Tuesday, March 1, 2011

Ubuntu

The installation of an Ubuntu virtual machine was successfully accomplished. Now installing the ipcop in order to test GUI and functionallity.
Posted by at No comments:

Network Address Translation

NAT stands for Network Address Translation and it is the process in which the information in the IP’s datagram header is rewritten by a router or firewall. In this way many hosts of a private network can reach the internet while using one and the same IP address.
The NAT is widely used for hiding the real IPs of the private network and the essence of this mechanism is related to all the outgoing traffic through the firewall to the outside networks. Once reached the firewall, the packet gains an IP from the firewall which is configured by an administrator. In the RFC 1918 are defined the following 3 address ranges for using in the private networks:

10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255

The above mentioned address spaces are used for private networks and aren’t accessible from anywhere, besides the private network. This means they are protected from outside attacks. The primary function of the NAT is to provide them with access to the internet, while masking them with one of its IP addresses before delivering the request to external network. This way the NAT provides one way access to internet, meaning the host in the private network can connect directly to other hosts, but the hosts outside the private network cannot connect this host.
Practically 4 basic types of address translation exist, but 2 of them are mostly used – static NAT and dynamic NAT.
The static NAT means that on the router are configured certain amount of IP addresses which respond to another amount of IP addresses, used in the private network, thus between the private and external network exists certain connection.
Example:Internal address - External address

192.168.1.1 - 193.65.76.1

192.168.1.2 - 193.65.76.2..

192.168.2.1 - 193.76.77.1

Dynamic NAT means that on the router are configured certain amount of IP addresses which are taken for usage for external addresses in a need, thus in the private network there can be big amount of active connections to the external, but the addresses of the external network can be more than those active connections.
Example:Internal address – External address

192.168.1.17 - 193.65.76.2

192.168.1.22 - 193.65.76.3

192.168.1.29 - 193.65.76.4..

References:
http://en.wikipedia.org/wiki/Network_address_translationvv

Posted by at No comments:

Firewall

Firewall is specialized software, hardware or sometimes the combination of them. The Firewall checks the network traffic going through it according to some specified rules or criteria and either denies or provides access to certain traffics. The main usage of the firewalls is to prevent from unauthorized access.
An example of firewall is the block diagram in fig.1. In this block diagram there is private network consisting of 2 servers and a client and an external client connected through the internet. For an example if in the private network there is FTP server, the Firewall could be configured to deny access to the external client who is trying to download file.

Figure 1
Firewalls are working on the different layers of the OSI model and they cover all 7 layers. Mostly the firewalls work on the network and transport layer, where they explore the packet datagram of TCP/IP protocols and make decisions regarding the IP address of the sender or the destination, the port number of which the packet is received or will be sent to, or any other combination of those parameters. The firewalls working on the application layer take care of issues like spam, computer viruses and Trojans looking for them in the packet’s relation to information.
More deeply there are several type classifications of the firewalls depending on where the communication is taking place and the state that is being traced for taking action against it. They are Network layer and packet filters, Application-layer, Proxies and Network address translation (NAT).
The Network layer firewall or also called packet filters operate at very low level of the TCP/IP stack, and their aim is to block the passing of packets, which do not match the rules set by the administrator, through the firewall.
There are 2 sub-categories of the network layer firewalls – stateful and stateless. The stateful firewalls focus on the active sessions which provide speed at the packet processing. The existing network connections can be described by several properties – source and destination IP address, UDP or TCP ports, and the current stage of the connection lifetime (session initiation, handshaking, data transfer or complete connection). If a packet does not match an existing connection, it will be redirected for new connection and if it does, it will be allowed to pass without further processing.
The stateless firewalls are faster for simple filters and they require less memory. They also may take part at filtering stateless network protocols that have no concept of a session. Their main disadvantage is that they can’t make more complex decisions on what stage communications between hosts have reached.
The application layer firewalls work on the application level of the TCP/IP stack. They provide security in delivering packets of applications such as FTP and Telnet servers and block the not related packets (usually dropping them without acknowledgement to the sender). Application firewalls also inspect all packets for containing improper content like computer worms and Trojans.
In general the application firewalls prevent the protected machines from unwanted outside traffic.
The Proxies sometimes are used as firewall and upon that usage they are responsible for responding to connection requests like an application, while blocking packets from other unwished connections. The proxy effectively hides the true IP address of the user.
Network Address Translation (NAT) is the process in which the information in the IP’s datagram header is rewritten by a router or firewall. In this way many hosts of a private network can reach the internet while using one and the same IP address. NAT is used for hiding IP addresses of private networks.

