need done ASAP
SYSC 4810: Introduction to Network and Software Security Module 4 Assignment Fall 2021 Dr. J. Jaskolka Carleton University Department of Systems and Computer Engineering Posted: October 21, 2021 Due: November 14, 2021 Due on Sunday, November 14, 2021 by 11:59PM This assignment contains 20 pages (including this cover page) and 8 problems. You are responsible for ensuring that your copy of the assignment is complete. Bring any discrepancy to the attention of your instructor. Special Instructions: 1. Do as many problems as you can. 2. Start early as this assignment is much more time consuming than you might initially think! 3. The burden of communication is upon you. Solutions not properly explained will not be considered correct. Part of proper communication is the appearance and layout. If we cannot “decode” what you wrote, we cannot grade it as a correct solution. 4. You may consult outside sources, such as textbooks, but any use of any source must be documented in the assignment solutions. 5. You are permitted to discuss general aspects of the problem sets with other students in the class, but you must hand in your own copy of the solutions. 6. Your assignment solutions are due by 11:59PM on the due date and must be submitted on Brightspace. • Late assignments will be graded with a late penalty of 20% of the full grade per day up to 48 hours past the deadline. 7. You are responsible for ensuring that your assignment is submitted correctly and without corruption. Problem 1 2 3 4 5 6 7 8 Total Points: 20 10 10 10 10 10 10 10 90 Page 1 of 20 https://brightspace.carleton.ca/ SYSC 4810 — Module 4 Assignment Due Date: November 14, 2021 In this assignment, you will participate in activities related to implementing and using a simple firewall for a network. This assignment aims to assess your understanding of implementing and using basic security tools to enhance network security. Acknowledgment This assignment is based off the “Firewall Exploration” SEED Lab developed by Wenliang Du at Syracuse University. Background Research A significant portion of this assignment is to do the required background research on working with basic networking tools such as ping, telnet, iptables, conntrack, NetFilter, and Docker. Keep in mind that a substantial component of any software or computer systems project is to solve and/or eliminate the underlying technical difficulties. This often means exploring user manuals and documentation. Submission Requirements Please read the following instructions very carefully and follow them precisely when submitting your assignment! The following items are required for a complete assignment submission: 1. PDF Assignment Report: Submit a detailed report that carefully and concisely describes what you have done and what you have observed. Include appropriate code snippets and listings, as well as screenshots of program outputs and results. You also need to provide an adequate explanation of the observations that are interesting or surprising. You are encouraged to pursue further investigation beyond what is required by the assignment description. 2. ZIP Archive of Source Code: In addition to embedding source code listings in your assignment report, create and submit a ZIP archive of all programs that you write for this assignment. Please name each of your source code files with the problem number to which they correspond (e.g., for Problem 2(a), the source code file should be named Problem2a.c). Your source code must compile and run, producing the desired output. Also, please remember to provide sufficient comments in your code to describe what it does and why. 3. ZIP Archive of Screenshot Image Files: In addition to embedding screenshots of program outputs and results in your assignment report, create and submit a ZIP archive of all of the raw screenshot images that you capture for this assignment. Grading Notes An important part of this assignment is following instructions. As such, the following grade penalties will be applied for failure to comply with the submission requirements outlined above: • Failure to submit an Assignment Report will result in a grade of 0 for the assignment. • Failure to submit the Source Code files will result in deduction of 10% of the full grade of the assignment. • Failure to submit the Screenshot Image files will result in deduction of 10% of the full grade of the assignment. • Failure of Source Code to compile/run will result in a grade of 0 for the corresponding problem(s). • Failure to submit any deliverable in the required format (PDF or ZIP) will result in deduction of 5% of the full grade of the assignment. Page 2 of 20 SYSC 4810 — Module 4 Assignment Due Date: November 14, 2021 Part I Assignment Challenge 1 Introduction Imagine that you are a new network security administrator at a large technology firm firm called GlobalTech Solutions. Your direct supervisor has just assigned you to investigate firewall solutions for protecting the routers and internal networks and servers residing on premise at GlobalTech Solutions. You are responsible for making recommendations to address the needs of GlobalTech Solutions and the concerns of your supervisor by conducting some experiments and documenting your findings. The details of the assignment including your supervisor’s expectations are provided in the sections below. The different parts of this assignment are designed to guide your investigation to address the needs of GlobalTech Solutions and the concerns of your supervisor. At the end of the assignment, you will be required to summarize your findings and provide recommendations in a report to your supervisor addressing their concerns. 