hello beautiful people, can you help me to solve these assignment please
Prepare two virtual machines, one with Windows 10 Home and another with Windows Server 2016. You can download them from Microsoft, (Windows 10 and Windows Server). Make sure both VM have interfaces in internal mode and with manual IP addresses of the same network. Execute wf.msc in both. Then, reply to the questions below: 1. What is the default policy for inbound connections that do not match a rule? Would you say this is strict or loose from a security point of view? 2. What is the local port for the “World Wide Wide” inbound rule in Windows Server? What server is mentioned in the description? 3. Set the “Action” to “Block the connection”. What happens when opening a browser in Windows 10 to access the server’s IP address? Do you get any message? 4. Now, disable the rule and try again from the browser in Windows 10. What is the behavior? Why? 5. Open “\\IP_of_client” from the server. You will not be allowed because the firewall on Windows 10 has all File and Printer Sharing rules disable. Make this work by enabling the right rule. Explain what rule did you chose and why. What is the profile for this rule? 6. Modify the rule so that only the server is allowed to access the shared resources. What tab did you use? What information did you provide? 7. Where in the Windows Server is located the firewall log file? What is its maximum size? What would happen if this size is reached? 8. Change the firewall’s configuration in the server so that the firewall will log dropped packets for all three domains (private, public and domain). What options did you click on? What tabs? Explain. 9. Add a new rule to block all inbound traffic to the port 80 and try the server’s IP from a browser in the client. Looking at the information available in the server’s firewall log, determine how would you know the communication failed and what systems were communicating. 10. What would happen with the log file if you enabled logging for successful communications? Explain a situation in which that could be useful. Objective: configuring pfsense Prepare the network as per the design below: You will need to create a new virtual machine for pfSense. The client and server are already available to import from the file pfSense_lab.ova. The password for both the user herzing and root is Herzing2021. Please make sure the first interface in the firewall is set as bridged, the second as internal (network name: intranet) and the third internal as well (network name: dmz). Once the pfSense ISO file is linked to the optical drive, the installer will be launched. You can chose a BIOS installation; then, answer “n” when asked about VLANs. Finally, pfSense must be initially set up using the non-graphical menu options 1 (assign interfaces) and 2 (assign IP addresses). After the initial set up, you can continue the configuration from the client. Open the URL http://192.168.50.1 in the browser. The default credentials are admin / pfsense. http://192.168.50.1/ Please note most changes in the firewall require clicking on “Save” and/or on “Apply changes”. This will not be specified on the tasks but it must be done anyway. Perform the tasks and respond to the questions below: 1. What is the default domain and primary DNS server? Set the domain to herzing.lab and the DNS servers to 208.67.222.222 (primary) and 208.67.220.220 (secondary). Do not allow the configuration to be overridden by disabling the checkbox. 2. You can leave the WAN interface in DHCP mode, but make sure you are aware of the IP assigned by your home router or device that is assigning IP addresses in your host’s network. Disable the check “Block RFC1918 Private Networks”, for you will need to test the firewall from your host machine, which has a private IP address. In a real case scenario, you would not disable this option for security reasons. What is the use of the “Block bogon networks” option that is checked at the bottom? 3. Set the password to the one used for root and herzing user. Reusing the password would not be recommended in a real scenario. Why? What other security measure regarding the password would you recommend? 4. Once finished, the system information is shown. What are the full system name and the user? What kind of digits compose the Netgate Device ID? 5. Click on the menu and go to Firewall → Rules. Explain the existing rules on the WAN interface. 6. Also, explain the existing rules on the LAN interface. 7. Why is it necessary to have two “Add” buttons? What is the difference? 8. What interfaces might a floating rule apply to? 9. On the menu, go to Firewall → Aliases. Create one to reference the server “zeus” as “webserver”. What information did you provide? 10. Create a new alias named “webports” that include both ports TCP 80 and 443. Describe the provided information. What category was the alias put on? 11. Now add a firewall rule to allow the communication from the internal network to “zeus” on port TCP 25. Use some of the alias you created. What source did you specify? What destination? What did you chose from the port range list? Why? 12. Copy the previous rule but changing the port to 80 and 443. Use the corresponding alias. How did you copy it? What position did the new rule take (top or below another rule)? What did you use as Destination Port Range? 13. Just after this two rules, add another one to block all traffic from the internal network to any host in the DMZ on any port. What information did you provide in the first, second and third sections? 14. What would happen if the three rules were in different order (block first and allow second)? 15. You can make sure the port 25 rule is working by executing “telnet 10.0.0.2 25” from a shell in the client. After a while, you should get a response from Exim, the mail server. If the rule didn’t work, you would simply wait a long time after “Trying 10.0.0.2…” What message did you get from Exim? You can type “quit” and press ENTER to get the shell prompt again. 16. Try executing “telnet 10.0.0.2 8080” from a shell in the client. Leave it trying. Meanwhile, on the firewall dashboard go to Status → System Logs → Firewall. Is there any information regarding port 8080 at the bottom of the normal view? What kind of traffic is being blocked? What are the three last numbers of the rule? 17. Go to Firewall → Rules and, in the LAN tab, activate the logging for the rule you created to block all traffic to the DMZ by editing the rule and scrolling to the “Extra Options” section. Try again “telnet 10.0.0.2 8080” from a shell and check now the firewall log. What type of rule and number is available regarding port 8080? What the buttons “-” and “+” are for? 18. You probably have seen blocked DNS traffic. To allow it, create a single rule that applies to both the DMZ and internal network for outbound traffic on port UDP 53. What kind or rule did you create? Describe the information provided for Interface, Direction, Protocol, Source, Destination and Port Range. 19. Maintenance of a firewall is paramount. What menu and option would allow you to check if the system is updated? 20. What menu entry would you use to backup the firewall? What format the output file is in? Could you restore only some areas, for instance the firewall rules?