221
edits
Changes
→Part 1: Set up and routing (10 marks)
== Part 1: Set up and routing (10 marks) ==
# Complete labs 1 through 4. (but note the previous announcement about forwarding port 80)# Create a new virtual network named asg1, with a subnet that has a 192.168.X network address, where X is the last first two digits of your Seneca student number. Do not use DHCP on this network.# Create a new virtual machine and install CentOS in on it as a minimal install. Name this virtual machine lin1a1 but set its hostname to yourmysenecaid.lin1a1.# Set up the new virtual machine Setup lin1a1 to have the hostname lin1a1, and two network interfaces:#* Both should be where both network interfaces are virtio type of virtual devices#* One on the asg1 . Next, setup one network interface with the IP address 192.168.X.50#* One on 32 and to connect to the network1 asg1 network with while the other network interface has IP address 192.168.210.2022 and it connects to the network1 network.# Note that Keep in mind in any networked system you can have just one, and only have one , default gateway on a system, and your . So configure the default gateway should of lin1a1 to be c7host on the 192.168.210 subnet.# Confirm that your new VM lin1a1 can communicate with both the internet Internet and with hosts on the network1 network.# Create another minimal CentOS VM, named : name it lin2a1; set its hostname to yourmysenecaid.lin2a1, with ; let it have one network interface and IP address 192.168.X.51# The 33 (X being the first two digits of your student ID). By default, after the install, this second VM should be able to access machines on the asg1 network but it will not be able to communicate with any hosts on the network1 network.# Configure lin2a1, the second VM , to be able to access the internet Internet and the network1 network via lin1a1. You'll will need to enable IP forwarding and masquerading on the correct appropriate interface in and the correct appropriate machinefor that to happen.# Configure both VMs (lin1a1 and lin2a1) to be added to your DNS server. able to connect to c7host.yourmysenecaid.ops, lin1.yourmysenecaid.ops, and lin2.yourmysenecaid.ops by hostname their hostnames (don't be tempted to set up another DNS server, use what you already havefrom your earlier lab)# Note: make sure that Ensure you start your firewall setup on each VM from the default iptables-services rules. You'll lose marks if you don't have a functional firewall on lin1a1 and on lin2a1.
== Part 2: SSH brute-force attack (10 marks) ==