Design and Configuration of a Network Security and Forensics Lab

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Design and Configuration of a Network Security and Forensics Lab"

Transcription

1 Design and Configuration of a Network Security and Forensics Lab Billy Harris Joseph Kizza Mike Ward ABSTRACT This paper describes the design and implementation of the security and forensic lab at UTC. The lab supports teaching and research in computer networks, network security, and information forensics. The lab uses a faculty-administered server to record Internet attacks as they occur, five student-administered network servers, and 20 client machines. Keywords Network forensics, graduate education 1. INTRODUCTION The at the University of Tennessee at Chattanooga has been offering a course in network security. The department is also adding a computer forensics course to its catalog and received funds to set up a security and forensics lab. While the lab as been tested and is running smoothly, it presents a security challenge of its own to the department. The lab must allow students to use a variety of methods to prevent, detect, and trace network attacks yet prevent the attacks from actually compromising any of the machines. Additionally, the lab was designed to expose students to a wide variety of operating systems. With these design goals, the resulting lab has 4 Macintosh machines, 6 Windows machines, 8 Linux machines, and 5 FreeBSD machines. It also has a Wireless Access Point, and 2 Windows laptop computers. To accurately detect and record attempted attacks, the lab lives outside of the campus firewall. This means that in addition to protecting the lab machines, student actions must be closely logged to prevent hostile actions originating from the lab. These goals, along with our desire to have as many network servers as possible to support hands-on training in network administration lead to the tree topology shown in Figure 1. Specifically, our lab provides for five machines to act as servers; each with assigned address space (we use various subnets in the range x.x), and the faculty server which correctly routes among the various subnets. This structure allows up to 5 machines to run network services such as DNS or DHCP. For example, Server1 can run its own Network Address Translation (NAT) system using the /16 subnet rather than use the assigned /8 subnet. Note that currently server5 does not have any client machines and thus is not using its assigned subnet.

2 2. MASTER SERVER The master server, or faculty server, acts as the firewall and main intranet router. It provides detailed logs of both intrusion attempts (hacks) and student/lab activity. It also acts as the main intra-lab router and serves as the DNS server (it can be configured to forward internal requests to the various student servers for named subdomains). Currently, the lab is configured into distinct subnets, allowing for student-administered networks. The master server (administered by computer science faculty) provides DHCP service for the 5 student servers as well as the printer, the wireless access point, and the wireless clients. It is also configured to use IP masquerading (NAT) to further protect the lab from attacks. Students do not have accounts on this machine. If a slightly different configuration is used, the master server would not delegate anything to the student servers, and the lab would then function as a generalpurpose lab with a slightly odd network topology. A PowerEdge 2600 machine was selected to act as the lab s main server. Currently, the machine runs the Debian version of Linux, using a customized version of the Linux kernel version Out to Internet T1 Line & router Printer x Server0 (faculty administered) Firewall, DNS, DHCP, NAT, logs, router Server1 (shown running its own DNS and NAT) net x Server x net3 Server3 WAP net4 Server4 Server5 Clients 5 to 8 Clients 13 to 16 Clients 9 to 12 net2 Wireless clients Clients 1 to 4 Figure 1: Network Topology for Network Forensics Lab

3 3. STUDENT SERVERS Server1 currently runs Microsoft Windows XP. The remaining student servers run the Debian distribution of Linux using kernel version Each server has an assigned subnet range and provides DHCP service to machines in the subnet. Server5 currently has no clients, but it can be used as a web server and/or a secondary DNS server. The Wireless Access Point (WAP) allows for the designated wireless clients to use the network. They use the DHCP service provided by the faculty server (server0). To satisfy UTC s security concerns and avoid interfering with the campus wireless network, the WAP has several security-related configuration options including: Using minimum possible power Communicating only with clients possessing the proper SSID. Routing only packets from designated MAC addresses; specifically it will only respond to wireless clients assigned to this lab. The faculty closely supervise any student access to the WAP configuration options. 4. CLIENT COMPUTERS The lab includes four Windows client computers, one for each subnet. These run Windows XP. The lab also includes two notebook computers running Windows XP; these act as wireless clients. There are also four Linux client computers, one for each subnet. These run the Debian distribution of Linux, under kernel There are 5 Unix client computers; two for the net2 subnet and one for each of the other subnets. These clients run FreeBSD version The clients have less software installed on them than do the Linux or Windows computers; they are running a text-mode interface. Finally, the lab includes 3 Macintosh clients running MacOS 10.3, and will soon have an IMac which will act as a wireless client. All clients have been kept up-to-date with the latest patches needed for the corresponding operating system. 5. PASSWORD POLICY The lab poses interesting problems in forming a password policy. In order for students to administer the network services discussed, they must have administrator (root) access to the server they are using. But this introduces the possibility of plagiarizing or sabotaging other student projects. Worse, a malicious student could pose as an innocent party while wreaking havoc. And there are not enough subnets to assign one per student.

