Network design and plan
Construct a basic network design, separating private and public services within the
Corporation Techs� network.
, you must: 1. Access the PCAP files using NetWitness Investigator, and browse the Nmap
scan (XML format), topology fisheye chart (PDF format), and Nessus report (HTML format).
- Identify vulnerabilities and clear-text information transfer.
- Conduct research and determine the best network design to ensure security of internal
access while retaining public Web site availability.
- Identify any opportunities for reduced ISP costs through port redirection or address
translation.
- Design a network configuration, identifying network gateways, port or address redirection
systems, and the location of hosts within private and protected network segments. - Create a professional report detailing the information above as supportive documentation
for the network security plan.
- Create a report that includes a basic network diagram and research results.
Network Survey
Introduction:
A Network Survey was conducted for Corporation Techs to understanding the current
configuration of hosts, services, and protocols in use within the organization. We are
planning for Network defences because management is concerned that they are losing
business to a competitor. The primary goal is to identify the hosts, services and protocol
so that we can design our network defence accordingly.
Tasks:
1) Identified hosts within the Corporation Techs’ network.
Host Host MAC Address Host Details
172.30.0.200 BA:ED:59:36:3F:C1 Linux
172.30.0.9 D6:BE:BA:8D:34:7C Linux
172.30.0.8 EE:B8:CC:E6:B0:13 Microsoft Windows Server
2003 Service Pack 1
172.30.0.4 56:25:5F:56:AF:F8 Linux
172.30.0.2 EA:14:27:A9:7D:5A Microsoft Windows Server
2003 Service Pack 2
172.30.0.1 BA:ED:59:36:3F:C1 Linux Kernel 2.6 on Debian
6.0
172.30.0.3 F2:C3:22:99:90:2B Microsoft Windows XP Service
Pack 1
2) Identified all hosts services and protocols within the provided packet trace.
2 | Page
Host Services Protocols
172.30.0.200 SSH, Telnet, rpcbind 2 TCP
172.30.0.9 SSH TCP
172.30.0.8 ftp, domain, Kerberos-
sec, msrpc, ldap,
Microsoft-ds, ncacn_http,
tcpwrapped, msrpc, pptp,
Microsoft-rdp, http
TCP
172.30.0.4 ftp, ssh, http, mysql TCP
172.30.0.2 Unknown Services
running
TCP/UDP
172.30.0.1 SSH, Telnet, rpcbind TCP
172.30.0.3 dce-rpc, NTP, epmap, smb,
netbios-ns, ms-wbt-server,
cifs,
TCP/UDP
Security plan to prevent unauthorized access:
To secure our web server we can palace a new networking hardware that is firewall on the
edge of the network. We will choose a firewall which can play two roles like WAF (Web
Application Firewall) and NGFW (Next GEN Firewall). From this we can sure that both
public and secured Web access remain available. We can make a DMZ zone in firewall
and in that DMZ zone we will deploy our existing web server for public and secured Web
access. On firewall we will configure a Static NAT so that it can be accessible publicly
and with that we will configure DOS and DDOS and Geographically IP filtering security
policies. For sales team to log on securely on web server we will make a SSL-VPN on
firewall for security purpose. After implementing this security plan we can prevent
unauthorized access.
Best Practises:
Implement Honeypot for the attack detection and alerting system.
Disable Ping access from outside the network.
Keep all server software and operating system updated.
Implement Antivirus solution in the infrastructure.
Patch all the operating system.
Close all the unnecessary ports and services.
Remove all the default settings for example Apache default server pages, IIS Default
pages etc.
Change the all default passwords and remove default accounts.
Make a strong password complexity.
