COIT13146 - System and Network Administration Week 06 - Network and Firewall Basics This week contains quite a bit of reading, much of which should be revision. It tidies up some of the details about system networks and introduces some tools that we will be using to create and test firewalls. Summary Software we need to install * iptables - "administration tool for IPv4 packet filtering and NAT". * nmap - "Network exploration tool and security/port scanner. Chapters we need to read * 15 - Routing * 16 - Network Hardware * 17 - DNS: The Domain Name System * 18 - The Network File System * 19 - Sharing System Files Tasks Readings Read all of the recommended chapters before beginning the assessment items. We have seen some of the material covered before, in a prerequisite network course, so it should be a useful refresher. Assessment 1. Submit the output from your systems "route" command. Briefly describe what each line is indicating. 2. Submit the output from a traceroute with destination host cqu.edu.au. 3. Because we are using a virtual machine (via VirtualBox) we have the ability to add additional virtual network cards. Review VirtualBox help and briefly summaries the following virtual network modes: Network Address Translation (NAT), Bridged networking and Internal networking. Ensure you highlight the differences between them. 4. Submit the contents of your /etc/resolv.conf file. Describe the contents and use of the file. Where/what is the server that is resolving domain names for your system? 5. Install (if required) iptables and nmap. Read the man pages for iptables and nmap and provide a brief summary of each. What do they have in common? 6. Build two VirtualBox VMs, cloned from the 'Ubuntu Server' VM and configure the virtual network cards and servers so that they can both 'see' each other using the 'Internal network' mode of VirtualBox. Provide 'proof' that it works (perhaps the output of ping or traceroute to/from each server) and briefly describe what you did. The servers should not be able to 'see' the Internet as they are using 'Internal network' mode. Some hints to help: You should change the name of your servers and ensure that they do not both have the same MAC address. Discuss on the course forum if you have problems with this. Remember to delete the file /etc/udev/rules.d/70-persistent-net.rules - why? To change the name of the server: update the /etc/hostname and /etc/hosts files as appropriate - use the names userv1 and userv2 for the two virtual servers. To manually configure your network IP address, netmask and gateway, add something like the following to the /etc/network/interfaces file ('man interfaces' may help - do not include the comments!): # For userv1: iface eth0 inet static # Configure static IP address and network details. address 192.168.12.1 # IP address for this host - no two hosts should be the same... network 192.168.12.0 netmask 255.255.255.0 # Default mask for this IP range. broadcast 192.168.12.255 gateway 192.168.12.254 # We don't have one, but set a default for now. dns-nameservers 192.168.1.1 # This has to be your name server - ADSL Router address. [Note that 192.168.12.0 has deliberately been used to avoid clashes with possible local networks that are likely to be configured as 192.168.1.0.] You may need to check the DNS server as well - see the last entry above - discuss on the course forum if you have problems. Typically there is no need to reboot the server - just restart the network: sudo /etc/init.d/networking restart However, since the /etc/udev/rules.d/70-persistent-net.rules file was deleted we need to reboot for the network card to be re-initialised. If you add an entry in the /etc/hosts file for the other server, e.g. 192.168.12.2 userv2 (for userv1), you should be able to ping it by name rather than IP address. Re-start both servers and test that the configuration is still correct. Notes: * Submit all answers etc. as a single Word document zipped up as week06.zip.