LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Suggestions for a pc networking term project, please. (https://www.linuxquestions.org/questions/linux-networking-3/suggestions-for-a-pc-networking-term-project-please-907876/)

bashFUL 10-12-2011 10:41 PM
Suggestions for a pc networking term project, please.
 
Hey guys. I am finishing up my bachelors degree in computer networking and for my last year I have to work on a project related to my major. I am allowed to make something up, which I have already done and started on.

Currently I decided to build a basic network to simulate a real world situation which I could then be the "administrator" of. I have configured a Debian Linux gateway and firewall (with iptables) as well as DHCP for my internal network. I have also configured things like DNS, email and webserver. These things are all pretty general and basic; and I am realizing that I lack a bit of specific focus for this whole thing. The good part is that I am re-learning how to do basic things and putting to use a lot that I have learned about networking over the years. The bad part is that its only been a few weeks and I will run out of things to do long before the end of this year-long course.

What I am asking you guys for are some suggestions for what else I could do for this... perhaps something more technical and focused on network security or something...

I am having trouble thinking of stuff, so any input will be of use to me. I need to try to do something that can benefit me in the field.

Thanks!

jschiwal 10-13-2011 12:01 AM
You could look at implementing one of the security models for securing NFS shares. Using the default UID based authentication won't protect against someone with LAN access plugging in with an arbitrary UID, and accessing their shares.

Look at using LDAP based authentication for workstations, which default to strict PolicyKit rules before authentication. More flexible rules associated with an account can be employed after authentication.

Implement selinux or AppArmor, or one of the other models.

Implement auditing and central logging.

Make sure the servers are hardened with minimal software and services installed. Document what you do.

Don't forget about backup and recovery procedures. Document and test it.

---

Maybe I gave you more than a year's worth of ideas!

bashFUL 10-13-2011 07:02 AM
jschiwal, those ideas are perfect! Thanks!!


All times are GMT -5. The time now is 05:55 PM.