User talk:Adiolord

UNIX SECURITY FINAL EXAM STEPS

Install NetBSD

Setup NIC: #vi /etc/rc.conf sshd=YES defaultroute=”10.100.1.254” ifconfig_pcn0=”10.100.1.5 netmask 255.255.255.0” (5 is row number) ipfilter=YES ipnat=YES ipmon=YES Ipmon_flags=”-D /var/log/ipmon”


 * 1) /etc/rc.d/network restart
 * 2) /etc/rc.d/sshd start
 * 3) ntpdate time.nrc.ca

P&ssw0rd
 * 1) Useradd –m –G wheel carl
 * 2) Passwd carl

Get:	Lynx2.8.6 Gnupg-1.4.8 Nano Perl Squid c_rehash Root_certs.p7b Comp10032_gnupg Geekshed.net.pem Secretmessage.asc Install Nano and Perl
 * 1) mkdir /usr/local
 * 2) cd /usr/local
 * 3) ftp 10.100.1.150

Add: net.inet.ip.forwarding=1
 * 1) nano –w /etc/sysctl.conf


 * 1) /etc/rc.d/sysctl restart

nano -w /etc/ipf.conf

nano -w /etc/ipnat.conf

SETUP FIREWALL RULES
 * 1) nano -w /etc/ipf.conf

SET DEFAULT BLOCK:

Block in on pcn0 all Block out on pcn0 all

Pass out on pcn0 proto udp from any to 142.222.6.21 port = 53 keep state Pass out on pcn0 proto udp from any to 142.222.6.22 port = 53 keep state
 * 1) allow DNS

Pass out on pcn0 proto tcp from any to 10.100.1.150 keep state Pass in on pcn0 proto tcp from 10.100.1.150 to any keep state
 * 1) allow FTP
 * 1) special rule for ftp

Pass out on pcn0 proto tcp from any to csunix.mohawkcollege.ca port = ssh keep state Pass in on pcn0 proto tcp from any to any port = ssh keep state
 * 1) allow SSH to csunix

Pass out on pcn0 proto tcp from 10.100.1.5 to any port = 80 keep state Pass out on pcn0 proto tcp from 10.100.1.5 to any port = 443 keep state
 * 1) allow web traffic (10.100.1.5 = pcn0)


 * 1) /etc/rc.d/ipfilter restart


 * 1) /etc/rc.d/ipnat restart


 * 1) /etc/rc.d/ipmon restart

INSTALL SQUID (/usr/local/squid3.0-STABLE/INSTALL (instructions)
 * 1) Tar –xzvf squid-3.0-STABLE11.tar.gz
 * 2) Cd squid-3.0.STABLE11
 * 3) ./configure --prefix=/usr/local/squid && make all && make install


 * 1) cd /usr/local/squid/etc 	(all configs)

Ctrl-w http_port 3128 Line 875 add: http_port 10.100.1.5:3128 	(pcn0)
 * 1) nano –w squid.conf

ctrl-w TAG: acl UNDER CONNECT method CONNECT Line 604

acl myclients src 10.100.1.0/24 acl blockmsn dstdomain .msn.com 	(make sure space after dstdomain) acl ads url_regex "/usr/local/squid/etc/ads.txt"

ctrl-w http_access UNDER INSERT YOUR OWN RULES HERE

http_access deny blockmsn deny_info error_mesg.html ads http_access deny ads http_access allow myclients

Add at top under first comments add: visible_hostname router.row6.csait.ca


 * 1) chown nobody /usr/local/squid/var
 * 2) chown nobody /usr/local/squid/var/logs
 * 3) /usr/local/squid/sbin/squid -z

.*show_ads.js .*googlesyndication.*
 * 1) Nano /usr/local/squid/etc/ads.txt

website blocked
 * 1) mkdir /usr/local/squid/etc/errors/
 * 2) nano –w error_mesg.html


 * 1) /usr/local/squid/sbin/squid	(to start if not running -> #ps auxwww|grep squid  :should show nobody user)
 * 2) /usr/local/squid/sbin/squid –k reconfigure 	(to re-read squid.conf)

Get Lynx


 * 1) ./configure --with-ssl
 * 2) make && make install

(Tell lynx to use our proxy) Ctrl-w http_proxy:https Change to http_proxy:http://10.100.1.5:3128/ http_proxy:https://10.100.1.5:3128/
 * 1) Nano –w /usr/local/etc/lynx.cfg

Certificates Cp comp10032…. To /root Untar in /root Cd /usr/local openssl pkcs7 -inform DER -outform PEM -in root_certs.p7b -out /etc/openssl/cert.pem -print_certs –text
 * 1) cd /usr/local
 * 1) cp geekshed.net.pem /etc/openssl/certs


 * 1) gpg --decrypt secretmessage.asc > exam.txt

Please select what kind of key you want: 1 What keysize do you want? 2048           Key is valid for? 0           Is this correct? Y           Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
 * 1) gpg --gen-key
 * 1) gpg --encrypt --sign --armor -r allan.jude@mohawkcollege.ca < msg.txt > encrypted.txt

Adiolord (talk) 15:58, 12 April 2010 (UTC)