Scribd
Upload
12 views

Lab 3

The document discusses authentication methods including password policies on Linux and Windows, WPA2 wireless authentication, and RADIUS server authentication. It provides steps to configure each method and verify the configurations, with screenshots of the configurations and test results.

Uploaded by

Quân Hoàng
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
12 views

Lab 3

The document discusses authentication methods including password policies on Linux and Windows, WPA2 wireless authentication, and RADIUS server authentication. It provides steps to configure each method and verify the configurations, with screenshots of the configurations and test results.

Uploaded by

Quân Hoàng
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 15

Họ tên: Trần Hoàng Quân

MSSV:17110211
Lab 03. Authentication
Submission:

You will compose a lab report that documents each step you take, including screenshots to illustrate
the e 昀昀 ects of commands you type, and describing your observations. Simply attaching code
without any explanation will not receive credits

Time duration: 1 week

1. Password policies
a) Linux:Ubuntu

Step 1. Install package: PAM (lib-pamquality)

$ sudo apt install libpam-pwquality

Step 2. Edit the con 昀椀 guration:

$sudo vi /etc/pam.d/common-password

Sau đó bấm phím “E” (edit)


Options:
retry: No. of consecutive times a user can enter an incorrect password.

minlen: Minimum length of password


difok: No. of character that can be similar to the old password
lcredit: Min No. of lowercase letters
ucredit: Min No. of uppercase letters
dcredit: Min No. of digits
ocredit: Min No. of symbols
reject_username: Rejects the password containing the user name
enforce_for_root: Also enforce the policy for the root user
Example:

password requisite pam_pwquality.so retry=4 minlen=9 difok=4 lcredit=-2 ucredit=-2


dcredit=- 1 ocredit=-1 reject_username enforce_for_root
Sau đó dùng lệnh “:q!” để thoát

Verify the configuration:

Create an account: $sudo useradd testuser


$sudo passwd testuser

Sau khi đặt mật khẩu thành công

Step 3. Edit the configuration:

$sudo vi /etc/login.defs
Verify the configuration

b) MS Windows:
Create an account and test some functionalities:

- Minimum the password length


- Strong password
- Account lockout threshold
Step 1. Set up the network topology

Step 2. Upgrade Server to domain controller (HCMUTE.VN) & create an account (testuser)

Step 3. Join PC to Domain Controller (account: testuser)

Step 4. Con 昀椀 gure the password policy in Domain

Controller Step 5. Verify the con 昀椀 guration on the PC

client
2. WiFi authentication (WPA2)

Network topology

Step 1. Con 昀椀 gure DHCP server


- IP address: 192.168.10.254
- DHCP server:
o Network: 192.168.10.0/24
o IP range: 192.168.10.100 – 192.168.10.200
o Default gateway: 192.168.10.1
o DNS: 8.8.8.8
Thiết lập các thiết bị như hình trên
Cấu hình cho server:

Sau đó nhấn Save


Step 2. Configure AP
- SSID: ATTT
- Authentication: WPA2 – Personal
- Password: Lab03@spkt
Cấu hình cho Wireless Router 0 và đặt password
Cấu hình Router 0 như hình trên đó save
Sau đó connect bằng LapTop0 để chứng thực

Step 3. Verify the configuration


Test on the Laptop: IP address, ping to other PCs.
Thêm 1 LapTop mới

Sau đó Connect như LapTop 0


Sau khi thành công
3. Authentication with Radius server (802.1X)
Network topology:

Lab environment: Cisco Packet Tracer


Step 1. Configure IP address & DHCP server
- DHCP server: 192.168.10.254/24
- Configure DHCP server
o Network: 192.168.10.0/24
o IP range: 192.168.10.100 – 192.168.10.200
o Default gateway: 192.168.10.1
o DNS: 8.8.8.8
Chọn Service AAA Cấu hình IP: 192.168.10.250 chính là địa chỉ IP của Access Point,
Secret key ta tự chọn

Tạo account để xác thực vào Radius Server:


Step 2. Configure AP’s IP address
- AP’s IP address: 192.168.10.250/24
- SSID: ATTT
- Authentication (radius server): WPA2 - Enterprise
Ta đặt địa chỉ IP: 192.168.10.250 cho Access Point

Qua tab Wireless Security, ta cấu hình lại Mode Security


Mode: WPA2 Enterprise để dùng cho Radius Server xác thực

Step 3. Verify the configuration - test on the supplicant


- Check IP address information and ping to other PCs

Tiếp đến Chọn Edit -> Advanced Setup, next cho tới lúc
Chọn Security Mode: WPA-2 Enterprise, Nhập username và password tương
ứng đã tạo bên
Radius Server để tạo profile. Sau đó chọn Next và xác nhận kết nối. Sau đó client
đã kết nối thành công tới Access Point

You might also like