Professional Documents
Culture Documents
Individual Component
Everyone needs to do an individual demonstration of their base system around mid -semester. To
prepare for the demonstration, add your TP number as a user in /home/vmail/mail-pwd, and send
yourself some test emails. The demonstration simply requires you to show your inbox in
Squirrelmail.
Everyone needs to do an individual enhancement for their base system. There are a number of
options listed below for enhancements to the base system, and each group member needs to
choose one for their individual work. The rest will be available for the group to work on together.
The project management component requires you to show one group member as the owner of the
enhancement, no matter how many group members work on it or when. The project management
component will be assessed through the information you provide in your report plus your
individual reflections on the teamwork of your group. The individual reflections are from you
alone, and must be submitted separately.
Group Component
There are a number of options listed below for enhancements to the base system, and once each
group member chooses one for individual implementation, the rest will be available for the group
to work on together. The group is free to choose any combination, and a special scenario devised
by the group can be proposed to your lecturer, who will be happy to advise on its suitability and
help you refine it if necessary.
The minimum number of enhancements done by the group is 3, including one required
enhancement: (a) using stunnel for communication between servers and (b) using the mail
submission port.
1
Remember, maximum points for an enhancement will only be achieved when it is successfully
implemented (criteria 1) and properly documented (criteria 2). The project management
component requires you to show one group member as the owner of the enhancement, no matter
how many group members work on it or when.
Screenshots used to document enhancements must show the student ID of the owner in the
command prompt, logfile messages, or email address. Details of how to do this are in the
Resources Document and Report Template.
Documentation should be organized as a set of steps that were followed to implement the
enhancement, with a focus on pitfalls and obstacles encountered and overcome – if there is a
resource that is sufficient, refer to it with some critical evaluation (how complete is it? how close
is their system to our system? what’s missing?) rather than copy/paste into your report.
The group presentation is intended to help you finish your project successfully. It is essential to
have a draft of your report to review. The presentation will be informal, focused on the tasks you
have chosen, the progress you have made, obstacles overcome, and outstanding issues to be
resolved (no powerpoint required).
2
1. Cross-System Multitail
a) Use one easy method to setup Multitail to show the postfix logfiles on the Gateway and
the Mailserver in separate windows, and demonstrate using email via telnet
b) Use a different easy method to setup Multitail to show the postfix logfiles on the
Gateway and the Mailserver in a single window with different colors, and demonstrate
using email via telnet
2. Basic VPN
a) Setup openvpn using static keys
b) Have two sets of config files, one for tun and one for tap
4. iptables
a) Add the six “Rules for things that no proper TCP stack should be processing” from the
IPTables Quick Reference section -p --protocol tcp but use a LOG target
b) Use hping2 and Multitail to show the rules are working
5. SUDO
Choose one server and
a) Change the startup display to show a random fortune in color each time a user logs in
rather than the command summary and root login
b) Allow no root access: force users to use sudo
c) Have different color prompts for normal users and root
when you move to Ubuntu, you will want to manage sudo!
7. Protocol Analysis
Use tcpflow to capture the dialog between the browser and the webserver when
a) you access the default monkey webpage. How can you recover the images?
b) you access a mailbox in squirrelmail. How many requests are made? How many servers
are involved?
3
8. Migrate to Net-R
a) Clone and reconfigure your TinyNet servers as Net-R servers
b) Reconfigure DNSMASQ to hand out static addresses to servers rather than dynamic ones
c) Describe the Net-R automatic traffic generation system
9. Port Knock
a) Use the Netcat and Named Pipes technique to set up a reverse shell
b) Use knockd and hping2 to control availability (activate/deactivate)
10. Ettercap
a) Use two Net-R hosts, and change the index.html on one of them to say
“Substitute webserver has answered your request – Frown and Be Worried”
b) Demonstrate before and after ARP & DNS cache poisoning with Ettercap
(can also do this with two TinyNet No-Role hosts)