SPR100: Assignment 03 (10%)

Introduction
This assignments builds on what you have learned in Assignment 2 and expands on it. You will be
building a local area network (LAN) of 3 or 4 VMs and using firewalls to restricit traffic between the
various VMs. A choice of 4 network topologies will be offered, each topology is worth a different grade
value e.g. D, C, B, and A. The topology design is additive, so C topology is built on D, B topology on C etc.

All students will be expected to submit either a D or C topology. Students may then choose to expand
their topology to a B or A topology.

Objectives:
 Configure and deploy a simple topology of three 3 to four 4 VMs on a LAN local area network
using firewalls to restrict traffic
 Record evidence through screenshots and submit an assignment report
 Give an in-lab demonstration for B and A submissions

Details and Settings

Users:
 Each VM should have a user named MySeneca<VM name> e.g. on the instructor’s Web VM
there should be a user called “chrisrobertsonweb”.
 The MySeneca<VM name> user should be used for the work done on that VM e.g. the instructor
should use “chrisrobertsonweb” user while doing the implementation on the Web VM

Prompt:
 Ubuntu and Kali
o Set prompt: [role]-your name-Z-[date]-[current time] (role e.g. DNS, Web etc.)
o For example if the instructor was using the Web VM and was assigned a Z of 100, the
prompt would partially look like “web-chrisrobertson-100-“
 Windows
o Command Prompt title: [role]-your name-Z-[date]-[current time]

Note:
 All screenshots must include your terminal prompt or Command Prompt title
 Using screenshots without your correct prompt (Linux) or Command Prompt title (Windows)
0 for that screenshot
IPs:
 All VMs have static IPs:
o DNS VM: 192.168.Z.5
o Web VM: 192.168.Z.10
o Win VM: 192.168.Z.15
o SSH VM: 192.168.Z.20
Note:
 Z will be assigned by your instructor

Firewalls (Web, SSH and DNS VMs):

Submission
Submission will be done in two stages:
 D (5.5%) or C (6.5%) topology (mandatory submission)
 B (7.5%) or A (10%) (optional) – an in-lab demonstration is also required for these submissions

All students will be expected to submit an implemented topology for either D or C. Students can then
choose to extent their topologies to cover either B or A topologies

Submission will be an assignment report with screenshots. It will be required to designate what topology
you are implementing:
 Reports without a topology specified will be considered a D topology attempt and marked
accordingly
 Reports with a topology designated that clearly does not match the topology implemented will
be considered a D topology and marked accordingly i.e. an A topology is specified, yet only a C
implementation is done.

Submission Format:
 Title page – the Title Page should have the following information
 Assignment Name
 Student Name
 Student Number
 Topology Letter e.g. C or D
 Body of Text should have the following sections/headings:
 IPs – Screenshots of IPs from all VMs
 Ping – Screenshots of unique pings from all 3 VMs
 Firewalls
o Screenshots of firewalls for SSH and Web VMS
o There should be an explanation under the screenshot describing what each rule
does
 Web Query – Screenshots showing IP web queries Win and SSH VMs
 SSH Access
o Screenshots showing SSH access to SSH VM from Win and Web VMs using
MySeneca account
D Configuration
Web, SSH, Win  VMs

SSH: an SSH server

Ping: Win, SSH, Web  Win, SSH, Web All VMs can ping all other VMs
Web query IP address: SSH, Web, Win  Web-server All VMs can do an IP web-query against the Web server
SSH access using MySeneca username: Win  SSH-server Only Win can SSH into the SSH server, only MySeneca account can be used

Note:
 Only required network traffic allowed, hence all other traffic is blocked e.g.
o All VMs allow pings
o All VMs allow web traffic
o Only SSH traffic allowed is between Win and SSH
10

C Configuration
B configuration with the following modifications:
 Web query IP address: Win  Web-server Only Win can do a web-query against the Web server
 Web server has modified home page that says: “Welcome to the web-server of <MySeneca Username>”
B Configuration
C configuration with the following modifications:
 DNS  VM DNS server supplied by instructor
 Web: Web server
 Name: www.Z-SPR100.net
 Web query IP address & FQDN: Win  Web-server Only Win can do a web-query against the Web server
 DNS query: Win, SSH, DNS, Web  DNS server All VMs can query DNS server using nslookup

Note:
 The DNS should be modified to have web server as: www.Z-SPR100.net and web.Z-SPR100.net, DNS server as dns.Z-SPR100.net etc. Z in your
assigned Z value

A Configuration
B configuration with the following modifications:
 TLS encryption added to web server i.e. web browser on Win can use HTTPS to connect to web-server
o The home page for this should say“Welcome to the web-server of <MySeneca Username> using TLS encryption”
o Note: The HTTP and HTTPS protocols should have different home pages i.e. when you connect using HTTP you should see the web-site
configured for configuration D
 On the HTTP home page add a link to a 2nd web page. This 2nd web page should be password secured
o The page should say: ““Welcome to the secured web-page of <MySeneca Username>”
o The page’s username should be ‘Z-SPR100secure’ and the password should be ‘password’ – Z being your assigned value
 Web query IP & FQDN using HTTPS protocol: Win  Web-server Only Win can do a web-query against the Web server using HTTPS protocol
 Web query IP & FQDN using HTTP protocol: SSH  Web-server Only SSH can do a web-query against the Web server using HTTP protocol