Access Control Firewall Assessment Lab

docx

School

Grand Canyon University *

*We aren’t endorsed by this school

Course

525

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

25

Uploaded by MajorMandrillPerson974

Report
Access Control Firewall Assessment Lab Lee Chauworn Houston II Sean Atkinson CYB – 525 January 31, 2024
Ports Before we begin here are what I chosen. I chose to go with that are considered beginner to the intermediate stages of IT. They are as follows. Port 22 - SSH (Secure Shell): A standard for secure remote login and network services. Understanding SSH is crucial for secure administration of servers and network devices. Port 80 - HTTP (Hypertext Transfer Protocol): Fundamental for web services. Learning about HTTP is key to understanding how web content is delivered. Port 443 - HTTPS (HTTP Secure): Represents secure web communications. Knowledge of HTTPS is vital for understanding web security and the importance of encryption. Port 53 - DNS (Domain Name System): Crucial for understanding how domain names are resolved into IP addresses, which is a foundational aspect of internet navigation and networking. Port 25 - SMTP (Simple Mail Transfer Protocol): Essential for email transmission. Learning about SMTP gives insight into how email services function on the network.
Now we can move on to the next part of the assignment which we will be configuring our firewall! First step is to make sure we are up to date with our system. As you can see in the screenshot provided, it shows that the system is up to
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
date.
Now we move to changing the port over to 8443. This time we did not forget to apply the changes so it was successful in making the changes.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Next up is showing our traffic graph. This is when it was first starting up to pull the traffic data from everywhere before we started to block domains.
This part was relatively easy to understand and to make these rules. I was able to use the resource for the WoW and was able to find the ports which were listed as
3724, 6112, and 6881-6999.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
The next few steps will be disabling the ICMP and then choosing a social media website to block the traffic and disable the domain and also one streaming service
to be enabled to allow all domains.
I ran into an issue and I will provide those screenshots. For some reason when I was trying to use the Firewall rules and make an Alias for the domain it was not allowing me too. This resulted in me going into the DNS resolver and manually doing it.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
I was then able to figure it out by researching and realized I was using URL and not the host. When I made that little change, I was able to create the alias for both. I used Linkedin for the social media and then I used Youtube for the streaming
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
service.
In this screenshot, you can see it in effect. One for Linkedin and the other for Youtube.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Part 2: Introduction This lab report summarizes the tasks performed and lessons learned in configuring pfSense firewall settings and analyzing network ports. The primary focus was on updating pfSense to its latest version, modifying specific settings (such as HTTPS port configuration), implementing security measures (like disabling certain ports and protocols), and exploring advanced network protocols and their implications. Summary of Lab Experience Issues Encountered: - Difficulty in correctly configuring firewall rules for specific applications and protocols. - Challenges in identifying and blocking all relevant domains for the chosen social media website.
Lessons Learned: - Gained practical insights into the importance of precise firewall rule configuration for network security. - Understood the significance of keeping certain ports closed to mitigate vulnerabilities. Successes: - Successfully updated pfSense to the latest version, ensuring up-to-date security features and bug fixes. - Effectively set HTTPS to port 8443, enhancing the security of the web interface. Description of Screenshots 1. Original Port Scan: Showcases the status of various ports before configuration changes, serving as a baseline for security assessment.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
2. Traffic Graph on Dashboard: Illustrates the network traffic in real-time, aiding in monitoring and troubleshooting. 3. Disabled World of Warcraft Ports: Demonstrates the specific firewall rules set to block game traffic, reflecting proactive network management. 4. Disabled Inbound ICMP Protocol: Highlights the security measure taken to prevent ping-based network scanning. 5. Disabled Social Media Website Domains: Indicates the effective blocking of a specific social media platform for network control. 6. Enabled Video Streaming Website Domains: Shows the allowance of a video streaming service, balancing security with usability. 7. GVM Scan Report: Provides a comprehensive view of network vulnerabilities post-configuration, crucial for ongoing security assessment. In-Depth Exploration of Networks and Protocols - Explored the dynamic nature of network protocols and their role in data transmission and security.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
- Learned about the intricacies of TCP/IP protocols and their applications in various network services. Examination of Network Architecture and Vulnerabilities Network Architecture: The lab utilized a hybrid network setup combining elements of both traditional and modern network architectures. Identified Vulnerabilities: 1. Insufficient Network Segmentation: The lack of adequate segmentation could lead to potential breaches spreading more easily across the network. 2. Outdated Protocols: Usage of legacy protocols might expose the network to known vulnerabilities that are exploited by newer threats. Conclusion
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
The lab provided practical experience in managing a firewall with pfSense and an understanding of the fundamental network ports and protocols. The balance between network functionality and security was a key takeaway, emphasizing the need for continuous monitoring and updates to network security practices. Below you will find the original scan from the GVM.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
References Jacobs, D. (2021, April 9). Common network vulnerabilities and how to prevent them: TechTarget . Networking. https://www.techtarget.com/searchnetworking/tip/Common-network- vulnerabilities-and-how-to-prevent-them Ranjan, A. (2023, March 20). Network protocols . GeeksforGeeks. https://www.geeksforgeeks.org/network-protocols/
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Module 3 open book written assignment lalita.docx
CITC 2326_Case Project 13-4.docx
Benchmark .docx
View.docx
baker week 8.docx
PMGT701 Group Term Project Instructions - PART 12.pdf
Intrusion Detection System (IDS) Lab.docx
Assignment 3 - Feasibility Assessment (1).docx
CITC 2326_Case Project 14-5.docx
MIS 111 Fall 2011 Project 4 111016.pdf
Arteriosclerotic_acrobates_kaolinite.docx
Appendix FINAL V2.0.docx