Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
syssec:final_project [2019/11/12 18:53] aibekzhy Looks good? |
syssec:final_project [2020/12/08 15:56] aibekzhy [Linux (LAMP Stack)] |
||
---|---|---|---|
Line 16: | Line 16: | ||
## Part II - Windows + Linux (60 pts) | ## Part II - Windows + Linux (60 pts) | ||
- | Here is the overview of Windows(30 pts) and Linux(30 pts) setup that you will need to perform: | + | Here is the overview of Windows(30 pts), Linux(30 pts) and Firewall setup that you will need to perform: |
### Windows (Active Directory) | ### Windows (Active Directory) | ||
- | * 1 Windows client (10 or 7) | + | * 1 Windows client (10 ONLY) |
* Windows Server (2016 or 2019), this will be your Domain Controller | * Windows Server (2016 or 2019), this will be your Domain Controller | ||
- | * follow the Windows homework, setup the same stuff (users, groups, GPO) | + | * follow the Windows homework, set up the same stuff (users, groups, GPO) |
+ | * Creds: Username - Admin/Administrator, Password: - Change.me! | ||
### Linux (LAMP Stack) | ### Linux (LAMP Stack) | ||
- | * setup MediaWiki, just like we did in the Services assignment | + | * Set up MediaWiki using the same workflow as the Services homework. |
- | * remote database and a webserver | + | * Hosts (3, all on the DMZ): |
- | * Linux Client with GUI (so you can check your website) | + | * Linux Desktop Client with GUI (so you can check your website) |
- | * database that will host data for MediaWiki | + | * CentOS Database supporting MariaDB hosting data for MediaWiki |
- | * webserver should have Apache, MediaWiki | + | * Linux (Web) Webserver: Apache, PHP, MediaWiki |
+ | * Credentials: Reflect all machine UIDs AND the resulting MediaWiki site. | ||
+ | * Username - sysadmin, Password: - changeme | ||
+ | * Evaluation: A SecDev grader will use the above credentials to create their own page on your device. | ||
+ | * If your installation is successful, the grader's created page will persist on your MediaWiki. | ||
### pfSense vs Palo Alto | ### pfSense vs Palo Alto | ||
- | * pfSense as router OR Palo Alto, if you choose Palo Alto you get 20 pts of extra credit on the assignment | + | pfSense as router OR Palo Alto, if you choose Palo Alto you get 20 pts of extra credit on the assignment. Please let @aibek know if you would like Palo Alto. By default, you will get pfSense |
Line 56: | Line 60: | ||
* **Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers** - provide proof that you hardened a certain aspect of your system (example: SSH config file set to reject logins after X failed attempts) | * **Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers** - provide proof that you hardened a certain aspect of your system (example: SSH config file set to reject logins after X failed attempts) | ||
* **Maintenance, Monitoring, and Analysis of Audit Logs** - Provide a screenshot of 3 log files (Actually open the files) | * **Maintenance, Monitoring, and Analysis of Audit Logs** - Provide a screenshot of 3 log files (Actually open the files) | ||
- | * etc... Reach out to Alex/Jay if you are unsure about anything! | + | * etc... Reach out to Jay if you are unsure about anything! |
Line 71: | Line 75: | ||
- LAN/WAN and DMZ configuration in pfSense or Palo Alto | - LAN/WAN and DMZ configuration in pfSense or Palo Alto | ||
- service working and running as you did in the previous assignment, each route will be about 10 screenshots in total for all of this | - service working and running as you did in the previous assignment, each route will be about 10 screenshots in total for all of this | ||
+ | - <color #ed1c24>**ENSURE TO ADD ALL CREDENTIALS INTO THE SUBMISSIONS, SO THAT SECDEV IS ABLE TO CHECK YOUR WORK**</color> | ||
As usual, if you have any questions please ask in the `System Security` channel! | As usual, if you have any questions please ask in the `System Security` channel! |