4 We decided to give all clients a common root password, which is also used for the printer configuration menu. Each server (and also the WAP) has a unique password, which allows each group to work on their subnet free of interference from others. And, as mentioned, the faculty server will have a separate root password not shared with any student. 6. INSTITUTIONAL INVOLVEMENT The Networking department of the University of Tennessee at Chattanooga (UTC) has been working with the Computer Science department in the design and implementation of the network security laboratory. As would be expected, there were a number of concerns with having a lab dedicated to information forensics and penetration testing available to students on campus. The major concern of the Networking department was to protect UTC s network. A decision was made to separate the networking security laboratory from the rest of the campus network, placing it beyond UTC s firewall and other protective measures. This effectively made UTC an Internet Service Provider (ISP) for the networking security laboratory. The Networking staff was able to provide a router and a range of real class C Internet numbers for use in the lab. Once the router was properly configured and the Internet numbers assigned, the networking security laboratory was no different than any other potentially hostile component of the Internet. Though the networking security laboratory is acting as a separate entity from UTC s network, the potential effects to other hosts on the Internet from actions performed within the laboratory can still be traced back to UTC. The responsibility of monitoring and preventing hostile actions towards other Internet hosts falls upon the students, Computer Science faculty, and Networking staff. Part of the curriculum for any class that uses the networking security laboratory will be student instruction in proper computer security ethics and the potential penalties from abusing the resources of the laboratory. One of the most important duties of the master server (described below) is to monitor network traffic flow into and out of the lab via a packet sniffer. The server maintains a log for each network transaction including a time stamp along with the source and destination hosts involved in the transaction. This system log is parsed daily using automated scripts and a summary is mailed to faculty overseers. The log is also archived at the end of each semester onto a CDROM. The logs will also include attacks directed from other hosts on the Internet into the lab. This provides an authentic data source and compelling examples to use in the network forensics class. As with any other host or subnet at UTC, the Networking staff is authorized to disconnect any host or subnet found to be abusing its network privileges. 7. CONCLUSIONS We have designed and configured a computer lab suitable for use in a networking or network forensics class. The lab has a faculty-administered machine to log network attacks (including possible

5 outgoing attacks), five student-run network servers with assigned subnets to use, a wireless access point, and numerous client computers running a variety of operating systems. The lab allows for students to gain hands-on experience configuring DNS, DHCP, and other network servers; it also captures attack packets for analysis by various forensic tools. Various configurations of the master server will selectively act as a full NAT or just a firewall; allow for studentrun subdomains or act like a general-purpose lab; log genuine attack packets as they come in while shielding possibly insecure machines from the actual attack. It will also log network activity to provide accountability for any mischievous students. 8. REFERENCES [1] Craig Hunt. TCP/IP Network Administration, 3 rd Edition. O'Reilly & Associates, Inc [2] William Cheswick, et al. Firewalls and Internet Security: Repelling the Wily Hacker, 2 nd Edition. Addison-Wesley [3] The Networking CD Bookshelf, version 2.0. O'Reilly & Associates

Chapter 4 Customizing Your Network Settings

Chapter 4 Customizing Your Network Settings . Chapter 4 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the Wireless-G Router Model WGR614v9, including LAN, WAN, and routing settings. It

More information

Chapter 4 Customizing Your Network Settings

Chapter 4 Customizing Your Network Settings Chapter 4 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the RangeMax Dual Band Wireless-N Router WNDR3300, including LAN, WAN, and routing settings.

More information

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

Chapter 5 Customizing Your Network Settings

Chapter 5 Customizing Your Network Settings Chapter 5 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the RangeMax NEXT Wireless Router WNR834B, including LAN, WAN, and routing settings.

