6480348_1825524612_2851685268668

Assignment 3 ( CSC8520 ) Instructions: there are 3 questions in total for Assignment 3. Please submit one single .pdf file for Assignment 3 with file names as "your student ID + your name + a3solutions". Question 1. ( 4 0 marks) Install and Configure Spam Assassin This exercise is concerned with the installation, configuration, and testing of Spam Assassin , which is an open source software package for filtering (removing, or flagging) SPAM (unwanted email). The home page for Spamassassin is at https://spamassassin.apache. org/ and a useful collection of web pages providing information about Spa- massassin is available at https://cwiki.apache.org/confluence/display/ SPAMASSASSIN/ . It is best to ignore any information which advises how to configure Spamassassin by means of the system known as cPanel because installation of that system is not required, or desirable, in this context. Note: Spam Assassin is normally applied to all the incoming email at a server, but this exercise will not be conducted on an email server, but rather on a stan- dalone host. Spam Assassin can be installed in this situation, but it will be applied to an email provided as a file, by using the filter (a program which accepts in- put, from stdin , modifies it, and prints the result to stdout ) used by the Spam Assassin system, rather than using Spam Assassin for all the incoming email. This question is divided into three parts, which are then repeated, using a different operating system. (a) Use apt (a command-line tool provided in debian Linux (like ubuntu) and its variants) or synaptic (a graphic tool provided in Debian Linux and its variants which was discussed during practicum in Teaching Week 7 ) to install Spamassassin on your USQ VM (refer to "CSC8520 Course VM is ready" on your Studydesk for VM connection) . (5 marks) 1

MIME-Version: 1.0 Date: Wed, 31 Mar 2021 13:32:44 +1000 Message-ID: <CAJRZaN-60v7Wp5kW0Sp68Rd-dH0mo1On9P7S5fCmz5s6yaticQ@mail.gmail.com> Subject: test msg From: Joe Bloggs <Joe.Bloggs@gmail.com> To: Joe Bloggs <Joe.Bloggs@gmail.com> Content-Type: text/plain; charset="UTF-8" test message contents -- Joe Bloggs Figure 1: The full text of a simple email message (b) By adding a black listing rule for hacker @usq.edu.au and a whilte listing rule for victim @usq.edu.au , configure Spam Assassin to block all email s from hacker @usq.edu.au and to allow all email s from victim @ usq.edu.au . (20 marks) (c) Test, by using the spamassassin filter (a command), that Spam Assassin is now reporting all email s from hacker @usq.edu.au as spam, and all email s from victim @usq.edu.au are reported as normal emails (not spam). Include in your assignment the results of these tests which show that Spam Assassin is working correctly. To carry out the tests, you will need an email message from victim@usq.edu.au and also one from hacker@usq.edu.au. It is not difficult to generate such an email (by sending yourself an email message and changing the email of the sender). In addition, a sample email address is shown in Figure 1. (15 marks) Notes : All steps of the installation, configuration, and testing of spamassassin, should be recorded and included in your assignment report. All text and screenshots should be included as figures in your submission. Please explain each procedure carried out during your work. 2

Question 3 ( 15 marks) In each of the following scenarios, write an essay (~100 words, with <=5% (shorter or longer) tolerance allowed) on what options you have, decide on a course of action and explain your choice. In all cases, please assume that you are working in a section, comprising 20 staff, of a medium sized organization (e.g. 300 staff), and your section is responsible for the ICT management and delivery of your organisation. (a) You are approached by the representative of a company which sells equipment that your company makes use of. During your conversation, the company representative offers to provide one unit of the equipment for your individual home usage for free (i.e., as a gift) should you purchase 1000 units for company usage. What should you do? (b) You are on an interview panel for a new position in your section. One of the candidates is your cousin. What should you do? (c) You have been involved in an activity at your child’s school until 10.00am, and when you arrive at work, you discover that one group of staff, the engineering section, who are responsible for product development, have been unable to access the server that they use, for all their development work, for the last 12 hours. You realise that, on the previous evening, you have made a mistake in the configuration of a router which has caused the outage. What do you do next? 4 Submission: for each sub question from Question 2, please submit : 1) your steps of doing the work, including firewall rule writing, test writing, adding new stream etc. Please include explanations on what you're doing for each step. You can provide screenshots as well, if you feel it's more convenient. 2) your evidence from which we can see your solution is working or not working, which can be in screenshot or other formats.