Network Configuration and Security

FIT9137 Assignment 3 Specification Semester 1 2022
Network Configuration and Security
Introduction
For this assignment you will use the core network emulator to complete a series of tasks on an individual core configuration file that is generated for you. To download your individual core configuration file, open the subject’s rnoodle page then navigate to the Assessments section and follow the provided instructions for the Assignment 2. The downloaded ..imn file will be in zip format, please unzip the file to use it.
You must write a report to explain the changes you make and the configuration you add to achieve the goals of each task and your reasons for each change/configuration as well as the tests you perform to check the task is accomplished. Your submitted core file will be marked by running the configuration and testing that the tasks are completer:Rile report will serve as a reference and maybe checked during marking. However, if a test fails when running your submitted core file, you will receive no mark for that failed test (i.e. part of a task) regardless of your explanations in the report. If tasks are similar you only need to explain your reasons once, and then just report the changes you make to individual services on each node.
Network Structure
The provided network is comprised of -.: labelled Talos and Delos, a router named Internet playing the role of the Internet, and a global DNS server named clio. The internal subnets of Talos are labellectnternai, and the public servers of the Talos network are placed in a separate subnet named DMZ. The Internet facing router of the Talos organisation, R3, is also its network firewall. The Delos network is divided into two subnets, (i) a subnet for the organisation clients and private servers and (i) a subnet for its public servers. The public servers of Delos are named apollo, arternis, and demeter providing web, domain name, and mail services respectively.
DNS Setup
The core file is configured to resolve the domain names between the two organisationstalos . edu and deios . ed.. This is achieved through a global DNS server named ciio. The server only resolves the names for the two domains in the configuration ( talos .edu and delos . edu) by sending the request to the corresponding nameserver for each domain and send back the response to the requesting client. Each DNS server in aforernentioned networks must have access to UDP port 53 of the server clio as the organisation DNS servers resolve the names on behalf of their respective clients. You do not need to make any changes to DNS servers; this section only explains the DNS setup.
Important Notes
• It is recommended to use tcpdump if you wish to capture traffic and to observe whether the packets reach their intended destination when trying to accomplish the tasks. To use tcpdump, you can