More information

Microsoft Technologies

Microsoft Technologies NETWORK ENGINEERING TRACK Microsoft Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS Module 1 - Office Applications This subject enables users to acquire the necessary knowledge and skills to use

More information

IT6203 Systems & Network Administration. (Optional)

IT6203 Systems & Network Administration. (Optional) Systems & Network Administration (Optional) INTRODUCTION This is one of the Optional courses designed for Semester 6 of the Bachelor of Information Technology Degree program. This course on Systems & Network

More information

CET442L Lab #2. IP Configuration and Network Traffic Analysis Lab

CET442L Lab #2. IP Configuration and Network Traffic Analysis Lab CET442L Lab #2 IP Configuration and Network Traffic Analysis Lab Goals: In this lab you will plan and implement the IP configuration for the Windows server computers on your group s network. You will use

More information

Chapter 3 Connecting the Router to the Internet

Chapter 3 Connecting the Router to the Internet Chapter 3 Connecting the Router to the Internet This chapter describes how to set up the router on your Local Area Network (LAN) and connect to the Internet. It describes how to configure your DG834GT

More information

Chapter 1 Connecting Your Router to the Internet

Chapter 1 Connecting Your Router to the Internet Chapter 1 Connecting Your Router to the Internet This chapter describes how to configure your DG834N RangeMax TM NEXT Wireless ADSL2+ Modem Router Internet connection.when you perform the initial configuration

More information

CMPT 471 Networking II

CMPT 471 Networking II CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access

More information

20410: Installing and Configuring Windows Server 2012

20410: Installing and Configuring Windows Server 2012 20410: Installing and Configuring Windows Server 2012 Microsoft - Servidores Nível: Intermédio Duração: 30h Sobre o curso After completing this course, students will be able to: Install and configure Windows

More information

VPN Overview. The path for wireless VPN users

VPN Overview. The path for wireless VPN users VPN Overview The path for wireless VPN users First, the user's computer (the blue computer) connects to an access point in the uiuc-wireless-net network and is assigned an IP address in that range (172.21.0.0

More information

MS 20410 Installing and Configuring Windows Server 2012

MS 20410 Installing and Configuring Windows Server 2012 P a g e 1 of 10 MS 20410 Installing and Configuring Windows Server 2012 About this Course This course is part one of a three-part series that provides the skills and knowledge necessary to implement a

More information

Installing and Configuring Windows Server 2012 MOC 20410

Installing and Configuring Windows Server 2012 MOC 20410 Installing and Configuring Windows Server 2012 MOC 20410 Course Outline Module 1: Deploying and Managing Windows Server 2012 This module introduces the new Windows Server 2012 administrative interface.

More information

Chapter 15: Advanced Networks

Chapter 15: Advanced Networks Chapter 15: Advanced Networks IT Essentials: PC Hardware and Software v4.0 1 Determine a Network Topology A site survey is a physical inspection of the building that will help determine a basic logical

More information

Chapter 9 Monitoring System Performance

Chapter 9 Monitoring System Performance Chapter 9 Monitoring System Performance This chapter describes the full set of system monitoring features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. You can be alerted to important

More information

Policy on Connection to the University Network

Policy on Connection to the University Network Policy on Connection to the University Network Revision History Version Date Changes 0.1 01/12/04 David Conway 0.2 02/12/04 David Conway 0.3 19/01/05 David Conway 0.4 21/01/05 David Conway 1.0 07/03/05

More information

Auburn Montgomery. Registration and Security Policy for AUM Servers

Auburn Montgomery. Registration and Security Policy for AUM Servers Auburn Montgomery Title: Responsible Office: Registration and Security Policy for AUM Servers Information Technology Services I. PURPOSE To outline the steps required to register and maintain departmental

More information

Network Security Policy

Network Security Policy Network Security Policy Policy Contents I. POLICY STATEMENT II. REASON FOR POLICY III. SCOPE IV. AUDIENCE V. POLICY TEXT VI. PROCEDURES VII. RELATED INFORMATION VIII. DEFINITIONS IX. FREQUENTLY ASKED QUESTIONS

More information

Pre-lab and In-class Laboratory Exercise 10 (L10)

Pre-lab and In-class Laboratory Exercise 10 (L10) ECE/CS 4984: Wireless Networks and Mobile Systems Pre-lab and In-class Laboratory Exercise 10 (L10) Part I Objectives and Lab Materials Objective The objectives of this lab are to: Familiarize students

