PricingBlogAbout Us

COIT20262 Advanced Network Security: OpenSSL, HTTPS, Firewalls, CQUni

Verified

Added on  2023/06/11

|9
|1263
|129
Practical Assignment
AI Summary
This assignment solution delves into advanced network security concepts, covering cryptographic operations using OpenSSL, HTTPS and certificate management, access control mechanisms in Linux environments, firewall configurations for network segmentation, and security recommendations for wireless networks. It includes practical exercises such as generating RSA key pairs, analyzing HTTPS connections, creating user access controls, and configuring firewall rules to secure network traffic between subnets. The solution also provides recommendations for securing wireless networks, including MAC filtering, WPA encryption, and secure router administration. The document includes file attachments, message sequence diagrams, and network diagrams to illustrate the practical implementation of these security measures. Desklib offers a wealth of similar solved assignments and past papers to aid students in their studies.
tabler-icon-diamond-filled.svg

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
ADVANCED NETWORK SECURITY
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Table of Contents
1. Cryptographic Operations with Open SSL...............................................................................3
2. HTTPS and Certificates............................................................................................................3
3. Access Control.........................................................................................................................5
4. Firewalls...................................................................................................................................7
5. Wireless Network Security.......................................................................................................8
References......................................................................................................................................10
2
Document Page
1. Cryptographic Operations with Open SSL
Here, a set of cryptographic operations will be performed by using open SSL and the
following operations will be performed (Xiao, Shen & Du, 2011),
Record all the commands
Plain text or new message will be created
Already created message file will be signed
Extract user public key
Random value of 128 bit will be generated.
Generate the RSA key pair
The message file will be encrypted
Also, by using RAS algorithms, the key text file will be encrypted.
Below zip file contains the file.
2. HTTPS and Certificates
Here, the HTTPS and certificates will be studied by using the HPPTS and Certificates. It
operates the various operations like Create topology 4 in virtual network, Capture the traffic
from web server, Setup the web server to support the HTTPS, HTTPS connection will be
analyzed and also tested and the website will be deployed. Then, The certificate authority will be
obtained by using the setup web server and the following activities are performed. They are the
Signing Request will be generated and the certificate signing request will be sent (Quirolgico, Hu
& Karygiannis, 2011).
a)
The files are attached here.
b) Message Sequence Diagram
3
Document Page
c)
4
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
d)
Basically, the self signed certificates are used for the certificate authorities. The trusted
certificate authority is provided by the self signed certificates and it also enables the encryption
with same level. There are 2 main drawbacks. So, another certificate authority is needed.
e)
The Private keys security is provided by the certificate authorities to store then offline in
special hardware devices. But, the certificate authority private key is used by the attacker.
Because, the certificate authorities identity does not verified. So, the private key is used by the
malicious users.
3. Access Control
Here, The Linux access control and the passwords will be studied by using the virtual
network. The various operations are performed. They are given below,
The new topology will be created
The five new users will be created
Also the password will be created newly
Two new groups are created
The directories and files are created
The rules and access control will be provided
Finally, the access control will be tested.
a)
The files are attached here.
b)
1. Generally, the user information is stored in the form of /etc/passwd by the Linux
distribution. There are several fields such as the user login, unique numerical user
id, optional comment field, numerical group id and also encrypted password
information.
5
Document Page
2. But the /etc/shadow is used to store the encrypted password instead of
/etc/passwd. The /etc/passwd is also used to store the encrypted password bur
super user only read this file (Sandilands.info, 2018).
c)
1. Mandatory based access control and Role based access control are the most
common access control on Linux.
2. The strictest control is the mandatory based access control of all levels. To control
the access to resources, the hierarchical approach is used by mandatory based
access control.
3. To structure the access control, the real world approach is used by the role based
access control. It depends on a user job functions within the organization to select
which the computer system belongs.
4. Firewalls
a) Network Diagram
The three subnets are DMZ, Student and Staff which is displayed in the above network
diagram. The three subnets are using the three routers which are DMZ, Student and Staff router.
6
Document Page
Switches are used to connect the routers. One router, three PC and switch presented in the
student subnet. 10.4.20.0. is the router IP address. 10.4.0.0 is the IP address of the DMZ subnet.
10.4.10.0. is the IP address of the Staff subnet. These are interconnected with each other.
b)
Rules of Firewall
The below table is used to display the rules of the firewall. The TCP network traffic
between the client and server will be blocked by using this firewall. The first rule of the firewall
is that 10.4.10.10 is the IP address of the source and 10.4.20.10 is the IP address of the
destination. The first rule states that the firewall allows blocking the TCP network traffic from
the source IP address to destination address. Similarly firewall also allows the action between the
staff and student subnet.
c)
In IP tables does not provide firewall security. So, the another default policies are used to
set the secure firewall and the policies are DROP everything. It is shown below.
7
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
5. Wireless Network Security
50 employees are working in a small company. The company is transferred to the new
building. The company network must be secured. So, they need recommendation and advice.
The recommendation will be used to deploy a secure wireless network in the building. Some of
the recommendations are given below.
a)
The following are recommendations to secure cure an organization network,
MAC filtering are used for Access control
Transmitter Power of WLAN will be reduced
remote administration will be disabled
WPA encryption will be enabled instead of WEP
Secure organization wireless router and access point administration interface
b)
The consult recommended choosing the D-link wireless access point because the
D-link wireless access point is used to provide the high reasonable network
connectivity solution for small and medium sized business.
It is the corporate name of manufacturer and designed for broadband and digital,
networking, data and voice communications solutions.
Admin of the small IT Company supports this firewall.
The business network is easily extended and also provides the enough connection
ports to allow not only the inclusion of the computers on your system.
c)
D – Link Security Features
WLAN partition
MAC address filtering
Network access protection
ARP spoofing prevention
Internal RADIUS server
Robust security
8
Document Page
Web redirection
High performance connectivity
Traffic control
Quality of services
References
Pale, P. (2012). Nmap 6. Birmingham: Packt Pub.
Quirolgico, S., Hu, V., & Karygiannis, T. (2011). Access control for SAR systems. Gaithersburg,
MD: U.S. Dept. of Commerce, National Institute of Standards and Technology.
Sawant, U., Pelz, O., Hobson, J., & Leemans, W. (2017). Linux. Birmingham: Packt Publishing.
Xiao, Y., Shen, X., & Du, D. (2011). Wireless network security. New York: Springer.
9
chevron_up_icon
1 out of 9
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.