Network and Security Lab Report: Lab 4.1: Installing Certificate Services [PDF]

Zitiervorschau

Network and Security Lab Report Student’s Name: Nguyen Quang Vinh Student’s ID: 19020485 Birthday: 21/10/2001

Lab 4.1: Installing Certificate Services

- Open browser and navigate to https://www.microsoft.com/enus/evalcenter/evaluate-windows-server-2016. - Select ISO and click Continue.

- Then complete the form and click Continue.

- Then select Language and click Download to save the ISO to hard drive.

- Launch VirtualBox and create a new VM with Window Server 2016 ISO.

- Set up password as Pa$$word and click Finish.

- Open Server Manager, click Add Roles and Features, then click Next until see the Server Roles window.

- Select the Active Directory Domain Services checkbox.

- Click Next 3 times, then click Install.

- Click the notifications flag, select Promote this server to a domain controller and then Add a new forest.

- Enter the password Pa$$word and confirm it.

- After completing the prerequisites check, click Install.

- Open Server Manager, click Manage, and then click Add Roles and Features. - Click Next until you reach the Server Roles window. - Select the Active Directory Certificates Services check box.

- Read the AD CS page. - In the Role Services window, select Certification Authority and Certification Authority Web Enrollment check box, then click Next.

- Click Install, then click Close (after the installation has completed).

- Click the notifications flag, the click Configure Active Directory Certificate Services on the destination server.

- On the Role Service window, select Certification Authority and Certification Authority Web Enrollment checkbox.

- Click Next until you reach the Confirmation window, then click Configure.

- After the configuration has finished, click Close.

- Search “mmc” on Search Windows and click mmc.

- On the Microsoft Management Console window, click File, then click Add/Remove Snap-ins.

- Add Certificate Template, Certification Authority (Local), Enterprise PKI and Internet Information Services (IIS) Manager snap-ins.

- Save the console on Desktop as PKI. - Close all windows and log off.

Review question 1. 2. 3. 4. 5.

B B, C, D C True D

Lab 4.2: Configuring Secure Socket Layer

- Launch the Windows Server VM you created in Lab 4.1. - Open the PKI console on Desktop. - Expand Enterprise PKI in the left pane and click ServerName (start with “VinhNguyen”)

- Double-click CA Certificate in the center pane.

- Expand Certification Authority (Local) (in the left pane) - Click ServerName (start with “VinhNguyen”)

- Click the Issued Certificates folder.

- Double-click the certificate with the Request ID of 2. - Click OK to close the certificate.

- In the left pane, click Certificate Templates. In the center pane there are some of the available preconfigured certificate templates. - Close and save the PKI mmc.

- Click Start, then click Windows Administrative Tools and double-click the Internet Information Services (IIS) Manager.

- In the Connections pane, expand NameServer, then expand the Sites folder and then the Default Web Site.

- Select NameServer and double-click Authentication.

- Select Default Web Site and double-click Authentication.

- Select Default Web Site and double-click SSL Settings.

- Click NameServer (in the left pane) and double-click Server Certificates.

- Double-click each certificate (in the middle pane) to open, then click OK to close the Certificate window.

- Click Default Web Site (in the left pane). In Actions section of the right pane click Bindings.

- Click Add, set Type to https, and in the SSL certificate box, select the certificate that is named with the fully qualified domain name of NameServer. - Click OK, then click Close.

- Select Default Web Site (in the left pane) and double-click SSL settings (in the middle pane). - Select the Require SSL checkbox, then click Apply in the Actions pane.

- Click Start, then click Windows Administrative Tools and double-click the Active Directory Users and Computers.

- Expand VinhNguyen.local, click User and then Create a new user in the current container. - Create a domain user account for Anthony Newman, with the username anewman and the password Pa$$word.

- Double-click Anthony Newman’s account.

- On the General tab, in the E-mail box, type [email protected] and click OK. - Close all windows and shut down the VM.

Review Question 1. 2. 3. 4. 5.

D B D C True

Lab 4.3: GOST Hash Function Review Question 1. 2. 3. 4. 5.

B D True A True

Lab 4.4: Configuring Certificate Auto-Enrollment

- Launch Windows Server VM.

- Open PKI console and add Group Policy Management snap-in.

- From the PKI console, expand Group Policy Management, expand Forest: VinhNguyen.local, expand Domains, expand VinhNguyen.local, right-click Default Domain Policy and click Edit. - Expand User Configuration, expand Policies, expand Windows Settings, expand Security Settings and click Public Key Policies.