More information

Chapter 2 Preparing Your Network

Chapter 2 Preparing Your Network Chapter 2 Preparing Your Network This document describes how to prepare your network to connect to the Internet through a router and how to verify the readiness of your broadband Internet service from

More information

LAN TCP/IP and DHCP Setup

LAN TCP/IP and DHCP Setup CHAPTER 2 LAN TCP/IP and DHCP Setup 2.1 Introduction In this chapter, we will explain in more detail the LAN TCP/IP and DHCP Setup. 2.2 LAN IP Network Configuration In the Vigor 2900 router, there are

More information

MN-700 Base Station Configuration Guide

MN-700 Base Station Configuration Guide MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station

More information

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE Anne Arundel Community College Tracks Anne Arundel Community College s computer technologies courses have been organized into 10 suggested tracks. The tracks are arranged to ensure that students have the

More information

Installing and Configuring Windows Server 2012

Installing and Configuring Windows Server 2012 Course 20410B: Installing and Configuring Windows Server 2012 Length: 5 Days Audience(s): IT Professionals Level: 200 Technology: Windows Server 2012 Overview About this Course This course is part one

More information

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,

More information

74% 96 Action Items. Compliance

74% 96 Action Items. Compliance Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated

More information

Chapter 1 Configuring Basic Connectivity

Chapter 1 Configuring Basic Connectivity Chapter 1 Configuring Basic Connectivity This chapter describes the settings for your Internet connection and your wireless local area network (LAN) connection. When you perform the initial configuration

More information

Computer Network Engineering

Computer Network Engineering 226 Computer Network Engineering Computer Network Engineering Degrees, Certificates and Awards Associate in Science: Computer Network Engineering Certificate of Achievement: Computer Network Engineering

More information

Course Outline: Course 20410- Installing and Configuring Windows Server 2012

Course Outline: Course 20410- Installing and Configuring Windows Server 2012 Course Outline: Course 20410- Installing and Configuring Windows Server 2012 Learning Method: Instructor-led Classroom Learning Duration: 5.00 Day(s)/ 40 hrs Overview: The course is part one of a series

More information

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

Chapter 1 Configuring Internet Connectivity

Chapter 1 Configuring Internet Connectivity Chapter 1 Configuring Internet Connectivity This chapter describes the settings for your Internet connection and your wireless local area network (LAN) connection. When you perform the initial configuration

More information

CDS and Clearing Limited Thapathali, Kathmandu 7 th Level (Technical) Syllabus

CDS and Clearing Limited Thapathali, Kathmandu 7 th Level (Technical) Syllabus CDS and Clearing Limited Thapathali, Kathmandu 7 th Level (Technical) Syllabus Modality of Examination: The examination comprises of two papers, each carrying 100 marks. The first paper is General Overview

More information

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams

More information

NETWORK PENETRATION TESTING

NETWORK PENETRATION TESTING Tim West Consulting 6807 Wicklow St. Arlington, TX 76002 817-228-3420 Twest@timwestconsulting.com OVERVIEW Tim West Consulting Tim West Consulting is a full service IT security and support firm that specializes

More information

ecopy ShareScan v4.3 Pre-Installation Checklist

ecopy ShareScan v4.3 Pre-Installation Checklist ecopy ShareScan v4.3 Pre-Installation Checklist This document is used to gather data about your environment in order to ensure a smooth product implementation. The Network Communication section describes

More information

Savvius Insight Initial Configuration

Savvius Insight Initial Configuration The configuration utility on Savvius Insight lets you configure device, network, and time settings. Additionally, if you are forwarding your data from Savvius Insight to a Splunk server, You can configure

More information

Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library

Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library Why should you be concerned? There are over 1 million known computer viruses. An unprotected computer on the

More information

OSU INSTITUTE OF TECHNOLOGY POLICY & PROCEDURES

OSU INSTITUTE OF TECHNOLOGY POLICY & PROCEDURES Network Security 6-005 INFORMATION TECHNOLOGIES July 2013 INTRODUCTION 1.01 OSU Institute of Technology (OSUIT) s network exists to facilitate the education, research, administration, communication, and

