In this homework, you will be applying a variety of Firewall rules on 3 different platforms.
This homework covers a lot of topics, both broad and specific. If you feel stuck at any point, please reach out to SecDev and we will be there to help.
Anything highlighted in Red should be shown via screenshot in the report. This is for ease of grading purposes.
The report for this should be written cleanly and like you have all been doing for the previous assignments. However, aim to have good notes and structures of the commands. Don't get to caught up in every detail. This assignment is more geared towards being a cheat sheet dealing with simple Firewalls.
Possible structure for your assignment report could be like this…
pfSense is the heart of your network. pfSense is typically your first line of defense in securing your network. pfSense, unlike Windows and Linux, is a network based Firewall, allowing you to both block and allow incoming and outgoing connections unilaterally.
For this part, you could try and use the command line given in pfSense, but us SecDev members would not recommend it. Instead, we will be using the GUI, by simply following these steps:
Once logged in to pfSense, please screenshot the welcome menu. We will now set up some network based firewall rules:
As we discussed in class, Linux provides us with iptables
and ufw
, which are very useful and powerful firewall tools. In this portion, you will set up some firewall rules using these commands.
Log on to either one of your Linux Machines.
iptables
, now block all incoming traffic from your Windows machines ip’s.iptables
configuration file.
For Windows machines, you are able to either use the Windows Defender tool
supplied with Windows (arguably easier), or use netsh
to set up these Firewall
rules.
This is not a required part of the homework, but could help you during a defense competition.
In pfSense, you are able to install packages and modules to make your life a little simpler. These can help you seek out unwanted traffic or malicious activity on your network. If you decide to do so, you will be installing a couple of these modules on your pfSense box, namely ntopng
and snort
.
If you would like more information on either of these, you can click on the bolded words to proceed to documentation, or ask your preferred SecDev member.
For this extra credit, please follow these steps…
ntopng
and Snort packages onto your pfSense router.
You may have to update and upgrade packages on pfsense using the following command:pkg update -f
pkg upgrade -f
ntopng
:oinkmaster
code by signing up), and attach snort to your LAN and DMZ interface