Prepare two virtual machines, one with Windows 10 Home and another with Windows Server 2016. You can download them from Microsoft, (Windows 10 and Windows Server). Make sure both VM have...

Prepare two virtual machines, one with Windows 10 Home and another with Windows Server
2016. You can download them from Microsoft, (Windows 10 and Windows Server). Make sure
oth VM have interfaces in internal mode and with manual IP addresses of the same network.
Execute wf.msc in both. Then, reply to the questions below:
1. What is the default policy for inbound connections that do not match a rule? Would you
say this is strict or loose from a security point of view?
2. What is the local port for the “World Wide Wide” inbound rule in Windows Server? What
server is mentioned in the description?
3. Set the “Action” to “Block the connection”. What happens when opening a
owser in
Windows 10 to access the server’s IP address? Do you get any message?
4. Now, disable the rule and try again from the
owser in Windows 10. What is the
ehavior? Why?
5. Open “\\IP_of_client” from the server. You will not be allowed because the firewall on
Windows 10 has all File and Printer Sharing rules disable. Make this work by enabling
the right rule. Explain what rule did you chose and why. What is the profile for this rule?
6. Modify the rule so that only the server is allowed to access the shared resources. What tab
did you use? What information did you provide?
7. Where in the Windows Server is located the firewall log file? What is its maximum size?
What would happen if this size is reached?
8. Change the firewall’s configuration in the server so that the firewall will log dropped
packets for all three domains (private, public and domain). What options did you click
on? What tabs? Explain.
9. Add a new rule to block all inbound traffic to the port 80 and try the server’s IP from a
owser in the client. Looking at the information available in the server’s firewall log,
determine how would you know the communication failed and what systems were
communicating.
10. What would happen with the log file if you enabled logging for successful
communications? Explain a situation in which that could be useful.


Objective: configuring pfsense
Prepare the network as per the design below:
You will need to create a new virtual machine for pfSense. The client and server are already
available to import from the file pfSense_lab.ova. The password for both the user herzing and
oot is Herzing2021.
Please make sure the first interface in the firewall is set as
idged, the second as internal
(network name: intranet) and the third internal as well (network name: dmz). Once the pfSense
ISO file is linked to the optical drive, the installer will be launched. You can chose a BIOS
installation; then, answer “n” when asked about VLANs. Finally, pfSense must be initially set up
using the non-graphical menu options 1 (assign interfaces) and 2 (assign IP addresses).
After the initial set up, you can continue the configuration from the client. Open the URL
http:
XXXXXXXXXXin the
owser. The default credentials are admin / pfsense.
http:
XXXXXXXXXX
Please note most changes in the firewall require clicking on “Save” and/or on “Apply changes”.
This will not be specified on the tasks but it must be done anyway.
Perform the tasks and respond to the questions below:
1. What is the default domain and primary DNS server? Set the domain to herzing.lab and
the DNS servers to XXXXXXXXXXprimary) and XXXXXXXXXXsecondary). Do not
allow the configuration to be ove
idden by disabling the checkbox.
2. You can leave the WAN interface in DHCP mode, but make sure you are aware of the IP
assigned by your home router or device that is assigning IP addresses in your host’s
network. Disable the check “Block RFC1918 Private Networks”, for you will need to test
the firewall from your host machine, which has a private IP address. In a real case
scenario, you would not disable this option for security reasons. What is the use of the
“Block bogon networks” option that is checked at the bottom?
3. Set the password to the one used for root and herzing user. Reusing the password would
not be recommended in a real scenario. Why? What other security measure regarding the
password would you recommend?
4. Once finished, the system information is shown. What are the full system name and the
user? What kind of digits compose the Netgate Device ID?
5. Click on the menu and go to Firewall → Rules. Explain the existing rules on the WAN
interface.
6. Also, explain the existing rules on the LAN interface.
7. Why is it necessary to have two “Add” buttons? What is the difference?
8. What interfaces might a floating rule apply to?
9. On the menu, go to Firewall → Aliases. Create one to reference the server “zeus” as
“webserver”. What information did you provide?
10. Create a new alias named “webports” that include both ports TCP 80 and 443. Describe
the provided information. What category was the alias put on?
11. Now add a firewall rule to allow the communication from the internal network to “zeus”
on port TCP 25. Use some of the alias you created. What source did you specify? What
destination? What did you chose from the port range list? Why?
12. Copy the previous rule but changing the port to 80 and 443. Use the co
esponding alias.
How did you copy it? What position did the new rule take (top or below another rule)?
What did you use as Destination Port Range?
13. Just after this two rules, add another one to block all traffic from the internal network to
any host in the DMZ on any port. What information did you provide in the first, second
and third sections?
14. What would happen if the three rules were in different order (block first and allow
second)?
15. You can make sure the port 25 rule is working by executing “telnet XXXXXXXXXX” from a
shell in the client. After a while, you should get a response from Exim, the mail server. If
the rule didn’t work, you would simply wait a long time after “Trying XXXXXXXXXX…” What
message did you get from Exim? You can type “quit” and press ENTER to get the shell
prompt again.
16. Try executing “telnet XXXXXXXXXX” from a shell in the client. Leave it trying.
Meanwhile, on the firewall dashboard go to Status → System Logs → Firewall. Is there
any information regarding port 8080 at the bottom of the normal view? What kind of
traffic is being blocked? What are the three last numbers of the rule?
17. Go to Firewall → Rules and, in the LAN tab, activate the logging for the rule you created
to block all traffic to the DMZ by editing the rule and scrolling to the “Extra Options”
section. Try again “telnet XXXXXXXXXX” from a shell and check now the firewall log.
What type of rule and number is available regarding port 8080? What the buttons “-” and
“+” are for?
18. You probably have seen blocked DNS traffic. To allow it, create a single rule that applies
to both the DMZ and internal network for outbound traffic on port UDP 53. What kind or
ule did you create? Describe the information provided for Interface, Direction, Protocol,
Source, Destination and Port Range.
19. Maintenance of a firewall is paramount. What menu and option would allow you to check
if the system is updated?
20. What menu entry would you use to backup the firewall? What format the output file is
in? Could you restore only some areas, for instance the firewall rules?