Assessment item Managing Services and Security Value: 15% Due Date: 01-Oct-2018 Return Date: 21-Oct-2018 Length: 15 - 20 pages including screenshots Submission method options: Alternative submission method Task Your job in this assignment is to create two Virtual machines each running a different but the latest distribution of Linux e.g. Ubuntu Server and CentOS. Each of these VM’s is to offer services to a user base. The Virtual Machines can be implemented using any hypervisor e.g. VMWare Player, Virtual Box or anything else you think is appropriate.  You can use bridged or host only networking when setting up these Virtual Machines. When implementing the Virtual Machines, rather then obtaining an address from the HyperVisors DHCP server you should ensure the addresses used are static and assigned from your network. YOU WILL NEED TO WORK OUT WHAT ADDRESS SPACE YOU ARE USING AND HOW IT WILL IMPACT YOUR LAN. Part 1: Virtual Machine One – DNS & SSH Server (5 marks) The first Virtual Machine should be installed and have the BIND (DNS) server installed on it. While you do not own any address space/ name space your name server should manage the following domains: saffioti.org.au The name server should answer queries for this domain. In addition to the saffioti.org.au zone, a zone should be set up for the reverse zone – the reverse zone would be whatever the address range is of your virtual machine. You should do some research on how Bind handles reverse zones. You should set up the saffioti.org.au zone with the usual information including SOA, NS and other records where appropriate. The address used for this should be the address of the virtual machine. You should give this Virtual Machine an A record with the name server1. You should also create a A record for server2 (part 2 of this task) In addition to this you should create an CNAME record with the name www. When a user does a lookup on www.saffioti.org.au- the address returned should be that of the other virtual machine (Virtual Machine Two). Be sure to create the appropriate reverse (PTR) records for the machines and to help other administrators be sure to put in place appropriate TXT records. Once complete, you should fine tune your DNS Servers Virtual machine. Do this by disabling services that were installed but are not required. Be very careful not to break anything here. As a tip you will want to keep both DNS and SSH services active. Ensure both DNS and SSH are invoked at startup. Finally harden this Virtual Machine using a firewall. Set up filters which allow access to the services possibly being access on the Virtual Machine from other hosts – specifically SSH and DNS. You can assume this incoming traffic can come from anywhere. You will need to make sure these rules always take affect at boot. Test your virtual machine by setting your Host computer (i.e. the computer that is running the VM) Name Server to the address of the Virtual Machine. See if you can resolve queries.

1. Assessment item
Managing Services and Security
Value: 15%
Due Date: 01-Oct-2018
Return Date: 21-Oct-2018
Length: 15 - 20 pages including screenshots
Submission method options: Alternative submission method
Task
Your job in this assignment is to create two Virtual machines
each running a different but the latest distribution of Linux e.g.
Ubuntu Server and CentOS. Each of these VM’s is to offer
services to a user base.
The Virtual Machines can be implemented using any hypervisor
e.g. VMWare Player, Virtual Box or anything else you think is
appropriate.
You can use bridged or host only networking when setting up
these Virtual Machines. When implementing the Virtual
Machines, rather then obtaining an address from the
HyperVisors DHCP server you should ensure the addresses used
are static and assigned from your network. YOU WILL NEED
TO WORK OUT WHAT ADDRESS SPACE YOU ARE USING
AND HOW IT WILL IMPACT YOUR LAN.
Part 1: Virtual Machine One – DNS & SSH Server (5 marks)
The first Virtual Machine should be installed and have the
BIND (DNS) server installed on it. While you do not own any
address space/ name space your name server should manage the
following domains:
saffioti.org.au

2. The name server should answer queries for this domain. In
addition to the saffioti.org.au zone, a zone should be set up for
the reverse zone – the reverse zone would be whatever the
address range is of your virtual machine. You should do some
research on how Bind handles reverse zones.
You should set up the saffioti.org.au zone with the usual
information including SOA, NS and other records where
appropriate. The address used for this should be the address of
the virtual machine. You should give this Virtual Machine an A
record with the name server1. You should also create a A record
for server2 (part 2 of this task)
In addition to this you should create an CNAME record with the
name www. When a user does a lookup on www.saffioti.org.au-
the address returned should be that of the other virtual machine
(Virtual Machine Two).
Be sure to create the appropriate reverse (PTR) records for the
machines and to help other administrators be sure to put in
place appropriate TXT records.
Once complete, you should fine tune your DNS Servers Virtual
machine. Do this by disabling services that were installed but
are not required. Be very careful not to break anything here. As
a tip you will want to keep both DNS and SSH services active.
Ensure both DNS and SSH are invoked at startup.
Finally harden this Virtual Machine using a firewall. Set up
filters which allow access to the services possibly being access
on the Virtual Machine from other hosts – specifically SSH and
DNS. You can assume this incoming traffic can come from
anywhere. You will need to make sure these rules always take
affect at boot.
Test your virtual machine by setting your Host computer (i.e.

