2047
Comment:
|
2081
|
Deletions are marked like this. | Additions are marked like this. |
Line 18: | Line 18: |
1. Kali --> 192.168.1.4 1. Metasploitable 3 --> 192.168.1.5 |
1. Ubuntu 18.04 --> 192.168.1.4 1. Kali --> 192.168.1.5 1. Metasploitable 3 --> 192.168.1.6 |
Line 23: | Line 24: |
{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab02/dhcpmap.png}} | {{http://db.cs.southern.edu/videos/images/CPTR427/Lab02/dhcpmap.png}} |
Line 27: | Line 28: |
{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab02/firewallrule.png}} | {{http://db.cs.southern.edu/videos/images/CPTR427/Lab02/firewallrule.png}} |
Line 31: | Line 32: |
{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab02/nat.png}} | {{http://db.cs.southern.edu/videos/images/CPTR427/Lab02/nat.png}} |
Line 36: | Line 37: |
1. Show me that you have DHCP reservations for each of your four computers | 1. Show me that you have DHCP reservations for each of your five computers |
Lab 02 - NAT and firewall setup
Concepts:
- DHCP Reservations - We'll create sudo static IPs using DHCP reservations.
- Firewall rules - Metasploitable 3 is something we shouldn't allow access to the internet. Consequently we'll be blocking internet access to that particular VM.
- Lastly, we'll provide a NAT rule to access the Windows 10 VM via RDP and enable remote desktop access for the Windows 10 VM.
Completing the Lab:
The best approach completes the three items above in order. From networking class, you should know how DHCP works.
- You will need the MAC address of each VM. Go and get them and write them down.
- In the service menu, click on DCHP server and make sure the LAN is selected at the top.
- At the bottom of the page add "DHCP Static Mappings for this Interface" for each VM. I did them as follows:
Windows 10 --> 192.168.1.2
Windows 2016 --> 192.168.1.3
Ubuntu 18.04 --> 192.168.1.4
Kali --> 192.168.1.5
Metasploitable 3 --> 192.168.1.6
The result looks like the:
Next, create a blocking rule for the Metasploitable 3 VM blocking all access to/from the internet. This can be done from the Firewall Menu, item Rules.
Finally, select NAT from the Firewall menu and add a NAT rule that allows you to access your Windows 10 machine using RDP by connecting to the public IP side of your pfSense box.
Show Me:
- Remote into your Windows 10 VM.
- Show me that you have DHCP reservations for each of your five computers
- Show me that the rule to block all outgoing and incoming packets to the metasploitable 3 VM actually works
- Show me that you can remote desktop to your other windows machines (Windows 2016, Metasploitable)
- Show me that you can access your Kali machine. (GUI would be nice, but SSH will get you a pass for now).