2 Context Your supervisor has sent you the following email explaining their needs and concerns: Hello, Welcome to the team! As you are aware, GlobalTech Solutions develops a wide range of technology solutions and services for clients worldwide. GlobalTech Solutions prides itself on providing high-quality solutions delivered on-time and on-budget. We have recently conducted an internal security audit that suggests we could improve our network security posture. One of the suggestions from the audit is to investigate firewall solutions to block potentially problematic applications and protocols (e.g., telnet). We also need a significant effort to explore solutions that can help to protect our routers and internal networks and servers. I am concerned that if we do not have a suitable solution, we will be susceptible to attacks (which have been on the rise). This could be a significant issue for our systems and data environments. Naturally, we want to avoid these issues and GlobalTech Solutions has pledged to invest in improved network security for the organization if we present a suitable proposal. For your first assignment, we need you to investigate firewall solutions to enhance the network security of GlobalTech Solutions. Talking with some other members of the team, our initial thought is to set up a packet filtering firewall or a stateful inspection firewall using iptables or a loadable kernel module, but we need to investigate these ideas further (I am not too familiar with all of this). It is essential that the firewall is configured correctly, so any rules will have to be checked to ensure they block only what is expected; no more, no less. I also want to know if there are possible ways to limit network traffic if we suspect something fishy is going on. I expect a report documenting your experiments and a summary of your findings so that I can bring it forward to upper-management to secure their investment in this project. Good luck, JJ Page 3 of 20 SYSC 4810 — Module 4 Assignment Due Date: November 14, 2021 3 Obligations At the end of this assignment, you will be required to deliver the following information and outcomes to your supervisor: 1. Provide a detailed report documenting each of your experiments and findings. This is necessary to enable your supervisor to make important decisions about how best to proceed with the project proposal and to demonstrate that you have been thorough in your investigation. 2. Provide a summary of your findings including a discussion of alternative choices and potential challenges, issues and opportunties addressing each of the concerns mentioned in the email from your supervisor. Include any necessary recommendations based on your findings. Page 4 of 20 SYSC 4810 — Module 4 Assignment Due Date: November 14, 2021 Part II Environment Setup This assignment will be conducted using a pre-built virtual machine (VM) image. We will assume that you already have a virtual machine set up from the Module 1 Assignment. For this assignment, we need to use multiple machines. Their setup is depicted in Figure 1. We will use containers to set up this environment. Figure 3.2 Multifactor Authentication Client Client Au the nti ca tio n pro toc ol Authentication logic using !rst factor Pass Fail Au the nti ca tio n pro toc ol Authentication logic using second factor Pass Fail Figure 3.14 General Iris Scan Site Architecture for UAE System Iris workstation Iris Engine 1 Iris Engine 2 Iris Merge Remote Iris scanner Iris workstation LAN switch Network switch Iris scanner Iris workstation Iris scanner Iris database 10.9.0.1 Figure 3.7 User Authentication with eID eID server Host/application server 6. User enters PIN 1. User requests service (e.g., via Web browser) 4. Au thenti cation requ est 5. PIN requ est 7. Au thenti cation proto col ex chang e 8. Au thenti cation resul t for r edirec t 2. Service request3. Redirect to eID message 9. Authentication result forwarded 10. Service granted Attacker Internal Network Figure 3.2 Multifactor Authentication Client Client Au the nti ca tio n pro toc ol Authentication logic using !rst factor Pass Fail Au the nti ca tio n pro toc ol Authentication logic using second factor Pass Fail Figure 3.14 General Iris Scan Site Architecture for UAE System Iris workstation Iris Engine 1 Iris Engine 2 Iris Merge Remote Iris scanner Iris workstation LAN switch Network switch Iris scanner Iris workstation Iris scanner Iris database 10.9.0.11 Router 10.9.0.5 Figure 3.2 Multifactor Authentication Client Client Au the nti ca tio n pro toc ol Authentication logic using !rst factor Pass Fail Au the nti ca tio n pro toc ol Authentication logic using second factor Pass Fail Figure 3.14 General Iris Scan Site Architecture for UAE System Iris workstation Iris Engine 1 Iris Engine 2 Iris Merge Remote Iris scanner Iris workstation LAN switch Network switch Iris scanner Iris workstation Iris scanner Iris database 192.168.60.5 Figure 3.2 Multifactor Authentication Client Client Au the nti ca tio n pro toc ol Authentication logic using !rst factor Pass Fail Au the nti ca tio n pro toc ol Authentication logic using second factor Pass Fail Figure 3.14 General Iris Scan Site Architecture for UAE System Iris workstation Iris Engine 1 Iris Engine 2 Iris Merge Remote Iris scanner Iris workstation LAN switch Network switch Iris scanner Iris workstation Iris scanner Iris database 192.168.60.6 Figure 3.2 Multifactor Authentication Client Client Au the nti ca tio n pro toc ol