More information

8 NETWORK SERVERS AND SERVICES FUNDAMENTALS

8 NETWORK SERVERS AND SERVICES FUNDAMENTALS 8 NETWORK SERVERS AND SERVICES FUNDAMENTALS PROJECTS Project 8.1 Project 8.2 Project 8.3 Project 8.4 Project 8.5 Understanding Key Concepts Comparing Network Operating Systems Understanding Basic Services

More information

CIS 4204 Ethical Hacking Fall, 2014

CIS 4204 Ethical Hacking Fall, 2014 CIS 4204 Ethical Hacking Fall, 2014 Course Abstract: The purpose of this course is to provide a basic understanding of computing, networking, programming concepts, and exploitation techniques, as they

More information

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup 1:1 NAT in ZeroShell Requirements The version of ZeroShell used for writing this document is Release 1.0.beta11. This document does not describe installing ZeroShell, it is assumed that the user already

More information

Overview. Firewall Security. Perimeter Security Devices. Routers

Overview. Firewall Security. Perimeter Security Devices. Routers Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security

More information

Connecting to the Internet. LAN Hardware Requirements. Computer Requirements. LAN Configuration Requirements

Connecting to the Internet. LAN Hardware Requirements. Computer Requirements. LAN Configuration Requirements Connecting to the Internet LAN Hardware Requirements Computer Requirements LAN Configuration Requirements Installation Performed by Time Warner Cable Technician Connecting via Ethernet Connecting via USB

More information

Developing Network Security Strategies

Developing Network Security Strategies NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network

More information

CCNA Exploration: Accessing the WAN Chapter 7 Case Study

CCNA Exploration: Accessing the WAN Chapter 7 Case Study Objectives: Mitigate attacks based on DHCP rogue servers. Intro: ChurchBells Inc. is having connectivity issues and needs your help. The Scenario: According to the reports, some user PCs within the company

More information

In today s world the Internet has become a valuable resource for many people.

In today s world the Internet has become a valuable resource for many people. In today s world the Internet has become a valuable resource for many people. However with the benefits of being connected to the Internet there are certain risks that a user must take. In many cases people

More information

Appendix C Preparing Your Network

Appendix C Preparing Your Network Appendix C Preparing Your Network This appendix describes how to prepare your network to connect to the Internet through the FVX538 ProSafe VPN Firewall 200 and how to verify the readiness of broadband

More information

Getting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p.

Getting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p. Preface p. ix Getting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p. 6 Common Linux Features p. 8 Primary Advantages

More information

Computer Firewalls. The term firewall was originally used with forest fires, as a means to describe the

Computer Firewalls. The term firewall was originally used with forest fires, as a means to describe the Pascal Muetschard John Nagle COEN 150, Spring 03 Prof. JoAnne Holliday Computer Firewalls Introduction The term firewall was originally used with forest fires, as a means to describe the barriers implemented

More information

Chapter 3 Connecting the FWG114P v2 to the Internet

Chapter 3 Connecting the FWG114P v2 to the Internet Chapter 3 Connecting the FWG114P v2 to the Internet This chapter describes how to set up the router on your local area network (LAN) and connect to the Internet. You will find out how to configure your

More information

I've applied for a goipv6 account and received my password via email but I cannot log into my account. What should I do?

I've applied for a goipv6 account and received my password via email but I cannot log into my account. What should I do? goipv6 FAQ goipv6 Account I've applied for a goipv6 account and received my password via email but I cannot log into my account. What should I do? I would like to change my current password. What should

More information

IS TEST 3 - TIPS FOUR (4) levels of detective controls offered by intrusion detection system (IDS) methodologies. First layer is typically responsible for monitoring the network and network devices. NIDS

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

Before You Begin. Check Your Package Contents

Before You Begin. Check Your Package Contents This product can be set up using any current web browser, i.e., Internet Explorer 6x, Netscape Navigator 4x. D-Link DFL-900 VPN/Firewall Router Before You Begin It s best to use a computer with an Ethernet

More information

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of

More information

Evaluation guide. Vyatta Quick Evaluation Guide

Evaluation guide. Vyatta Quick Evaluation Guide VYATTA, INC. Evaluation guide Vyatta Quick Evaluation Guide A simple step-by-step guide to configuring network services with Vyatta Open Source Networking http://www.vyatta.com Overview...1 Booting Up

More information

HONEYD (OPEN SOURCE HONEYPOT SOFTWARE)