- In the right pane, right-click Certificate Services Client – Auto Enrollment and click Properties. - On the Enrollment Policy Configuration tab, set the Configuration Model to Enabled, then select Renew expired certificates, update pending certificates, and remove revoked certificates and Update certificates that use certificate template check boxes. - Click OK and close the Group Policy Management Editor.

- In the PKI console, expand Certification Authority (Local), expand NameServer, and click Certificate Templates folder.

- Click Certificate Templates (under the Console Root). - Right-click the User template (in the middle pane) and click Duplicate Template.

- Click the General tab, then in Template display box, type “VinhNguyen”. - In the Validity period number box, change 1 to 2 years.

- In the Renewal period number box, change 6 to 12 weeks.

- In the Request Handling tab, select Prompt the user during enrollment.

- On the Security tab, click Add button, in the Enter the object names to select box, type ”Anthony Newman” and click OK.

- In the Group or user names box, select Anthony Newman, and in the Permissions for Anthony Newman box, place check marks in the Allow column for Enroll and Autoenroll, then click OK.

- Return to Certification Authority (Local)/VinhNguyen-… and right-click Certificate Templates. Click New and click Certificate Templates to Issue.

- In the Enable Certificate Templates window, select VinhNguyen and click OK.

- Double-click VinhNguyen in the middle pane to open. Click Cancel to close the window. - Close all windows and log off systems.

Review Questions 1. 2. 3. 4. 5.

A ii. and B B True B

Lab 5.1: Getting Started with Kali Linux

- Open VirtualBox and click New to create a new VM.

- Set the File location and size to 25GB.

- In Select start-up disk window, select the Kali Linux 2021.4 ISO file.

- In the Configure the network window, enter Vinhnguyen.com in the Domain name box.

- In the Set up users and passwords window, enter vinh for username and admin for administrator password.

- In the Partition Disk window, select Yes.

- In the Install the GRUB boot loader window, select Yes.

- Click Terminal button on the panel on the left of the Desktop. - Type ifconfig at the command line and press Enter.

- Type /etc/init.d/networking start at the command prompt and press Enter. - Then type ifconfig and press Enter.

- Ping to www.yahoo.com.

Review Question 1. 2. 3. 4. 5.

B True D C D

Lab 5.2: IP Spoofing with Hping3

- In the VirtualBox Manager, click Windows Server. - Click Settings, then click Network. - In the Network/Adapter 1 window, select NAT network and click OK.

- Repeat for Kali Linux.

- Launch the Windows Server VM. Right-click Start button and select Control Panel. - In the Control Panel window, open Network and Internet, then select Network and Sharing Center and click Ethernet, then click Properties. - Select Internet Protocol Version 4 and click Properties. - Select Use the following IP address, then for the IP address, enter 192.168.0.1 with a Subnet mask of 255.255.255.0. - Click OK and Close until you are back to the Network and Sharing Center.

- Create a new Windows 10 VM with the ISO and launch it. - Right-click the Start button and select Control Panel. - In the Control Panel window, open Network and Internet, then select Network and Sharing Center. - Click Change adapters settings. - Right-click Ethernet and select Properties. - Select Internet Protocol Version 4 and click Properties. Select Use the following IP address, then for the IP address, enter 192.168.0.2 with a Subnet mask of 255.255.255.0. - Click OK and close all the windows until you reach the Desktop.

- Launch the Kali Linux VM. Click the Show Application icon, then search for “network” and click Advanced Network Configuration. - Click IPV4 Settings, then click Add button. - Enter the address 192.168.0.3 and subnet mask 255.255.255.0. - Click Save and then close all windows until you reach the Desktop.

- On the Kali Linux VM, open a terminal window, type hping3 -help and then press Enter.

- On the Kali Linux VM’s terminal, type wireshark and press Enter.

- Open the terminal window, type sudo hping3 -S 192.168.0.1 and press Enter.

- In the terminal window, type sudo hping3 -S 192.168.0.2 -a 192.168.0.1 and press Enter. - Press Ctrl + C to stop hping3.

Review Question 1. 2. 3. 4. 5.

Because it is absent from back table. UDP A A C

Lab 5.3: APR Poisoning

- Launch Kali Linux VM, open Terminal window, type ifconfig and press Enter.

- Launch Windows 10 VM, open Command Prompt window, type ipconfig /all and press Enter.

- Launch Windows Server 2016 VM, open Command Prompt window, type ipconfig /all and press Enter. - Then type ping 192.168.0.3 and press Enter.

- In Windows 10 VM’s Command Prompt, type arp -a and press Enter.

- Return to Kali Linux, start capturing traffic on your network interface by Wireshark.

- Click the Applications button, click Sniffing and Spoofing, then click ettercap-graphical. From Sniff menu, click Unified sniffing and then click OK.