3. the computer that is running the VM) Name Server to the
address of the Virtual Machine. See if you can resolve queries
for the A records create in saffioti.org.au i.e. server1 and www.
Document the entire process and challenges you
experienced. You can install BIND from source or using your
package manager.
Part 2: Virtual Machine Two (5 marks)
The second Virtual Machine is to have the LAMP software
package installed. LAMP is a standard bundle in the Ubuntu
Server platform.
Once complete set up this Virtual Machine to host a website
using the Apache Web Server.
The Virtual Machine should have a statically assigned address
which matches that specified in the A record for host www.
Test your Apache Server Virtual Machine by using a web
browser on another host and trying to browse the website
saffioti.org.au.
Once you have set up the web server and tested it, install a FTP
server. The FTP server would allow users to upload/ download
files to the web server. Configure the server appropriately and
then test from another host.
Finally harden this host so that only services being used can be
accessed by other machines. You will need to use IPTables.
Document the entire process and challenges you experienced.
Part 3: Simple Web Services (5 marks)

4. In Virtual Machine Two you set up a web server for the DNS
name www.saffioti.org.au. The server is implemented using the
HTTP protocol listening on port 80. Your challenge is to make
the same site accessible using the HTTPS protocol. To do this
set up SSL with a self signed certificate for the site.
Once configured correctly you should be able to access
www.saffioti.org.au on both HTTP/HTTPS ports. Naturally you
will need to make appropriate changes to your firewall rules.
Document the entire process and challenges you experienced.
Rationale
back to top
This assessment task will assess the following learning
outcome/s:
· be able to describe the duties and responsibilities of a systems
administrator.
· be able to manage servers from the command line.
· be able to create and manage basic information services.
· be able to write scripts to automate various server
management tasks.
· be able to analyse and improve the performance of servers.
· be able to formulate methods for protecting data and services
accessed via the internet.
In this assignment students will develop a understanding and
appreciation for building complex services whilst considering
impacts on security.
Marking criteria and standards
back to top
Question
Criteria
HD
DI
CR

5. PS
FL
Part 1: Virtual Machine One – DNS & SSH Server
Ability to learn and use systems administration techniques.
Application of technical knowledge.
Explanation, Evidence and Referencing.
Demonstrated working virtual linux server, name server and
remote access which exceeds all functional requirements.
Reflecting on your learning experience, providing evidence of
insight and commenting on the acquisitions of new knowledge
drawing from multiple sources.
Demonstrated working virtual linux server, name server and
remote access which meets all functional requirements.
Reflect on your own learning experience providing evidence of
insight, drawing on multiple sources to develop understanding.
Demonstrated working virtual linux server, name server and
remote access which partially meets functional requirements.
Consider and reflect on your own experience, drawing on
multiple sources to develop understanding.
Demonstrated working virtual linux server, name server and
remote access which meets basic functional requirements.
Consider and reflect on your own experience.
Major errors and omissions.
Limited detail and understanding demonstrated.
Part 2: Virtual Machine Two
Ability to learn and use systems administration techniques.
Application of technical knowledge.
Explanation, Evidence and Referencing.
Demonstrated working virtual linux server and services which
exceeds all functional requirements.
Reflecting on your learning experience, providing evidence of
insight and commenting on the acquisitions of new knowledge
drawing from multiple sources.

6. Demonstrated working virtual linux server and services which
meets all functional requirements.
Reflect on your own learning experience providing evidence of
insight, drawing on multiple sources to develop understanding.
Demonstrated working virtual linux server and services which
partially meets all functional requirements.
Consider and reflect on your own experience, drawing on
multiple sources to develop understanding.
Demonstrated working virtual linux server and services which
meets basic functional requirements.
Consider and reflect on your own experience.
Major errors and omissions.
Limited detail and understanding demonstrated.
Part 3: Simple Web Services
Ability to learn and use systems administration techniques.
Application of technical knowledge.
Explanation, Evidence and Referencing.
Demonstrated working web server using HTTP and HTTPS
which exceeds all functional requirements.
Reflecting on your learning experience, providing evidence of
insight and commenting on the acquisitions of new knowledge
drawing from multiple sources.
Demonstrated working web server using HTTP and
HTTPS which meets all functional requirements.
Reflect on your own learning experience providing evidence of
insight, drawing on multiple sources to develop understanding.
Demonstrated working web server using HTTP and
HTTPS which partially meets all functional requirements.

7. Consider and reflect on your own experience, drawing on
multiple sources to develop understanding.
Demonstrated working web server using HTTP and
HTTPS which meets basic functional requirements.
Consider and reflect on your own experience.
Major errors and omissions.
Limited detail and understanding demonstrated.
Presentation
You should submit your assessment in a single word document
which contains all components of your assignment. Use
screenshots to provide evidence and details of the work you
have done to compliment your written answers. You should
reference where appropriate using an approve referencing style
to support your work.