Computer Security Practical Assignment

The document outlines computer security assignment tasks for configuring a pfSense firewall to implement a DMZ network for the small software company Apptec limited, including configuring a Windows web server in the DMZ, OpenVPN for remote access, firewall rules to restrict traffic, and generating SSL certificates and configuring Snort as an IDS. The tasks are part of a contract won by the consultant to secure Apptec's network according to the CEO's plans while remaining cost effective.

Uploaded by

Sabrina Johnson

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

93 views2 pages

Computer Security Practical Assignment

Uploaded by

Sabrina Johnson

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 2

COMPUTER SECURITY ASSIGNMENT#1

CIT4020

Semester 2

DATE GIVEN: October 26,2022 DATE DUE: November 14,2022

INSTRUCTIONS:

This project is designed to be a group project consisting of no more than three (4) students per
group. All submissions must be made to the respective lab teacher folder found in the google
drive link below by the due date. Unsubmitted reports will result in a failure.

https://drive.google.com/drive/folders/1ZrV-0ZVUsntHevLKhM4BlYYyDHVPFHDX?usp=sharing

Network Design #1: Small Business DMZ

Gary Bowen is the new CEO for AppTec limited, a relatively new software development
company. Mr. Bowen after several consultations with his IT team has decided to modify the
current network infrastructure to ensure high security. However, the company’s budget is very
limited due to several unplanned issues.

The IT manager suggested that the company should replace their basic firewall tool. He further
added, that AppCen should implement an opensource tool like pfSense firewall because it well
supported and cost effective with more advanced features.

The company wants its website to be accessible by the general public but no traffic from an
external network should be able to access hosts on the internal network. Furthermore, all internal
hosts should be able to access DMZ services.

As a direct outcome from one of the consultation meetings, a mockup of the new network is
indicated below:
The company has outsourced the configuration of the firewall to a security consultant and
outlined a set of tasks to be completed as part of the contract. You won the contract bid. Write a
report outlining the following tasks as required by the management of Apptec limited.

Tasks:
1. Configure a Windows Web server hosting a simple HTML website. Place this web server
in the DMZ of the pfSense firewall to control access.
2. Configure OpenVPN in pfsense to allow remote windows 10 users to connect and use
internal resources.
3. Enable DHCP on the DMZ interface
4. Create firewall rules to accomplish the following:
o Any traffic from the LAN to any destination should be allowed.
o Allow ICMP from the DMZ to any destination.
o Block DMZ to LAN
o Block DMZ to Firewall (i.e. The web configurator interface)
o Allow SSH/HTTPS only from hosts A and B in the DMZ to the LAN network.
o Allow DNS, HTTP, and HTTPS from the DMZ to the Internet.
o Deny access to Piratebay torrent site
o Deny everything else!
o Ensure the no-lockout rule is in place
5. Generate SSL Certificates for HTTPS with pfSense
6. Configure Snort as an Intrusion Detection System within pfSense and simulate how Snort
could detect an intrusion