Filtering and Routing Rules CERTIFICATION OBJECTIVES 10.01 Understanding Packet Filtering and Routing 10.02 Creating and Managing Packet Filtering 10.03 Configuring

More information

Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets

Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets All contents are Copyright 1992 2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 8 Device Interface

More information

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder. CMSC 355 Lab 3 : Penetration Testing Tools Due: September 31, 2010 In the previous lab, we used some basic system administration tools to figure out which programs where running on a system and which files

More information

ILTA HANDS ON Securing Windows 7

ILTA HANDS ON Securing Windows 7 Securing Windows 7 8/23/2011 Table of Contents About this lab... 3 About the Laboratory Environment... 4 Lab 1: Restricting Users... 5 Exercise 1. Verify the default rights of users... 5 Exercise 2. Adding

More information

Penetration Testing LAB Setup Guide

Penetration Testing LAB Setup Guide Penetration Testing LAB Setup Guide (External Attacker - Intermediate) By: magikh0e - magikh0e@ihtb.org Last Edit: July 06 2012 This guide assumes a few things... 1. You have read the basic guide of this

More information

IP-PBX Quick Start Guide

IP-PBX Quick Start Guide IP-PBX Quick Start Guide Introduce... 3 Configure and set up the IP-PBX... 4 How to change the IP address... 7 Set up extensions and make internal calls... 8 How to make calls via the FXO port... 10 How

More information

Automatic Hotspot Logon

Automatic Hotspot Logon WHITE PAPER: for VPN Setup Features of the integrated, dynamic NCP Personal Firewall Solution Table of Contents 1. Insecure mobile computing via Wi-Fi networks (hotspots)...1 1.1 Basic hotspot functionality...

More information

Network Packet Analysis and Scapy Introduction

Network Packet Analysis and Scapy Introduction Copyright: The development of this document is funded by Higher Education of Academy. Permission is granted to copy, distribute and /or modify this document under a license compliant with the Creative

More information

Installing the SSH Client v3.2.2 For Microsoft Windows

Installing the SSH Client v3.2.2 For Microsoft Windows WIN1011 June 2003 Installing the SSH Client v3.2.2 For Microsoft Windows OVERVIEW... 1 SYSTEM REQUIREMENTS... 2 INSTALLING THE SSH PACKAGE... 2 STARTING THE PROGRAMS... 5 USING THE SHELL CLIENT... 8 USING

More information

Microsoft Labs Online

Microsoft Labs Online Microsoft Labs Online Self-Service Student Guide Welcome to Microsoft Labs Online powered by Xtreme Velocity. This document provides stepby-step instructions on how to: Create an account. Use your virtual

More information

NetSupport DNA Configuration of Microsoft SQL Server Express

NetSupport DNA Configuration of Microsoft SQL Server Express NetSupport DNA Configuration of Microsoft SQL Server Express Configuration of Microsoft SQL Server Express and NetSupport DNA Installation Requirements If installing Microsoft SQL Server Express on Windows

More information

Maple T.A. Beginner's Guide for Instructors

Maple T.A. Beginner's Guide for Instructors Maple T.A. Beginner's Guide for Instructors Copyright Maplesoft, a division of Waterloo Maple Inc. 2013 Maple T.A. Beginner's Guide for Instructors Contents Preface... v 1 Maple T.A. Quick Start for Instructors...

More information

Apache Configuration

Apache Configuration Apache Configuration In this exercise, we are going to get Apache configured to handle a couple of different websites. We are just going to use localhost (the default address for a server), but the same

More information