- From the Hosts menu, click scan for hosts. From the Hosts menu, click Hosts list.

- Add Windows Server 2016 VM to target 1 and Windows 10 VM to target 2, then click Start sniffing.

- From the MITM menu, click Arp poisoning. In the MITM Attack: ARP Poisoning window, select the Sniff remote connections checkbox and click OK.

- On the Windows Server, perform another ping of Windows 10 VM. Check the ARP cache with the arp – a command on both Windows Server and Windows 10 VM.

- Repeat the ping, but this time, capture the result with Wireshark on Kali Linux.

- Close the Ettercap program. Type arp -d* and press Enter on both Windows Server and Windows 10 VM. - Close all windows and log off.

Review Question 1. A, B, C, D 2. By altering the MAC addresses to those Kali Linux, the session was hijacked, and the pings were intercepted. 3. 4. False 5. A

Lab 5.4: Man-in-the-Middle-Attack

- Log on to Windows Server, open your web browser, access any website to verify that you have Internet connectivity.

- Launch the Kali Linux VM, open a terminal window and ping Window Server to verify connectivity.

- Open ettercap-graphical. From the Host menu, click Scan for hosts.

- Select the Hosts list entry that represent the router and click Add to Target 1. Select the entry that represents Windows Server and click Add to Target 2. - Click Start sniffing.

- From the MITM menu, click Arp poisoning. In the MITM Attack: ARP Poisoning window, select the Sniff remote connections checkbox and click OK.

- From the Plugins menu, click Manage the plugins. Scroll down and doubleclick the plugin named remote_browser. - On Windows Server, open web browser. In the address window, type www.google.com and press Enter. - Close Ettercap. - Open a command prompt, type arp -d* and then press Enter.

- On Windows Server, enter www.yahoo.com in browser’s address window and then press Enter.

Review Question 1. 2. 3. 4. 5.

Default settings get restored. A, C B B

Lab 9.1: Verifying the Integrity of the Hosts File

- Download the md5deep-4.4.zip file in github link.

- Extract to Local Disk (C:).

- Open Notepad. From the File menu, click Open and navigate to C:\Windows\System32\drivers\etc. In the drop-down box that says Text Documents, change the settings to All Files. Open the hosts file. - Close the hosts file.

- Open Command Prompt, type cd C:\md5 end press Enter.

- Type sha256deep C:\Windows\System32\drivers\etc\hosts and press Enter. - Copy the hash to a new Notepad file and save as hosthash.txt file in the Desktop.

- Open the host file, add “69.32.133.79 www.boguswebaddress.net” to the bottom of the file and click Save. - Open Command Prompt, type sha256deep C:\Windows\System32\drivers\etc\hosts and press Enter. - Copy the new hash to hosthash.txt file in the Desktop.

- Go to www.boguswebaddress.net.

Review Questions 1. 2. 3. 4. 5.

C D C C C

Lab 9.2: Installing the FTP Service and Wireshark

- Log on to Windows Server as Administrator. - In Server Manager, click Manage, then click Add Roles and Features. - Click Next until you reach the Server Role window, expand Web Server (IIS), then expand FPT Server and select FPT Service.

- On the Windows Server, create a new folder named FTP Data on the C: drive. Within that folder, create a file called Credential.txt containing name and current data. - Open his IIS Manager window, expand Window Server, right-click the Sites node and select Add FTP site. - In the FTP site name textbox, enter FTP Data. In the physical path, navigate to the FTP Data folder.

- In the Bindings and SSL Settings window, select No SSL.

- Select Anonymous and Basic in Authentication area. - In the Authorization area, select All users, and read and write. Click Finish.

- In the search box, type wf.msc to open Window Firewall. Turn off the firewall for Domain, Private and Public. Click Apply and then OK.

- Setup Wireshark on Windows 10 VM. - Close all windows and log off.

Review Questions 1. 2. 3. 4. 5.

B A, D B True C

Lab 9.3: Capturing and Analyzing FTP Traffic

- Log on to Windows 10 VM as the administrator. - Click the Wireshark icon on the Search box.

- Create mbloom account with password Pa$$word in Windows Manager (in Windows Server VM).

- Select Ethernet and click the Start button. - Open Command Prompt, type cd \ and press Enter. - Log into the FTP server as mbloom, then type Pa$$word for password and press Enter. - At the ftp> prompt, type dir and press Enter to see what files are in the FTP server’s home directory. - Download Credentials.txt file as follows: type get Credentials.txt and press Enter.

- Return to Wireshark and examine the captured packets. - Close Wireshark without saving the capture. Close all open windows and log off.

Review Question 1. 2. 3. 4. 5.

A A C D D