Scribd Logo
Upload

Welcome to Scribd!

  • Project Task 4

    Uploaded by

    godxhunter001
    8 views14 pages
    The document details the steps taken to install and configure a pfSense firewall virtual machine to control traffic between systems on different networks. Specifically, the firewall was set up to: 1) Allow the Kali Linux system access to the internet for DNS, HTTP and HTTPS and access to the Metasploitable system for ping, HTTP and HTTPS. 2) Block all other traffic not specified in the firewall policy. 3) Demonstration showed the firewall was functioning as configured, allowing communication between specified systems and blocking other traffic.

    Original Description:

    notes

    Original Title

    Project_Task_4.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document details the steps taken to install and configure a pfSense firewall virtual machine to control traffic between systems on different networks. Specifically, the firewall was set up to: 1) Allow the Kali Linux system access to the internet for DNS, HTTP and HTTPS and access to the Metasploitable system for ping, HTTP and HTTPS. 2) Block all other traffic not specified in the firewall policy. 3) Demonstration showed the firewall was functioning as configured, allowing communication between specified systems and blocking other traffic.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    8 views14 pages

    Project Task 4

    Uploaded by

    godxhunter001
    The document details the steps taken to install and configure a pfSense firewall virtual machine to control traffic between systems on different networks. Specifically, the firewall was set up to: 1) Allow the Kali Linux system access to the internet for DNS, HTTP and HTTPS and access to the Metasploitable system for ping, HTTP and HTTPS. 2) Block all other traffic not specified in the firewall policy. 3) Demonstration showed the firewall was functioning as configured, allowing communication between specified systems and blocking other traffic.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 14

    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    Project
    Task 4
    Install and configure the pFSense firewall VM. Configure the firewall to block
    unnecessary traffic and to allow only traffic that you configure

    pg. 1 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    Firewall setup

    Install and configure the pfSense firewall VM. Configure the firewall to block
    unnecessary traffic and to allow only traffic that you configure (per policy below).
    Demonstrate (Test) that the firewall is functioning as configured.
    Create firewall policy to allow:
     The Kali system access to the Internet
    o DNS (Port 53 TCP/UDP)
    o HTTP (Port 80)
    o HTTPS(Port 443)
     The Kali system access to Metasploitable
    o PING (ICMP)
    o HTTP (Port 80)
    o HTTPS(Port 443)
     Block all other traffic

    System Configuration:
     Asus ROG Zephyrus G15
     Windows 10 Home
     40.00 GB RAM
     AMD Ryzen 9 5900HS with Radeon Graphics at 3.30 GHz
     64-bit Operating System, x64 based processor
     1 TB SSD Hard disk drives

    Steps for setting up the firewall:


    Below images describes the different steps we have taken to set up the firewall

    pg. 2 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    Installing pfSense using the image provided in the z drive

    pfSense is installed using the files provided + we have booted into it using the hard
    drive so now this state can be saved.

    pg. 3 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    We start by assigning interfaces to the WAN LAN and OPT1

    Now that the interfaces are assigned, we configure the interfaces

    pg. 4 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    Configuring the first IP address which we are going to use in out Kali system to manage
    the firewall

    Configuring the second interface with the IP of 10.10.2.1/24

    pg. 5 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    Now moving Metasploitable on the 2nd Network

    Now changing the interfaces file in Metasploitable to the 2 nd network

    pg. 6 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    Disabling the 2nd adapter to make sure that there are no interfaces that can go directly
    to the internet and have to pass through the firewall that we create.

    Configuring the gateway for the Kali system

    pg. 7 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    Now looking at the ifconfig to make sure the system is working as intended and the
    routes are accurate.

    Now when we ping the systems from each other, the Kali system is able to reach the
    Metasploitable system, however, the Metasploitable system is unable to reach the Kali
    system. We will now look at the firewall to see why that is happening.

    pg. 8 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    We now log into the pfsense interface at 10.10.1.1

    We now have the pfsense tool configured by going through the setup process.

    pg. 9 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    We can now see all the admin settings for pfsense and all the different interfaces that
    are connected to the firewall

    pg. 10 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    First disabling the existing connections which were allowing the Kali system to access
    all of the internet

    Now Configuring the different types of connections that we are allowing the Kali system
    to make. The above connections are setting up a DNS service and enabling 3
    connections which we have specified.

    pg. 11 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    Now we are able to access the internet

    We are also able to access the metasploitable image on 10.10.2.12

    However, we are unable to ping the machine now

    pg. 12 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    We update the policy to allow the Kali system to ping the Metasploitable system by
    creating a new rule.

    So now we can ping the Metasploitable system from the Kali system. However, we
    cannot do the converse. To do that, we need to add a new rule.

    pg. 13 Srujan Sharma


    Principles of Cybersecurity and Warfare (CISC 661-90-O-2022)

    Now we have added a rule in the firewall policy to allow the Metasploitable system to
    ping the Kali System

    Now we can see that both the systems are able to communicate with each other
    through the firewall. This concludes project task 4.

    pg. 14 Srujan Sharma

    You might also like