User Account

All Pages

Configure DHCP server on the node minerva

Assignment Help Computer Network Security
Reference no: EM133878883

Introduction to computer architecture and networks

Assignment Specification

Brief Description

Assignment will include the materials covered within Weeks 6-12. In particular, the assignment will consist of questions related to network and transport layers, structures and functions of local area, backbone and wide area networks, and network security. The format of the student submission will be a written report and a network configuration.

Learning Outcome 1: Examine networks using the underlying fundamental theories, models and protocols for data transmission.

Learning Outcome 2: Analyse and formulate the functions and architectures of (wireless) local area networks, wide area networks and the Internet.

Learning Outcome 3: Identify cybersecurity threats and ethical considerations on the Internet.

Learning Outcome 4: Apply and implement cybersecurity enabling techniques and countermeasures such as virtual private networks (VPN).

Tasks

Task A: Routing
The routing tables of the routers in the provided network are NOT configured. The correct configuration of this task allows any host from any network to reach any other host in the entire network. You must satisfy the following requirements while completing static routing task:

All routers must be configured solely with a static routing table; dynamic routing is NOT allowed. Static routing should be set up using the given link delays (which include all of processing, transmission and propagation delays) specified in the provided configuration file. You don't need to consider the link speed for this part.

All hosts inside the talos.edu network must be reachable from any other host within that network through an optimal path. You need to add static routes to routers R1, R2, R3, and R4 to accomplish this goal. You must explain your reasons for choosing a path in the report. The notation us for links represents the propagation delay in microseconds. You can assume that the processing and transmission delays at the routers are negligible.

The router R3 must be the default gateway of the talos network. The router Internet must be the default gateway of R3 and minerva (the only router of Delos). You will lose marks if you create routing loops.

Task B: DHCP Server
The clients of delos are configured with static IP addresses. Your task is to:

Configure DHCP server on the node minerva to assign dynamic IP addresses and other required settings to the client machines in the client's subnet.
You can make use of the DHCP server configuration on R1 as a reference to follow.
Enable DHCP client service on clients of delos.

Note: The node leto is a private local server in the client's subnet and must have a static IP address as assigned for the given configuration.

Task C: Firewall
The node R3 is the firewall for talos network. Configure the Firewall service on this node to satisfy the following requirements:

Allow traffic from anywhere to DMZ for the provided service by each server. This must be limited to only the public service(s) that a server provides: dns only DNS, web only HTTP, mail only SMTP.

Allow servers in DMZ to initiate a communication if it is required by the service the server provides and only for that service (stateful inspection: DMZ → External).  Looking for last-minute assignment help? Grab it now!

Allow internal hosts to access all services provided by servers in the DMZ (stateful inspection: Internal → DMZ). This includes all services that DMZ servers provide. You can be more permissive here and use address ranges and all IP traffic. All servers in DMZ run SSH service which you can use to test your rules for the internal subnets.

Allow internal hosts to reach other internal hosts (this is only if the internal traffic passes through R3). All traffic is allowed if it is internal to internal communication.

Allow internal nodes to access external servers however packets from external to internal are only allowed if they are responses to communications that were initiated from inside (stateful inspection: Internal → External).

Allow only the nodes in clients subnet of talos to ssh to node R3 (any host connected to the R1.eth0 subnet).

Permit node R3 to send ICMP echo request messages to internal talos nodes and all DMZ servers and receive ICMP echo replies from those nodes and servers. Also, permit internal talos nodes and all DMZ servers to send ICMP echo request messages to node R3 and receive ICMP echo reply from the node R3.

All other traffic must be dropped (see Notes below).

Important Notes for Task C:

If the Requirement 8 is not satisfied, you will receive a zero mark for the firewall task regardless of any other correct rule you add as it would expose the entire network. You will lose partial marks if your rules are too permissive allowing more traffic than specified to reach the destination for each requirement.

You only receive marks if the test for each requirement succeeds. No partial marks will be given if only part of a rule is correct. When two rules are required for the incoming and outgoing traffic, no partial marks will be given if one of the rules is correct.

For stateful inspection, the traffic is allowed if it is initiated from the more trusted side of the firewall to the less trusted side. The traffic in the opposite direction, from the less trusted interface to the more trusted interface, is only allowed if the packets are the responses to an initiated communication from the more trusted side. The trust level in the requirements is indicated as Higher→ Lower for each stateful inspection, meaning the connection initiation is allowed from the higher level to the lower level and only the responses for the initiated connections are allowed from the lower level to the higher level.

If you have reachability issues in Task A, i.e. a host is not reachable from another host, you may lose marks in firewall tests as well when the traffic must be allowed. You will not lose any marks for firewall rules if a host is reachable but through a sub-optimal path and the firewall rules are correct.

You must submit the CORE file with Firewall service enabled on node R3. The Firewall service is enabled in the individual files without any rules hence all traffic is allowed.

Reference Notes
Please acknowledge any reference appropriately and the use of any AI tools (refer to the assignment link on Moodle to access information from Learn HQ).

Reference no: EM133878883

Questions Cloud

History of dementia : You are caring for Mrs Rideout who has a history of dementia, she has returned from the operating theatre with a PCA infusion (patient-controlled analgesia).
Inserting double-lumen tube for gastric decompression : Client experiencing respiratory distress Inserting a subclavian central venous access device Inserting a double-lumen tube for gastric decompression.
Solomon business venture expanded : He and Hannah (wife) migrated to Australia from Israel almost 50 years ago after Solomon's business venture expanded and become international success.
Examine the connection between food waste and packaging : Examine how packaging waste affects supermarket purchasing online. Examine the connection between food waste and packaging.
Configure DHCP server on the node minerva : FIT9137 Introduction to computer architecture and networks, Monash University - Default gateway of the talos network
Difference between assessment and diagnosis : What is the difference between an assessment and a diagnosis? An assessment is gathered information about the client's needs,
How much is martys deduction for meals and entertainment : Business meals at the country club restaurant not associated with golf. How much is Marty's deduction for meals and entertainment expenses for the current year?
What is the formula associated with the rule : You are visiting with your neighbor who is a financial planner named Susan. What is the formula associated with the rule?
Prepare a memo advising the technical director : Prepare a memo advising the Technical Director and Factory Manager that they need to ensure all deliveries, especially for Wednesday delivery contract customers

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd