Reference no: EM133110446
Part 1: Create user accounts to be used for testing
1. Start up your Ubuntu Server VM from last week.
2. Open your Windows command prompt on your local machine and login to your Ubuntu server with the command:
3. Create a new user account:
a. Use the command: adduser username
i. For the username, use the syntax: yourname_lab4 (example: mine would be: kris_lab4)
ii. Follow the prompts as given
b. Create a second account using the same syntax: yourname_lab4_2
i. Follow the prompts as given
4. Take a screenshot showing the new accountsthat are created.
Paste screenshot here
Part 2: Configure SSH
1. Create a backup copy of your ssh config file
a. sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
b. sudo chmod a-w /etc/ssh/sshd_config.backup
2. Include a screenshot of your SSH directory by running the command: ls -l /etc/ssh
Paste screenshot here
3. Open your SSH config file
a. sudo nano /etc/ssh/sshd_config
4. Deny SSH access to the account:yourname_lab4
a. Add the line: DenyUsers yourname_lab4
5. Close the document using the key commands ctrl + X and save the config
6. Restart the ssh service
a. sudo systemctl restart ssh or sudo service sshd restart
7. On your Windows machine, open a second command prompt (do not close the one you are using!)
8. Try to connect using your yourname_lab4 account
a. ssh yourname_lab4@ubuntuserverip
b. Did this work? Why or why not?
9. Try to connect using your yourname_lab4_2 account
a. ssh yourname_lab4_2@ubuntuserverip
b. Did this work? Why or why not?
10. Close the SSH terminal with the yourname_lab4and yourname_lab4_2 connections.
11. Open the sshd_config file
a. sudo nano /etc/ssh/sshd_config
12. Find the line that says "Port 22" and change that number to "2222"
13. Restart the ssh service
a. sudo systemctl restart ssh
14. Download Zenmap on to your Windows machine
15. Use Zenmap to scan your Ubuntu server
a. Include a screenshot of the discovered ports.
Paste screenshot here
b. What port did Zenmap identify with SSH? Why?
c. Did you lose connection to your SSH session? Why or why not?
16. Restart the SSH shell if needed
a. ssh username@ubuntuserverip
17. Open the sshd_config file
a. sudo nano /etc/ssh/sshd_config
18. Find the line that indicates log level and change it to:
a. LogLevel VERBOSE or (#LogLevel INFO; remove the comment)
b. Close the log file using ctrl + x
19. Restart the ssh service
a. sudo systemctl restart ssh
20. Search for SSH activity in your log file:
a. grep ‘sshd' /var/log/auth.log or /var/log/secure
b. Include a screenshot of your log file results
Paste screenshot here
21. Create a banner message for your SSH service
a. sudo nano /etc/ssh/ssh_banner.net
b. In the text editor enter the following information:
i. Your Name:
ii. Your student number:
iii. The course number:
iv. Today's date
c. Close the text editor with Ctrl +X
22. Add the banner message to the SSH config file
a. sudo nano /etc/ssh/sshd_config
b. Find the line that says "Banner" and add the following information:
i. Banner /etc/ssh/ssh_banner.net
ii. Example:
c. Close the text editor using CTRL + X
d. Restart the SSH service
i. sudo systemctl restart ssh
23. Log out of the SSH terminal session completely
24. Log back in
a. ssh username@ubuntuserverip
b. Take a screenshot of the banner message that appears
Paste Screenshot here
Part 3: Firewall Configurations
1. Create a rule using ufw to allow traffic through port 22
a. sudo ufw allow 22
b. Why are we doing this before ufw is enabled?
2. Enable ufw
a. sudo ufw enable
b. Did you lose connectivity to your SSH terminal? Why or why not?
3. Enable Rate Limiting using UFW for port 22
a. sudo ufw limit 22
b. What benefit does rate limiting provide?
4. View your current ufw firewall rules:
a. sudo ufw status
b. Take a screenshot showing the current rules
Paste Screenshot here
5. Adjust your firewall's logging from low to medium
a. ufw logging medium
6. Read your firewall's logging messages
a. cat /var/log/ufw.log
b. Take a screenshot of the log messages
Paste screenshot here
Part 4: Install Antivirus
1. Install the ClamAV antivirus
a. apt-get install clamav clamav-daemon
2. Update your ClamAV database
a. sudo systemctl stop clamav-freshclam
b. sudo freshclam
c. systemctl start clamav-freshclam
d. systemctl enable clamav-freshclam
3. Perform an infected scan on your own user's home directory
a. clamscan /home/username
b. Take a screenshot of the results
Paste screenshot here
Part 5: (OPTIONAL!)
1. Implement 2FA for the second account we created: yourname_lab4_2
2. Follow the steps:
3. Make the necessary configuration changes to the /etc/pam.d/sshd and /etc/ssh/sshd_config files
a. Take a screenshot of the changes made to the sshd_config file
Paste Bonus Screenshot here
4. Log in to the yourname_lab4_2 account and complete the pairing process
a. google-authenticator
b. Follow the prompts as indicated
5. Log out from the yourname_lab4_2session and log back in using SSH through command prompt
a. ssh yourname_lab4_2@ubuntuip
b. Take a screenshot showing that the session requested a verification code
Paste Bonus Screenshot here
Attachment:- Firewall Configurations.rar