This course was created with the
course builder. Create your online course today.
Start now
Create your course
with
Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Secure Networking - A Company Network Project on Open-Source
Fundamentals 1: Building up a GNS3 Virtual Lab
Course introduction (2:43)
How to create a custom VM in GNS with any Linux distro
Skip this section if...
Create custom VM in GNS, in case a Link does not work...
Skip this section if...
GNS3 VM & Server, templates for Linux nodes, pfSense, Cumulus & VBox Integration (26:14)
Fundamentals 2: Networking Basics
Network Topologies - Bus, Ring, Mesh and Hybrid (5:52)
Network Types - LAN, WLAN, WAN, SAN, MPLS and SDWAN (4:26)
OSI Network Model vs. TCP/IP Model (8:38)
Network Protocols and Services (8:04)
IP Addressing (10:17)
IP Subnetting (5:37)
Routing - ANDing, Default, Static, Dynamic Routes (10:17)
Switching - VLANs, STP, LAG and MLAG (12:28)
Network Architecture - 3 Tiers vs. Spine Leaf Design (4:15)
Fundamentals 3: Unix-like OS Basics
Part 1: 50 "must-know" shell commands working on any Unix-like OS since 70s (14:23)
50 years of Unix-like heritage: Research Unix, BSD, GNU, Linux and macOS (5:17)
Part 2: 50 "must-know" shell commands working on any Unix-like OS since 70s (10:36)
Part 3: 50 "must-know" shell commands working on any Unix-like OS since 70s (15:44)
Part 4: 50 "must-know" shell commands working on any Unix-like OS since 70s (9:24)
vi basics - a ubiquitous screen-oriented text editor on any Unix-like OS (13:21)
net-tools and/or iproute2 - Networking tools on any Unix-like OS (4:35)
Fundamentals 4: Packet Capture Analysis using TCPDump, Wireshark and TShark
Quick-tour of packet capture analysis (9:27)
Clarifying Wireshark vs. TShark vs. TermShark vs. TCPDump (27:30)
Why learning packet analysis? A use-case exposing RCE attack payload (7:37)
Installing Wireshark, Termshark, TShark and TCPDump on Kali Linux (3:16)
Installing Wireshark and TShark on MS Windows (6:27)
TCPDump use-cases: credentials, Cookies, headers, URL, remote packet capture (23:08)
Wireshark interafce walkthrough and possibilities (26:47)
Wireshark filters, syntax glossary, PCAP investigation, chaining, HTML rebuild (32:21)
TCP/IP Model revisited in Wireshark (13:07)
Packet analyses with PCAP visualization (17:27)
Capturing packets on GNS3 links using Wireshark (10:28)
Company Network Project Kickoff
Project requirements gathering and specifications document (5:20)
Project's basic shapes and colour codes in GNS3 (4:13)
Adding Open Source Switches (Cumulus Linux)
Important Note: Cumulus Linux Version Upgrade
Nvidia Cumulus Linux - An Open-Source Linux-based Switch (2:30)
Headquarters - Creating physical connectivity with spine-leaf design (5:19)
Headquarter - Adding Alpine Linux clients (6:03)
Headquarter - Layer 2 Configuration - Interfaces and VLANs - Part 1 (9:06)
Headquarter - Layer 2 Configuration - Interfaces and VLANs - Part 2 (7:17)
Headquarter - Spanning Tree Protocol (STP) on Cumulus Linux switches (7:41)
Headquarter - Creating virtual layer 3 interfaces for management VLAN (5:46)
Headquarter - Configuring Bond interfaces, LAG and MLAG in Cumulus Linux - P1 (10:25)
Headquarter - Configuring Bond interfaces, LAG and MLAG in Cumulus Linux - P2 (7:52)
Branch Office - Network Prepration in GNS3 (2:13)
Branch Office - Switches Trunk & Access ports, VLAN interfaces, Bonds & MLAG (14:34)
Adding 2 Firewall Clusters: Linux nftables (Keepalived VRRP) & pfSense HA (CARP)
READ ME FIRST
Headquarter - Create a custom VM for the openSUSE Linux Server cluster (5:34)
Headquarter - Change network adapters type to Paravirtualized Network I/O (1:24)
Headquarter - Creating bond interfaces on openSUSE Linux with LACP mode (15:19)
Headquarter - Troubleshooting inter-cluster Bond connectivity issues on Linux FW (10:58)
Headquarter - Configure MLAG on Cumulus switches for firewall cluster bond links (7:03)
Headquarter - Configure virtual VLAN interfaces on linux firewall cluster (13:16)
