Lab 1 || Routing and DMZ - Michaelfoop/SEC-350-01 GitHub Wiki
rsyslog
Syslog is a way for computers, routers, and firewalls to send event messages, or logs, to a central location. In this lab, we use it to send a test message from the web01 vm to the log01 vm
-
If not installed already, it can be installed with sudo yum install rsyslog or dnf install rsyslog
-
I added the port 514 to the log01 firewall so that it may recieve messages from web01 without it being blocked. I then went into /etc/rsyslog.conf to uncomment 4 lines of code so that it may work, and tested it by using the command sudo ss -lntup | grep 514
-
In web01, I made a file called /etc/rsyslog.d/sec350.conf and added the line user.notice @172.16.50.5, as to tell my vm where im sending a message to. I then restart the rsyslog service and use logger -t test TEST to send it
VYOS
Our firewall uses vyos, which is a fully functional but console based network appliance and it is a favorite among networking and security professionals
We centered mainly around the commands configure, commit, and save. configure mode allows for changes to be made to the running configuration. commit applies these changed to the running configuration, but the changed persist after reload only if save is used as well
| Other Commands | |
|---|---|
| show interfaces | showed the interfaces that were on my fw vm |
| set/delete interfaces ethernet eth(x) address [IPADDRESS/NETMASK] | Either adding or removing an address to a specific interface |
| set/delete interfaces ethernet eth(x) description [x] | sets the description |