HONEYD (OPEN SOURCE HONEYPOT SOFTWARE) HONEYD (OPEN SOURCE HONEYPOT SOFTWARE) Author: Avinash Singh Avinash Singh is a Technical Evangelist currently worksing at Appin Technology Lab, Noida. Educational Qualification: B.Tech from Punjab Technical

More information

Configuring a Vyatta 4.0 release as a DSL internet connection router/gateway with basic port forwarding to an internal web server

Configuring a Vyatta 4.0 release as a DSL internet connection router/gateway with basic port forwarding to an internal web server Open Informatics a An Information Technology Company Visit us on the web at www.openinformatics.net Tutorial Author: Zlatan Klebic Send Feedback: zklebic@openinformatics.net Configuring a Vyatta 4.0 release

More information

Pension Benefit Guaranty Corporation. Office of Inspector General. Evaluation Report. Penetration Testing 2001 - An Update

Pension Benefit Guaranty Corporation. Office of Inspector General. Evaluation Report. Penetration Testing 2001 - An Update Pension Benefit Guaranty Corporation Office of Inspector General Evaluation Report Penetration Testing 2001 - An Update August 28, 2001 2001-18/23148-2 Penetration Testing 2001 An Update Evaluation Report

More information

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Firewall VPN Router. Quick Installation Guide M73-APO09-380 Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,

More information

Information Services. Accessing the University Network using a Virtual Private Network Connection (VPN), with Windows XP Professional

Information Services. Accessing the University Network using a Virtual Private Network Connection (VPN), with Windows XP Professional Information Services Accessing the University Network using a Virtual Private Network Connection (VPN), with Windows XP Professional Amendment & Authorisation History Ver Date Changes Name Author A 29/3/05

More information

Multi-Homing Dual WAN Firewall Router

Multi-Homing Dual WAN Firewall Router Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet

More information

VUBNET, the network of the Vrije Universiteit Brussel. Rules with reference to the use of the university IT infrastructure in studenthomes

VUBNET, the network of the Vrije Universiteit Brussel. Rules with reference to the use of the university IT infrastructure in studenthomes , the network of the Vrije Universiteit Brussel 1 Rules with reference to the use of the university IT infrastructure in studenthomes 2 General setup information A Configuration of the TCP/IP protocol

More information

Linux firewall. Need of firewall Single connection between network Allows restricted traffic between networks Denies un authorized users

Linux firewall. Need of firewall Single connection between network Allows restricted traffic between networks Denies un authorized users Linux firewall Need of firewall Single connection between network Allows restricted traffic between networks Denies un authorized users Linux firewall Linux is a open source operating system and any firewall

More information

Basic IPv6 WAN and LAN Configuration

Basic IPv6 WAN and LAN Configuration Basic IPv6 WAN and LAN Configuration This quick start guide provides basic IPv6 WAN and LAN configuration information for the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N. For complete IPv6 configuration

More information

Remote Unix Lab Environment (RULE)

Remote Unix Lab Environment (RULE) Remote Unix Lab Environment (RULE) Kris Mitchell krmitchell@swin.edu.au Introducing RULE RULE provides an alternative way to teach Unix! Increase student exposure to Unix! Do it cost effectively http://caia.swin.edu.au

More information

ETRX2 and ETRX357 Wireless Mesh Networking Modules. Application Note Accessing Modules over the Internet

ETRX2 and ETRX357 Wireless Mesh Networking Modules. Application Note Accessing Modules over the Internet Telegesis ETRX2, ETRX35x TG-APP-Internet-100 Application Note ETRX2 and ETRX357 Wireless Mesh Networking Modules Application Note Accessing Modules over the Internet (Rev 1.00) Table of Contents 1 INTRODUCTION...

