Skip to main content

a NAT router. The router is connected to the

Referencing Styles : Harvard

Scenario
A small company has a network set up behind a NAT router. The router is connected to the Internet via a single ISP provided dynamic IP address. The ISP provided access address may change over short periods of time.

The internal network is RFC 1918 Category 2 compliant, and uses the private address space 192.168.2.0/24. The gateway router is configured to use DHCP allocated IP addresses to internal hosts as they connect. However, a record is kept within the router of what IP addresses have previously been allocated to specific MAC addresses. Whenever those MAC addressed hosts disconnect from and later reconnect to the network they are reallocated the same IP address. It is only if the router has a power off episode, or is manually reset, that allocation of different IP addresses may occur (and even then, the same addresses may be allocated as before).

The company operates an approved internal web server at 192.168.2.21:80, to facilitate in-house development of web pages and web sites that will later be deployed to an external server for public access. It is a company policy that only one approved internal web server is to be in operation on the network.

It has come to the notice of the IT manager that a company employee has set up a rogue web server on the internal network, using a personal laptop. The employee is using that web site to provide undesirable material to a small clique of employees, to whom the web server address has been provided secretly.

Considerations
•    The rogue web server may be on any internal IP address, and will be using any of the ephemeral ports. It will not be using a well-known port.
•    The clients accessing the rogue web server may come from any internal IP address using any ephemeral port.
•    The MAC addresses of all company host devices are on record.

Your job
Use snort to monitor for any internal network HTTP traffic destined for any internal host on any port address other than the authorised company internal web server and produce an alert message.
You are to write a .conf file containing the snort rule(s) that will accomplish a solution and run it against the pcap file provided.

The snort monitoring will identify when breaches have occurred. The Wireshark pcap file containing the captured packets can be time correlated with the logged snort alerts to obtain MAC addresses for source and target.

A.  Because there are multiple certificate authorities (CAs) for the Web PKI  it is possible to buy multiple certificates for the same domain signed by different CAs. How would a browser treat these different certificates?                                (2 marks)

B.  ) Suppose that an imposter is able to obtain a certificate for a domain that the imposter doesn’t own. (For example, in January 2001, an imposter tricked VeriSign into signing two certificates for “Microsoft Corporation” to be used for signing new software to be installed.) What sorts of attacks could an imposter pull off once in possession of such “fake” certificates for
i.  installing software.                                (2 marks)

ii. Viewing Web pages                                (2 marks)

C Typically the public SSH keys used by servers are not signed by any
certificate authority, but the SSH protocol does support checking certificates.
i. Why, in practice, are server certificates rarely signed?                (2 marks)

ii. What is the benefit of checking server certificates?
a) Define what a rule conflict is and Identify any conflicts.            (5marks)

b) Identify any redundancies and explain which rule would be applied using each of the following 3 matching strategies:
1.    FIRST
2.    BEST
3.    LAST                                        (5 marks)
Question 4:
Firewalls    (10 Marks)
a) What is a proxy firewall and how is it different from a network (or transparent) firewall?
(3 marks)

b) What does NAT stand for, and how does the mechanism work? Describe what, if any, security NAT provides (or fails to provide).                        (4 marks)



Logo GET THIS PAPER COMPLETED FOR YOU FROM THE WRITING EXPERTS  CLICK HERE TO ORDER 100% ORIGINAL PAPERS AT PrimeWritersBay.com

Comments

Post a Comment

Popular posts from this blog

Identify and discuss a key milestone in the history of computers that interests you and why.

  Part 1Title: Lab ResponseDiscuss one feature of MS Word and one feature of MS Excel that you found challenging within the lab and why. Examples are WordArt, inserting shapes, adding borders, cell styles, etc. This response should be at least one paragraph in length. Part 2Title: History of Computers Identify and discuss a key milestone in the history of computers that interests you and why. This section should be at least one paragraph. Part 3Title: System Software vs. Application Software In your words, explain the difference between application software and system software as if to another coworker who has limited technical knowledge. Use examples to support your rationalization. This section should be at least two paragraphs. Part 4Title: Blockchain and Cryptocurrency In a minimum of one paragraph each: 1. Conduct some research on the internet and discuss one underlying technology of cryptocurrencies like blockchain, cryptography, distributed ledger technol...
Post a Comment
Read more

Cybersecurity and Infrastructure Security (CISA)

 Develop a research paper that identifies a specific Department of Homeland Security (DHS) operating agency. Fully describe 1 DHS operating agency from the following list: Cybersecurity and Infrastructure Security (CISA) U.S. Customs and Border Protection (CBP) U.S. Citizenship and Immigration Services (USCIS) Federal Emergency Management Agency (FEMA) U.S. Coast Guard (USCG) U.S. Immigration and Customs Enforcement (ICE) U.S. Secret Service (USSS) Transportation Security Administration (TSA) The information must include a discussion of the selected DHS agency. Identify the agency’s mission, goals, objectives, and metrics. Conduct an analysis of how these mission areas address the threats or challenges. Recommend agency program priorities among the current set of goals, objectives, metrics, or budget items. Justification of all choices is an essential element of this assignment. Reference all source material and citations using APA format. WE OFF...
Post a Comment
Read more

Discuss how the project

ord count : no idea 1. You are required to write a report on all project activities involved in all the 10 knowledge areas of project management for the entire project life cycle. You should also include a list of the respective PM documents, for example PM Plan, PM Quality Management Plan, Risk management, Procurement, etc. The report must include the activities that are considered before the project is closed out. 2. Discuss how the project quality management plan can provide adequate standards and controls in managing global teams in projects. Your discussion must provide adequate arguments for the need of cultural awareness and legal issues. Regards, The post Discuss how the project appeared first on My Assignment Tutor . Assignment status :  Resolved by our Writing Team Source@ PrimeWritersBay.com GET THIS PAPER COMPLETED FOR YOU FROM THE WRITING EXPERTS   CLICK HERE TO ORDER 100% ORIGINAL PAPERS AT PrimeWritersBay.com NO PLAGIARISM
Post a Comment
Read more