Note: The diagram is hard to read due to some issues with the blogspot.com. If the reader has difficulties please contact on westside_gesh@abv.bg for recieving the jpeg file.
Posted by at No comments:

Task: Install Debian in a virtual machine

A Debian image file has been downloaded and installed in VBox.
Task done.
It's going to be used for the servers in the system.

http://www.debian.org/distrib/
Posted by at 2 comments:

PFsense routing Installation and setup

Pfsense 

The installation of Pfsense did take som time but is up and running now.
This is the ip of the WAN and LAN


For more info to install PFsense look at : http://doc.pfsense.org/index.php/Installing_pfSense
Posted by at No comments:

Proxy

One of the tasks was to do research on Proxy servers.

It's a computer that sits between a client and a server to intercept requests.

There are several uses of a proxy server, but the most common is to speed network traffic by caching pages or files that are requested often. By doing so, the proxy server can deliver the request quickly, only polling the server when required. In this way, a proxy server not only speeds up network traffic, but also relieves server load.

Filtering or censorship is another use for a proxy server. A company that provides Internet connectivity to its emloyees might configure a proxy server to block requests for certain websites.

Implementing a proxy server into the system is taken in consideration and depends on time and resources. Info will be given at a later point in the project.

Full info
-> http://en.wikipedia.org/wiki/Proxy_server

List of worldwide proxy servers
-> http://www.publicproxyservers.com/proxy/list1.html

Posted by at 2 comments:

How to setup Secure Webserver HTTPS (SSL) on Apache in Ubuntu


  • what we need?
  1. apache(webserver)


  1. openssl






step 1:create a self-signed certificate

you need to create a self-signed certificate with openssl. to do that you will need to generate the server key.
openssl genrsa -des3 -out server -sec.key 4096
...and certificate signing request(csr)
openssl req -new-key server -sec.key -out server.csr
after that,generate the server certificate by signing it with the server key.
openssl X509 -req-days 365 -in server .csr-signkey server-sec.key-out server.crt
keep the server-sec.key in the secure location,with read/write permission assigned only to root.The generate a password-less copy of the key for Apache use.
openssl rsa -in server-sec.key -out server.key
By this time,you should have:
  • server.key(passwordless key for Apache)
  • server .csr(certificates signing request)
  • server.crt(certificate)
  • server -sec.key (server key)

step2:enable SSL config in Apache

in this step.you must enable SSL website in Apache by creating a symlink of 'default-ssl'.

1n -s/etc/apache2/sites -available/default -ssl/etc/apache2/sites-enabled/100-default-ssl

The edit/etc/apache2/sites-available/default -ssl file using your favorite text editors(i prefer nano!)and change the config from something this:

serveradmin webmaster@localhost

servername localhost

documentroot/var/www-ssl/html/

...

...

Then in the same default-ssl file,find a line that begins with "SSLEngine on"and add the following lines

SSLEngine on

..

..

#SSLCertificatefile/etc/ssl/certs/ssl-certs-snakeoil.pem

#SSLCertificatekeyfile/etc/ssl/certs/ssl-cert-snakeoil.key

SSLCertificateFile/etc/apache2/ssl/server.crt

SSLCertificatekeyFile/etc/apache2/ssl/server.key

step3:copying certificates and activating SSL.

Ensure that the config file has been saved.Then as root,create /etc/apache2/ssl/directory,then copy the certificate and server key generated from step 1 to /etc/apache2/ssl/directory.
mkdir/etc/apache2/ssl
cp server.key/etc/apache2/ssl
cp server.crt/etc/apache2/ssl
After that ,enable SSL module by typing
a2enmad ssl
Finally ,restart apache2 by typing(as root,sudo):
/etc/init.d/apache2 restart

result :a secure HTTP connection










Posted by at 1 comment:
Subscribe to: Posts (Atom)