1. Network Security VMs (Virtual Machines) Project
cyber security project and need an explanation and answer to help me learn.
It's so simple project
I just need someone to explain to me the project and help me doing it, please check the file
I'll upload and read it carefully
Requirements: Short
Network Security CCCY323 Project Page 2 of 5 Part 1: Network Setup (3 marks) Task 1:
Server setting • Operating system: Linux (Ubuntu) • You need to setup Apache server (on
the server VM) with a sample webpage, such as “hello world”. Hint: You can use XAMPP to
create your Apache test server. Download link: https://www.apachefriends.org/index.html
Task 2: Attacker VM • Operating system: Linux (Ubuntu) • In this project, you need to
perform two types of attacks using nmap tool. o Network Scanning Attack o Dos Attack Task
3: Client • Operating system: Linux (Ubuntu) Submission: 1. Network setup of the project
(draw a diagram with labels and IP addresses). [1 mark] 2. Screenshots of your VM
configurations. [1 mark] 3. Screenshots of your web page. [0.5 mark] 4. Screenshots of the
nmap tool installation commands. [0.5 mark]
Network Security CCCY323 Project Page 3 of 5 Part 2: Performing passive and active
attack (3 marks) Task1: Perform network scanning attack from the attacker machine to the
server VM. • Perform TCP Connect Scan • Perform Stealth Scan • Perform a scan that
enables OS detection, version detection, script scanning, and traceroute Task2: Perform
DoS attack from the attacker machine using http-slowloris script to the server VM. Check
the following link: https://nmap.org/nsedoc/scripts/http-slowloris.html Submission: 1. A
brief description about the used network scanning commands [3X 0.33= 1 mark] 2.
Screenshots of the network scanning outputs. [3X 0.33= 1 mark] 3. A brief description about
the used DoS attack command. [0.5 mark] 4. Screenshots of the running DoS attack. [0.5
mark] Part 3: Wireshark (2 marks) Install Wireshark tool on the server VM and use it to
capture: • The TCP connect scan • The Stealth Scan. • The malicious packets coming from
attacker VM (Capture only 500 packets) • Capture both the incoming and outgoing packets
between the client VM and the server. Submission: 1. Add the Four screenshots to your
submitted report. [1 mark] 2. Briefly explain each of them. [1 mark]
Network Security CCCY323 Project Page 4 of 5 Part 4: Firewall (5 marks) Task 1: After
you successfully complete Part 2 and 3, write the following iptables on the server to block
the following traffic types originated from the attacker to the server: 1. HTTP connection
2. request from the attacker to the server. 2. SSH connection request from the attacker to the
server. 3. FTP and Telnet requests ( Use single rule to block these multiple ports). Task 2:
Configure the iptables to log dropped packets (enable logging in iptables) and then show
the log messages. Submission: 1. Screenshot the iptables block commands with a brief
explanation for each command. [3 marks] 2. Screenshot the iptables log enabling command
with a brief explanation. [1 mark] 3. Screenshot of the log messages. [1 mark] Part 5: IDS
(3 marks) Install and configure snort on server VM to alert on TCP connect scan on port 22
from the attacker VM. Submission: 1. Screenshot the configured alert snort command from
the server VM and briefly explain it. [1 mark] 2. Screenshot the TCP connect scan on port 22
command from the attacker VM. [1 mark] 3. Screenshot the snort response at the server VM.
[1 mark]
Network Security CCCY323 Project Page 5 of 5 Part 6: Project Report (4 marks) In the
report, you need to include the following details: • Network setup of the project (a diagram
with labels and IP addresses) • List of software or tools used in the project and their
configurations. • To demonstrate the impact of the DoS attack and the effectiveness of
firewall, take three screenshots to the web browser on the client VM as the following: o
Before the attack: client can access the web page on the server. [1 mark] o During the
attack: client cannot access the web page. [1 mark] o After the attack: client become able to
access the web page after applying the firewall rules. [1 mark] • Step-by-step project
description (screenshots are required) • Conclusion [1 mark] Some useful installation and
operation tips: • Root privilege: Some operations need root privilege on Linux (for example,
software package installation, configurations etc.). ✓From command line prompt you can
raise your power to root privilege: #su password: ***** ✓To exit from root
privilege: #exit 2. • How to install software package from its source on Ubuntu?
Use apt-get command in Ubuntu. Reference: https://itsfoss.com/apt-get-linux-guide/ • A
Complete Guide to Using VirtualBox on Your Computer (nakivo.com) • XAMPP tutorial:
installation and first steps: https://www.ionos.com/digitalguide/server/tools/xampp-
tutorial-create-your-own-local-test-server/ • How to Use Wireshark to Capture, Filter and
Inspect Packets: https://www.howtogeek.com/104278/how-to-use-wireshark-to-capture-
filter-and-inspect-packets/ • Iptables Tutorial - Beginners Guide to Linux Firewall
(hostinger.com) • Snort Rules: https://resources.infosecinstitute.com/topic/snort-rules-
workshop-part-one/