Note: Additional files can be collected from the Blackbox environment and local file system.
(Guessed on how to solve #9; not sure if accurate)
Mission 9 (5 pts). What source IP address is assigned to a host transitioning the Internet? Include firewall rule analysis and a packet capture.
- Click on “Click to Launch” to go to the file directory window
- Double click on “10. View Firewall Configurations (WIZARD)”
- Select “Corporate Network” in the popup box and click “Ok”
- The Firewall Builder program will open and display two rules for review.
- Left click on the first line and then click the “Inspect” button to review the rule
- We want to scroll through the rules and see if we see anything relating to “NAT”. Network devices use “NAT” to help translate internal IP addresses to a single external IP address that the Internet sees. Below we can see the IPtables rules that supports this “NAT” translation.
- Based on the two rules above, the network device will try to route the internal IP address to an external IP address of 73.9.9.2 on the eth0 network interface. If another network interface is used, the external IP address of 73.9.9.15 should be used.
- Click “Close” and close the Firewall Builder tool
- Ensure WireShark is closed
- Double click on “8. Host Tap Assignment (WIZARD)”
- Click “Ok” to the informational popup box
- Click “Internet” and click “Ok”
- Click “Ok” to the informational popup box
- In WireShark, we can see network traffic going from 73.9.9.2 to 73.9.7.10 to finish the answer needed for Mission 9
No comments:
Post a Comment