Assessment
Network Diagram
ID and Ping
Deliverable 1. Nginx: Screenshot showing the current user's group (id command) and a successful ping from nginx to champlain.edu
Port Forward HTTP ---> NGINX
Deliverable 2. Screenshot demonstrating port forwarding from 10.0.17.XX to nginx from traveler similar to the one below. Also show that your system is named appropriately and that you have a named user.
NGINX --> Wazuh --> SSH
Deliverable 3. Screenshot on wazuh that shows an invalid ssh user attempting to login to nginx similar to the one above.
SSH, Failed icmp and icmp log entires
Deliverable 4. Screenshot from mgmt01 that shows a ssh session to nginx.
DMZ-to-WAN Drop
Deliverable 5. Provide a screenshot showing a DMZ-to-WAN drop message where the protocol is TCP, DPT=443 and the Destination is the IP associated with champlain.edu
DHCP on wks1
Deliverable 6.
Run the following test on wks01:
ipconfig /release
ipconfig /renew
ipconfig /allProvide a screenshot similar to the one below that shows your DHCP server information similar to the screenshot below.
DHCP Wazuh security Test
Deliverable 7. On wazuh, display an agent based security event for dhcp. You should repeat the invalid user test.
Traveler --> Jump key-based SSH
Deliverable 8. Demonstrate that you can functionally ssh into jump using an RSA keypair. Note: The passwordless functionality is not heavily weighted.
Wks1 --> HTTP ---> NGINX
Deliverable 9. Demonstrate that wks01 can browse to nginx. Provide a screenshot similar to the one below.
Edge01 Configuration
Deliverable 10. Provide a link to your edge01 configuration on github. Your firewall will be evaluated for correctness and thoroughness. Your firewall should be formatted as plaintext using the vyos configuration routine shown below. This is the only github requirement.
Last updated