This is a blog mostly about techie things, what I am doing to my apartment network on the cheap, IOT, 3D Printing, Raspberry Pis, Arduinos, ESP32, ESP8266, Home Automation, Personal Weather Stations, Things That Go Bump in the Night, and some side issues that need discussing. Remember, sometimes the journey to an end is as much fun as the goal achieved!
Saturday, April 26, 2014
Project #8 - Update the Network for Security
After taking some classes in CEH, I have decided that I need to really look at my network and make sure that security is taken care of.
Wednesday, April 23, 2014
Deciding on some alterations to the virtual basis for the network
I just finished taking some online classes for the Certified Ethical Hacker certification. Now I need to study my butt off in preparation for actually taking the test.
After I succeeded in setting up a pen testing lab to use for the class, it became obvious that I needed to change some things about the layout of my network. I currently do not have any way of isolating the Mac Mini from the VLAN implementations that are being used in VMWare Fusion. In other words, I am now realizing that I need to isolate the VLANs to the Fusion network and to not allow access via the Mac Mini. This really doesn't make a lot of sense except that I am trying to protect the Mac Mini from what I do on the other VLANs. My problem is how to go about doing this. I should be able via firewall settings to perform the isolation. The problem is that Apple doesn't like to give up control of things like the firewall (my supposition since they keep changing the firewall mechanism they use without documenting the same). I currently have a couple of tools which have not been used until now: IceFloor and fwbuilder. Both of these tools are highly rated and address some of the shortcomings on using the Apple Mac Mini for my intended purpose.
I am currently running Mavericks on the Mac Mini (10.9.2). Everything, including the Mavericks Server is up to date.
After I succeeded in setting up a pen testing lab to use for the class, it became obvious that I needed to change some things about the layout of my network. I currently do not have any way of isolating the Mac Mini from the VLAN implementations that are being used in VMWare Fusion. In other words, I am now realizing that I need to isolate the VLANs to the Fusion network and to not allow access via the Mac Mini. This really doesn't make a lot of sense except that I am trying to protect the Mac Mini from what I do on the other VLANs. My problem is how to go about doing this. I should be able via firewall settings to perform the isolation. The problem is that Apple doesn't like to give up control of things like the firewall (my supposition since they keep changing the firewall mechanism they use without documenting the same). I currently have a couple of tools which have not been used until now: IceFloor and fwbuilder. Both of these tools are highly rated and address some of the shortcomings on using the Apple Mac Mini for my intended purpose.
I am currently running Mavericks on the Mac Mini (10.9.2). Everything, including the Mavericks Server is up to date.
Subscribe to:
Comments (Atom)