More information

Special Issues for Penetration testing of Firewall

Special Issues for Penetration testing of Firewall 보안공학연구논문지 (Journal of Security Engineering), 제 5권 제 4 호, 2008년 8월 Special Issues for Penetration testing of Firewall Hoon Ko 1) Abstract A firewall is a device or software that controls the traffic of

More information

NETWORK SECURITY (W/LAB) Course Syllabus

NETWORK SECURITY (W/LAB) Course Syllabus 6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information

More information

PCI DSS Best Practices with Snare Enterprise Agents PCI DSS Best Practices with Snare Enterprise Agents

PCI DSS Best Practices with Snare Enterprise Agents PCI DSS Best Practices with Snare Enterprise Agents PCI DSS Best Practices with Snare Enterprise InterSect Alliance International Pty Ltd Page 1 of 9 About this document The PCI/DSS documentation provides guidance on a set of baseline security measures

More information

Appendix C Network Planning for Dual WAN Ports

Appendix C Network Planning for Dual WAN Ports Appendix C Network Planning for Dual WAN Ports This appendix describes the factors to consider when planning a network using a firewall that has dual WAN ports. This appendix contains the following sections:

More information

Network Forensics: Log Analysis

Network Forensics: Log Analysis Network Forensics: Analysis Richard Baskerville Agenda P Terms & -based Tracing P Application Layer Analysis P Lower Layer Analysis Georgia State University 1 2 Two Important Terms PPromiscuous Mode

More information

MCSE SYLLABUS. Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003:

MCSE SYLLABUS. Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003: MCSE SYLLABUS Course Contents : Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003: Managing Users, Computers and Groups. Configure access to shared folders. Managing and Maintaining

More information

Configuration Guide. DHCP Server. LAN client

Configuration Guide. DHCP Server. LAN client DHCP Server Configuration Guide 4.0 DHCP Server LAN client LAN client LAN client Copyright 2007, F/X Communications. All Rights Reserved. The use and copying of this product is subject to a license agreement.

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Security Scanning Procedures Version 1.1 Release: September 2006 Table of Contents Purpose...1 Introduction...1 Scope of PCI Security Scanning...1 Scanning

More information

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

Fundamentals of Windows Server 2008 Network and Applications Infrastructure Fundamentals of Windows Server 2008 Network and Applications Infrastructure MOC6420 About this Course This five-day instructor-led course introduces students to network and applications infrastructure

More information

Minnesota State Community and Technical College Detroit Lakes Campus

Minnesota State Community and Technical College Detroit Lakes Campus Computer Network Security Minnesota State Community and Technical College Detroit Lakes Campus Overview Philosophy Note on 2 year Colleges Certifications Program Courses CCDC Program Numbers Faculty Future

More information

Configuring Routers and Their Settings

Configuring Routers and Their Settings Configuring Routers and Their Settings When installing a router on your home network the routers settings are usually defaulted to automatically protect your home, and simplify setup. This is done because

More information

Wireless G Broadband quick install

Wireless G Broadband quick install Wireless G Broadband Router quick install guide Model 503693 INT-503693-QIG-0608-02 Thank you for purchasing the INTELLINET NETWORK SOLUTIONS Wireless G Broadband Router, Model 503693. This quick install

More information

Client Server Networks

Client Server Networks Name: Date: Quiz 3: Load 2008 Server, LAN Setup, Driver Load, Windows Update, Windows Defender, Active Directory, Organizational Units, Groups, Password and Lockout Polices, Joining a Domain, Wireless

More information

CompTIA Network+ N Official Cert Guide Mapping Guide to CompTIA Network+ Simulator Labs

CompTIA Network+ N Official Cert Guide Mapping Guide to CompTIA Network+ Simulator Labs CompTIA Network+ N10 005 Official Cert Guide Mapping Guide to CompTIA Network+ Simulator Labs Domain 1.0: Network Concepts 1.1 Compare the layers of the OSI and TCP/IP Models TCP/IP Model Layer Matching

More information

WHITE PAPER. An Introduction to Network- Vulnerability Testing

WHITE PAPER. An Introduction to Network- Vulnerability Testing An Introduction to Network- Vulnerability Testing C ONTENTS + Introduction 3 + Penetration-Testing Overview 3 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and

More information

Acellus Lab Cart. User s Manual. Version 4B. Acellus Corporation www.acellus.com. Copyright 2010 Acellus Corporation. All Rights Reserved.

