Phase 1 TKH Project
PROJECTS | RESEARCH | RESUME ON GITPAGE | RESUME PDF VERSION | CERTS
Project Title: Designed and implemented a secure network infrastructure
Project Description:
I designed and implemented a secure network infrastructure consisting of three Windows 10 host machines and one Mac OS X host machine. A virtual box was installed on each host machine. They were all connected to the switch behind the router. They were separated from the main network and used different private IP address pools on their own subnet. This lab demonstrated a secure network infrastructure that incorporated various technologies and techniques to protect against potential threats.
The first host machine, with two Ubuntu servers, had Splunk and Suricata installed for monitoring and security purposes. Splunk is a tool that can be used to collect and analyze large amounts of data, while Suricata is an intrusion detection system that can be used to detect malicious traffic.
The second host machine had a cluster of three Ubuntu servers, isolated from the main network and connected through SSH. Kali Linux was installed to act as an attacker for the weak machines within the network. Kali Linux is a penetration testing distribution that can be used to simulate attacks on a network.
The third host machine had a pfSense firewall installed and configured as the main firewall for the network. pfSense is a free and open-source firewall software that can be used to protect a network from unauthorized access.
The fourth host machine was used for testing, with the installation of metasploitable and Windows 7 as weak virtual machines to be exploited. Metasploitable is a vulnerable Linux distribution that can be used to test the effectiveness of security controls. Windows 7 is a popular operating system that is often targeted by attackers.
The project demonstrated the importance of creating a secure network infrastructure and the various tools and techniques available to achieve that. The project also demonstrated the importance of using a variety of security controls to protect a network from unauthorized access.
Tools Used:
VirtualBox: VirtualBox is an open-source virtualization software that allows users to create and run virtual machines on their computers. It provides a platform for running multiple operating systems simultaneously, enabling users to test software in different environments or isolate potentially risky applications.
Splunk: Splunk is a software platform used for analyzing and monitoring machine-generated big data. It collects and indexes data from various sources such as logs, events, and metrics, providing real-time insights, troubleshooting capabilities, and security monitoring. Splunk enables organizations to gain operational intelligence and make data-driven decisions.
Suricata: Suricata is an open-source network intrusion detection and prevention system (IDS/IPS). It analyzes network traffic in real-time and can detect various types of network threats, including malware, intrusion attempts, and denial-of-service attacks. Suricata helps organizations monitor and protect their network infrastructure by alerting administrators to potential security breaches.
pfSense: pfSense is an open-source firewall and router software based on the FreeBSD operating system. It provides advanced networking features and can be deployed as a perimeter firewall, VPN server, or router. pfSense offers a web-based interface for configuration and management, making it user-friendly for network administrators.
Kali Linux: Kali Linux is a Debian-based Linux distribution specifically designed for penetration testing, digital forensics, and network security assessments. It includes a vast array of pre-installed tools for various security testing purposes, such as vulnerability scanning, password cracking, and network sniffing. Kali Linux is widely used by security professionals and ethical hackers for security testing and assessment.
Ubuntu Server: Ubuntu Server is a variant of the Ubuntu operating system specifically designed for server environments. It is a popular choice for hosting web applications, databases, file servers, and other network services. Ubuntu Server provides a stable and secure platform with regular updates and long-term support for enterprise use.
Metasploitable: Metasploitable is a deliberately vulnerable virtual machine created for security testing and penetration testing purposes. It is designed to simulate various vulnerable services, applications, and configurations, allowing security professionals to practice their skills in a safe and controlled environment. Metasploitable helps users learn about common security vulnerabilities and develop strategies to mitigate them.
Windows 7
iMac
Project Accomplishments:
- Designed and implemented a secure network infrastructure that incorporated various technologies and techniques to protect against potential threats.
- Successfully tested the effectiveness of security controls by using metasploitable and Windows 7 as weak virtual machines to be exploited.
- Demonstrated the importance of creating a secure network infrastructure and the various tools and techniques available to achieve that.
Project Skills:
- Network design
- Network security
- Penetration testing
- Firewall configuration
- Virtual machine management
- Security monitoring and analysis
