8.1 Assesment - JadenGil/Jaden-Tech-Journal GitHub Wiki
I started the assessment off by powering off any active machines. I did this so that there was no interference while setting up the new machines. Even if this wasn't entirely necessary it helped me keep track of all of the machines as they powered on allowing me to more easily discover problems during setup.
The first thing to do of course was setup edge01 and before booting it up I made sure to set the interfaces up with the proper cables:
I then entered "configuration" mode and typed set system host-name edge01-yourname
before messing with the host setting up the NAT source rules and such I made sure to just set the IP addresses, gateways, and DNS and took a snapshot so I could go back to this simple state at any time. I also made sure that edge01 could ping google.com with no issues and It did so with ease.
I then made my first NAT source rule for DMZ to WAN:
After I made source rules for DMZ and LAN for WAN I took another snapshot to ensure that everything kept working properly and so I could just fully reset if anything went wrong.
changed the hostname on nginx with the command sudo hostname newhostname
NGINX Setup:
Set IP address on nginx:
created a new user and gave them sudo privileges:
Changed the password for champuser:
To install nginx use the following:
sudo apt update
sudo apt install nginx
sudo systemctl enable nginx
sudo systemctl start nginx
sudo rm /var/www/html/index.nginx-debian.html
echo "Hostname: $(hostname)" | sudo tee /var/www/html/index.html
Deliverable 1:
Before powering on traveler I made sure it was connected to WAN
I then added the IP address and it worked flawlessly:
Added a administrative user:
Deliverable 2:
You can delete web01 from Wazuh using: curl -X DELETE "https://your-wazuh-manager-address:55000/agents/agentID" -H "Authorization: Bearer YourAuthToken"
Installed wazuh on NGINX using the following command:
User + Pass:
This is the same command used in the previous wazuh lab
Deliverable 3:
Deliverable 4:
When sshing into nginx from mgmt it for some reason presented me with this error. From what I researched it's because only some of the VMs were reset and because web01 used to have nginx's IP address which confused MGMT01 but this was easily solved by logging into root using sudo su I did try and use the ssh-keygen trick that the error message mentioned but this didn't work but it effected very little so it's just a minor inconvenience:
Deliverable 5:
nginx was in fact able to curl champlain.edu but because of difficulties getting DMZ-to-WAN to function properly I was unable to get the message to appear on VYoS. I did try but it wouldn't work. I'll be trouble shooting this later on but this meets most of the deliverable requirements and shows nginx curling chaplain.edu
All of the steps for setting up DHCP01 are the same as setting up NGINX at first just make sure to apply relevant DHCP01 info instead of NGINX
MAKE SURE to put in sudo netplan apply after doing this
DHCP REAL SETUP TIME
Setting up DHCP was a bit tough since it had been a bit since I had worked with it but I was able to make it work.
To install dhcp these are the commands you MUST follow:
sudo apt-get update
sudo apt-get install isc-dhcp-server
sudo nano /etc/dhcp/dhcpd.conf
After it's installed it's time to set your dhcpd.conf file.
This is what my `/etc/dhcp/dhcpd.conf file looks like:
Proof that it works:
You also wanna set this file sudo nano /etc/default/isc-dhcp-server with this INTERFACESv4="eth0"
Then in sudo nano /etc/sysctl.conf uncomment the following:
and finally run sudo sysctl -p and restart isc-dhcp-server
Deliverable 6:
Deliverable 7:
Deliverable 8:
Sadly was unable to get it to SSH into jump