Acellus Lab Cart. User s Manual. Version 4B. Acellus Corporation www.acellus.com. Copyright 2010 Acellus Corporation. All Rights Reserved. Acellus Lab Cart User s Manual Version 4B Acellus Corporation www.acellus.com 1 Table of Contents Using Acellus... 3 Acellus Lab Cart and Server... 3 Acellus Laptops... 3 Acellus Updates... 4 Accessing

More information

FortKnox Personal Firewall

FortKnox Personal Firewall FortKnox Personal Firewall User Manual Document version 1.4 EN ( 15. 9. 2009 ) Copyright (c) 2007-2009 NETGATE Technologies s.r.o. All rights reserved. This product uses compression library zlib Copyright

More information

APPLICATION FOR BOARD APPROVAL. of Locally Developed Course. MCP CERTIFICATION 11/12a/12b/12c

APPLICATION FOR BOARD APPROVAL. of Locally Developed Course. MCP CERTIFICATION 11/12a/12b/12c APPLICATION FOR BOARD APPROVAL of Locally Developed Course MCP CERTIFICATION 11/12a/12b/12c John Murtha APPLICATION FOR BOARD APPROVAL Of the Locally Developed MCP CERTIFICATION 11/12a/12b/12c PREAMBLE:

More information

ICS 351: Today's plan. IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration

ICS 351: Today's plan. IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration ICS 351: Today's plan IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration IP address exhaustion IPv4 addresses are 32 bits long so there

More information

For extra services running behind your router. What to do after IP change

For extra services running behind your router. What to do after IP change For extra services running behind your router. What to do after IP change This guide is for customers who meet the following conditions: - Customers who have moved from a TPG Layer 3 plan to a TPG Layer

More information

138 To satisfy a prerequisite, the student must have earned a letter grade of A, B, C or CR in the prerequisite course, unless otherwise stated.

138 To satisfy a prerequisite, the student must have earned a letter grade of A, B, C or CR in the prerequisite course, unless otherwise stated. Computer Science and Information Systems: Information Technology - Networking CSIT 131 Word (1) (Formerly CSIS 127) Word word processing software. Prepares individuals who are seeking to become a Microsoft

More information

PCI Security Scan Procedures. Version 1.0 December 2004

PCI Security Scan Procedures. Version 1.0 December 2004 PCI Security Scan Procedures Version 1.0 December 2004 Disclaimer The Payment Card Industry (PCI) is to be used as a guideline for all entities that store, process, or transmit Visa cardholder data conducting

More information

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton

More information

Digicom Remote Control for the SRT

Digicom Remote Control for the SRT Digicom Remote Control for the SRT To operate the SRT remotely, use Remote Desktop; this is available free for Linux, Mac OS-X (from Microsoft), and is included with Windows XP and later. As RD uses a

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall

More information

UIP1868P User Interface Guide

UIP1868P User Interface Guide UIP1868P User Interface Guide (Firmware version 0.13.4 and later) V1.1 Monday, July 8, 2005 Table of Contents Opening the UIP1868P's Configuration Utility... 3 Connecting to Your Broadband Modem... 4 Setting

More information

FIREWALL POLICY November 2006 TNS POL - 008

FIREWALL POLICY November 2006 TNS POL - 008 FIREWALL POLICY November 2006 TNS POL - 008 Introduction Network Security Services (NSS), a department of Technology and Network Services, operates a firewall to enhance security between the Internet and

More information

Security Technology: Firewalls and VPNs

Security Technology: Firewalls and VPNs Security Technology: Firewalls and VPNs 1 Learning Objectives Understand firewall technology and the various approaches to firewall implementation Identify the various approaches to remote and dial-up

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

EZblue BusinessServer The All - In - One Server For Your Home And Business

EZblue BusinessServer The All - In - One Server For Your Home And Business EZblue BusinessServer The All - In - One Server For Your Home And Business Quick Start Guide Version 3.11 1 2 3 EZblue Server Overview EZblue Server Installation EZblue Server Configuration 4 EZblue Magellan

More information

THE HONG KONG POLYTECHNIC UNIVERSITY Department of Electronic and Information Engineering

THE HONG KONG POLYTECHNIC UNIVERSITY Department of Electronic and Information Engineering THE HONG KONG POLYTECHNIC UNIVERSITY Department of Electronic and Information Engineering ENG 224 Information Technology Laboratory 6: Internet Connection Sharing Objectives: Build a private network that

More information

Quick Installation Guide Wireless Router RNX-EasyN400

Quick Installation Guide Wireless Router RNX-EasyN400 Connect the supplied power-adapter to the power inlet port and connect it to a wall outlet. Then, the router automatically enters the self-test phase. During self-test phase, RNX-EasyN400 s Power LED will

More information