Network Security Fundamentals
Assessment 2: Security Implementation
Assessment: Security Implementation
Weighting: 30% of the final mark of the unit
Due Date: See Blackboard
Before you read the assignment instructions, please complete the following:
1. Read the academic integrity document related to this unit
(the above resource is available under Assessment Academic Integrity).
2. Review the ‘Exemplar Assignment’. The exemplar is similar piece to this assessment; therefore, it should enable you to better understand its expectations. Your final assignment and work should be your own incorporating your own perspective and creativity. Additional information is provided on Blackboard under the Assignment Exemplar link.
3. Read and ensure you understand the marking rubric (available under Assignments Assessment 2: Security Implementation Marking Rubric).
This assessment is aligned to the following learning outcome of this unit:
• ULO 1: Investigate fundamental aspects of network security including threats, attacks and vulnerabilities, defensive architectures, and designs.
• ULO 2: Appraise security appliances, assessments, penetration testing, and cloud security.
• ULO 3: Evaluate secure network solutions through software tools to assess security and protections.
This assessment requires you to:
1. implement a SSH server,
2. implement a honeypot,
3. implement security controls using baseline configurations, multi-factor authentication, and a firewall
4. perform security monitoring through logging
5. evaluate the network for vulnerabilities and recommend changes
Tasks before the video recording:
You are recommended to use the Azure Virtual Lab environment provided to you in the course. Alternatively, you may use another virtualisation setup on your own machine. In the latter case, supporting you by the lecturer/facilitator to troubleshoot technical difficulties related to your setup such as VMware/VirtualBox will be limited. If you are using the Azure lab, please make sure you maintain a backup of your work outside the Azure lab. If a reset of the lab is required, all data in the Azure lab will be lost.
You are required to first complete the following tasks. Do not record these in the video.
1. On the Ubuntu Desktop based Remote Server, install, and configure OpenSSH server with the following baseline configuration:
• Disable password login and implement key-based authentication.
• Change SSH port to 2233.
• Set a login banner message that includes your Student ID and name.
• Disable these: AllowTCPForwarding, GatewayPorts, PermitRootLogin,
HostbasedAuthentication, PermitEmptyPasswords, and X11Forwarding.
2. Implement Multi-Factor Authentication (MFA) for OpenSSH.
3. Install and configure Cowrie with the following criteria:
• Do not let root use any password. Only allow it to use five pre-defined passwords of your choice.
• Create another user with the username “staff”. Allow staff to use any password to login.
4. Configure the firewall using iptables based on the following requirements. Do not use ufw or any other front-end to configure the iptables.
• Only allow incoming traffic to the OpenSSH and Cowrie services.
• Block all other traffic.
• Enable logging to record OpenSSH, Cowrie, and blocked traffic with the following included in the log entry respectively:
• SSH TRAFFIC
• HONEYPOT TRAFFIC
• BLOCKED TRAFFIC
Tasks during the video recording:
Once you have completed all of the above tasks, record and submit a video recording by capturing the following tasks.
1. Give an introduction of yourself, the setup, and the security countermeasures. You should only use two slides for this task at the beginning of the video. The remainder of the tasks should be completed by showing the VMs you have configured.
• Slide 1: Your introduction.
• Slide 2: Briefly describe the setup using a logical/conceptual diagram illustrating your setup.
2. Show the OpenSSH configuration.
3. Show the MFA configuration.
4. Show the Cowrie configuration.
5. Show the iptables rules currently active.
6. Perform a ping to the SSH server.
7. Demonstrate that you can connect to the SSH service with MFA using a different VM or host computer.
8. Disconnect from your previous SSH connection. Then demonstrate that you can connect Cowrie using a different VM or host computer. First login as “staff” and disconnect. Then login as “root” and execute the following three commands.
cat /etc/passwd curl ecu.edu.au rm ~/.bashrc_history
9. Show the Cowrie log with evidence of all your activities in the previous step.
10. Show that iptables detected the previous ping attempt.
11. Show that iptables detected the previous SSH connection.
12. Show that iptables detected the Cowrie connection.
13. Perform a port scan on the SSH server and explain the output.
14. Identify two weaknesses in the current configuration and suggest security improvements you would make to address these weaknesses. You do not need to use any slides for this task or implement your suggestions.
1. Start early and plan ahead.
2. Read this document carefully and watch all the videos provided.
3. Read the marking rubric carefully as you will be evaluated against them. If in doubt about any of these, you should ask your lecturer/tutor/facilitator as soon as possible before the submission.
4. Have a plan before you start recording. This will allow you to use your time efficiently. A script with a sequence of steps written down for your own reference can be extremely helpful.
5. Practice before you record the final submission.
6. Get feedback from your lecturer/tutor/facilitator well before the deadline.
7. Panopto allows you edit your recording by cutting frames that are not relevant. This can help you trim down unwanted parts of the recording to fit into the timeframe.
Required Video Demonstration Structure:
1. Format: Video recording created using Panopto.
2. Duration: 10 minutes.
3. Important to Note:
• Any video content exceeding the prescribed duration will NOT be assessed.
• Student Identity Verification is mandatory. If this cannot be made, then your demonstration will not be assessed.
• To ensure Student Identity Verification (SIV), you are required to record your headshot during the entire duration of the recording and show your ECU Student ID Card to the camera at the start of the recording for five seconds so that it can be read and verified.
• Ensure you speak clearly in the recording.
• Ensure everything you show and describe are clearly visible to the audience. E.g., configuration files viewed, or commands used in the Terminal should be legible.
• DO NOT do a voice-over on a pre-recorded video. Your recording should be a live demonstration of you performing the activities and narrating what you are doing. A voice-over of a pre-recorded video will result in zero and may be reported as contract cheating.
Deliverable: Video recorded using Panopto and submitted through Blackboard.
Referencing, Plagiarism and Collusion:
The entirety of your assignment must be your own work (unless the ideas are taken from sources, in which case you must reference) and produced for the current instance of the unit. Any use of unreferenced content you did not create constitutes plagiarism and is deemed an act of academic misconduct. All written assignments will be submitted to Turnitin which will match your assignment to sources including previous copies of the assignment, and the work submitted by all other students in the unit. It is also important to understand that if you have attempted this unit before you may not re-use your previous assessment work or related work from any other unit you have studied previously as this is classified as self-plagiarism.
Remember that this is an individual assignment. Never give anyone any part of your assignment – even after the due date or after results have been released. Do not work together with other students on individual assignments – helping someone by explaining a concept or directing them to the relevant resources is fine, but doing the assignment for them or alongside them, or showing them your work is not appropriate. An unacceptable level of cooperation between students on an assignment is collusion and is deemed an act of academic misconduct. If you are uncertain about plagiarism, collusion or referencing, simply contact your learning adviser and seek support.
You may be asked to explain and demonstrate your understanding of the work you have submitted. Your submission should accurately reflect your understanding and ability to apply the unit content.