Differences between revisions 3 and 4
Revision 3 as of 2017-01-20 00:14:43
Size: 1637
Editor: scot
Comment:
Revision 4 as of 2017-01-20 14:43:14
Size: 1783
Editor: scot
Comment:
Deletions are marked like this. Additions are marked like this.
Line 11: Line 11:
I would approach the three items above in order. From networking class, you should know how DHCP works. The best approach completes the three items above in order. From networking class, you should know how DHCP works.
Line 13: Line 13:
 1. You will need the MAC address of each machine.  1. You will need the MAC address of each VM. Go and get them and write them down.
Line 20: Line 20:

The result looks like the:

{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab02/dhcpmap.png}}

Lab 02: NAT and firewall setup

Concepts:

  1. DHCP Reservations - We'll create sudo static IPs using DHCP reservations.
  2. Firewall rules - Metasploitable 3 is something we shouldn't allow access to the internet. Consequently we'll be blocking internet access to that particular VM.
  3. Lastly, we'll provide a NAT rule to access the Windows 10 VM via RDP and enable remote desktop access for the Windows 10 VM.

Completing the Lab:

The best approach completes the three items above in order. From networking class, you should know how DHCP works.

  1. You will need the MAC address of each VM. Go and get them and write them down.
  2. In the service menu, click on DCHP server and make sure the LAN is selected at the top.
  3. At the bottom of the page add "DHCP Static Mappings for this Interface" for each VM. I did them as follows:
    1. Windows 10 --> 192.168.1.2

    2. Windows 2016 --> 192.168.1.3

    3. Kali --> 192.168.1.4

    4. Metasploitable 3 --> 192.168.1.5

The result looks like the:

http://db2.cs.southern.edu/videos/images/CPTR427/Lab02/dhcpmap.png

Next, create a blocking rule for the Metasploitable 3 VM blocking all access to/from the internet. This can be done from the Firewall Menu, item Rules.

Finally, select NAT from the Firewall menu and add a NAT rule that allows you to access your Windows 10 machine using RDP by connecting to the public IP side of your pfSense box.

Show Me:

  1. Show me that you have DHCP reservations for each of your four computers
  2. Create a rule to block all outgoing and incoming packets to the metasploitable 3 computer.
  3. Write NAT rule to allow remote desktop to your Windows 10 Machine. Make sure you allow remote access to your windows 10 and windows 2016 machine.

NetworkSecurity/Lab/Lab02 (last edited 2021-02-03 19:34:19 by scot)