syssec:final_project

SysSec Final Project!

Here is the situation…

James (@james) and Aaron (@aaron) are two entrepreneurs with a bold idea. They want to deploy “Catflix” a website that streams thousands of 4k quality cat videos. They have purchased your services, and want you to build them a network for their start-up. They need a database for their cat videos. A webserver to run their new and cool website. A Windows client to talk to customers and Windows Server with Active Directory to manage the client. They also will need a router to setup a Furwall, I mean Firewall. And lastly they will need a Linux client to SSH into the database and webserver and well Linux is cool. And you have been ​HIRED! However you only have to do some of this network, the rest they hired RIT to make.

Just like the previous assignments, we need a topology, below is an example. Depending on the route you take your topology won't be very big. Be creative!

There are two paths you can take for this. Linux based or Windows… both are about equal work, this should give you s chance to gain more depth in what you are interested. Choose on for the project. YOU DO NOT NEED TO DO BOTH.

  • pfSense as router OR Palo Alto, if you choose Palo Alto you get 20 pts of extra credit on the assignment
  • 1 Windows client (10 or 7)
  • Windows Server (2016 or 2019), this will be your Domain Controller
    • follow the Windows homework, setup the same stuff (users, groups, GPO)
  • pfSense as router OR Palo Alto, if you choose Palo Alto you get 20 pts of extra credit on the assignment
  • setup Wordpress, just like we did in the Services assignment
  • remote database and a webserver
    • database should have MySQL or MongoDB
    • webserver should have Apache, PHP and Wordpress

Use what you learned in the Risk Management lecture, this portion of the project has no wrong answer. Choose 5 controls you learned in the Risk Management lecture, implement these into your environment. Then just write a quick paragraph on the control and how you plan or did implement it in the project.

https://www.rapid7.com/solutions/compliance/critical-controls/

Submit one PDF on homework.ubnetdef.org. If you have multiple PDFs you can use https://combinepdf.com/

Important:

Do not create a whole report for Part II, all we need is screenshots of…

  • the static IP on all VMs
  • LAN/WAN and DMZ configuration in pfSense or Palo Alto
  • service working and running, like you did in the previous assignment, each route will be about 10 screenshots in total for all of this

As usual, if you have any questions please ask in the System Security channel!

  • syssec/final_project.1556830505.txt.gz
  • Last modified: 2019/05/02 20:55
  • by vnbruno