Help ---> test project IT WorldSkill 2017

All topics relating to computer security and internet privacy. Please try to keep it technical related and leave political diatribes at the door.

Help ---> test project IT WorldSkill 2017

Postby ngocviet6868 » January 7th, 2018, 11:23 am

i need configure firewall please help me step by step file document or video.

Install software package freeradius-utils
Enable routing. Consider the different VLANs!
Setup a firewall to protect your intranet (Clients, Internal Servers, Protected Servers, DMZ) networks from outside networks. You must make sure that rules targeting "Internet" match all outside networks and not just
o Make sure that firewall operates in stateful mode.
o Allow all ICMP ping traffic to the local machine.
o Allow all traffic from Clients network to all networks.
o Allow access to the following services on wsc-i-calgary from all intranet networks and VPN networks:
 RADIUS Authentication and Accounting
o Allow access to the Redis database on wsc-i-shizuoka from the following sources:
 Host wsc-d-saopaulo
 Host wsc-d-leipzig
o Allow access to the FTP service on wsc-i-london from wsc-i-shizouka
o Allow access to the following services from Internet to wsc-p-stgallen:
o Configure source NAT for internet access from Clients network.
 Create a chain called INTERNET-SNAT to translate all outgoing connections except packets headed towards intranet networks.
 Jump to the custom chain for all traffic originating from Clients network.
o Configure NAT to provide DNS services on wsc-p-stgallen:
 All internal IP addresses on router wsc-p-stgallen should be translated when receiving a connection to the DNS port with either TCP or UDP.
 The host wsc-d-abudhabi should be used as the backend server.
 Make sure that all intranet hosts are allowed to use wsc-p-stgallen as a nameserver.
o Configure DNAT to provide access from the internet to wsc-d-abudhabi.
o Ensure that VPN-clients can access the same services as the client’s network.
o Make sure that SSH is allowed on each host
o All other traffic must be dropped by default.
• Install strongswan and xl2tpd service to provide VPN.
• Use a certificate signed by wsc-i-calgary
• Use address range to for VPN clients.
• Authenticate users upon VPN connection. Authenticate only users from OU “VPN” via RADIUS protocol.
user1 VPN Skill39
user2 VPN Skill39
user3 MAIL Skill39
user4 MAIL Skill39
user5 WSC-I-LONDON Skill39
user6 – user99 MISC Skill39
Competitor MAIL Skill39
Posts: 1
Joined: December 25th, 2017, 2:44 pm

Re: Help ---> test project IT WorldSkill 2017

Postby dryden » February 24th, 2018, 4:24 pm

I am sorry to say but such "school" related assignments are often posted with the poster having no clue how to do it himself or herself, and expecting random strangers to not only do the work, but to also even do the work in formatting, reading, and comprehending what the question actually is, not even going to the trouble of asking

precise questions themselves.

Just dropping point blank an assignment in some forum won't help you know.
Posts: 4
Joined: February 23rd, 2018, 12:26 pm

Return to Security/Privacy-Related

Who is online

Users browsing this forum: No registered users and 1 guest