Headquarter - Disable IPv6 on the Linux firewalls (0:56)
Headquarter - Installing keepalived (VRRP) on both OpenSUSE Linux firewalls (4:14)
Headquarter - Configuring keepalived (VRRP) for OpenSUSE firewall HA cluster (12:35)
Introduction to netfilter framework - Part 1 (8:59)
Introduction to netfilter framework - Part 2 (6:38)
Headquarter - Change default policies of iptables chains to explicit drop (4:47)
Create IPTables service on openSUSE firewall cluster & TShooting the service (13:16)
Headquarter - Create iptables service on the slave firewall (2:20)
Headquarter - Providing internet to VLAN 20 using MASQUERADE NAT rules (12:12)
Headquarter - Configure Linux DHCP Server to assign each VLAN's own IP range (10:26)
Headquarter - Start creating Inter-VLAN iptables rules on OpenSUSE FW cluster (9:19)
Headquarter - Continue creating Inter-VLAN iptables policies on firewall cluster (12:32)
Headquarter - Creating iptables DNAT rules to publish web server from DMZ VLAN (7:00)
Headquarter - Restrict & log SSH Brute-force attacks with iptables RECENT module (6:54)
Headquarter - Visualize iptables rules with gressgraph (2:03)
Headquarter - nftables basics (9:07)
Headquarter - Transform iptables rules into nftables & create an nft service, P1 (9:28)
Headquarter - Transform iptables rules into nftables & create an nft service, P2 (4:33)
Headquarter - Restrict SSH Brute-force attacks for 5 minutes with Linux nftables (8:16)
Branch Office - Installing pfSense machines in GNS3 (4:10)
Branch Office - Reassigning the interfaces and start the initial pfSense config (5:19)
Branch Office - Configure pfSense interfaces, LAGG, VLAN interfaces and pfSync (11:06)
Branch Office - Setup pfSense High-Availibity & MLAG between Cumulus and pfSense (14:56)
Branch Office - Configure pfSense DHCP server for clients and management VLANs (5:12)
Branch Office - Create aliases in pfSense and add floating & VLAN firewall rules (12:31)
Branch Office - Create Inter-VLAN rules from Clients and Mgmt to DMZ on pfSense (5:36)
Branch Office - Setup UFW on Ubuntu Web server in DMZ & test inter-VLAN access (9:12)
Branch Office - DNAT or Reverse NAT for web server access in DMZ from internet (3:35)
Adding Open Source VPN technologies using Strongswan IPSec, OpenVPN & Wireguard
Setup Site to Site VPN between OpenSUSE Linux and pfSense using Strongswan - P1 (17:15)
Setup Site to Site VPN between OpenSUSE Linux and pfSense using Strongswan - P2 (11:32)
Troubleshooting Site to Site IPSec VPN between OpenSUSE Linux and pfSense (4:15)
Preparing OpenVPN server on pfSense - CA server, certificate & export plugin (5:39)
Setup OpenVPN remote access on pfSense & setup home-office Ubuntu OpenVPN client (17:00)
Setup WireGuard VPN between OpenSUSE firewall and Ubuntu as remote IoT client (15:28)
Adding Open Source Network Access Control (NAC) using PacketFence
How NAC works? EAP, EAPoL, RADIUS, dot1x - P2 (4:19)
How NAC works? EAP, EAPoL, RADIUS, dot1x - P1 (12:05)
Installing PacketFence NAC Server on a Debian Linux (10:51)
Initializing PacketFence Web Configurator (9:10)
Deplying Network Access Server (NAS) and FreeRADIUS with MAB Profiles (9:47)
Configure IEEE 802.1X, Parking & Dynamic VLAN assignment on Cumulus Linux Switch (11:16)
Adding Two-factor authentication (2FA) to SSH servers in management VLAN
Setting up 2FA for SSH server on Ubuntu jump hosts in management VLAN
How secure did we build this network? Let's pentest it!
Reconnaissance of headquarter network using NMAP (10:52)
Introduction to penetration testing for this project (6:08)
Implementing SSH brute force against headquarter using our NMAP findings (13:44)
ARP Poisoning attack to capture headquarter network traffic e.g. credentials (14:32)
DHCP starvation attack agains OpenSUSE DHCP server in headquarter (DOS attack) (8:19)
DHCP spoofing by Yersinia in headquarter to deviate the network gateway and DNS (8:27)
Capturing packets on GNS3 links using Wireshark
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock