This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

PFSense Configuration

This essay is written by:

Louis PHD Verified writer

Finished papers: 5822

4.75

Proficient in:

Psychology, English, Economics, Sociology, Management, and Nursing

You can get writing help to write an essay on these topics
100% plagiarism-free

Hire This Writer

PFSense Configuration

 

 

 

[Students Name]

[Instructors Name]

_/04/2020.

 

 

 

 

 

 

 

 

 

 

 

 

 

PFSense Configuration

The pfsense firewall is networked with Kali Linux VM. Its main objective is to harden the Linux machine by monitoring, controlling, and managing port accessibility for all incoming as well as outgoing traffic from Kali Linux. Pfsense will be accessed using is web-configurator, which is preconfigured to be accessible from Kali’s internal browser by using its IP address. We will be using the web-configurator to run a number of configurations and tests on the Kali Linux VM platform.

  1. Kali Port Scan

For the port scan, we will be using Kali’s internal NMAP software application to identify all possible closed or open ports on the pfsense VM, which is currently running under the IP address of 192.168.55.6. To run the scan, open NMAP and type the command “Nmap 192.168.55.6 -A.” This will scan all the ports of the VM, indicating their current status as well.

 

 

The scan found the following ports;

  • Open port 80/TCP – this is an open port which is typically associated with the HTTP protocol, it allows other VM to access pfsense from the outside world.
  • Open port 53/TCP – this port is commonly used for zone transfers. Most commonly in maintaining coherence between the server and the DNS database.
  • Open port 443/TCP – this open port works together with the port 80 also open to allow traffic. However, it is responsible for providing SSL certificates.
  • Open port 123/UDP – provides for the transfer of datagrams between the pfsense VM to the Kali Browser, which is running on another VM.
  • Open port 143/UDP – serves a similar purpose as the port 123. Using the datagram communication protocol for use in the transport, internet network, and session layers.

 

  1. Updating PFSense

Updating the firewall requires the user to head to the system settings. This can be done by clicking on the system, then update. The firewall will retrieve the system’s current status, and if there is an available update, it will be displayed.

  • HTTPS to port 8443

For port forwarding, the settings for this are under the NAT rules settings. This is found under firewall, select NAT, and this should open up the port forward tab. Click on add a new setting.

 

 

  1. Adding traffic Graph to Dashboard

To add the traffic graph to the dashboard, click on the + sign on the dashboard. This will display all possible configurations which can be included on the dashboard, select the traffic graph to include it.

  1. World of Warcraft Port Disable

To disable the world of warcraft port, we will handle the same configurations under the firewall rules as above. However, for this section, it is recommended to use the floating rules located under rules in the firewall. Floating rules are more usable for this instance, for they help in filtering the network traffic, which is identified to be directed to Kali Linux. Click add to include an additional floating rule. To disable the world of warcraft port, we will block its current running port, which is 1119.

 

 

  1. Torrent Applications Port Disable

Disabling torrent applications and all of its inbound and outbound traffic will also require us to create an additional floating rule similar to the one we just did for the world of warcraft. The main difference among the two configurations would be the port being blocked. For torrent applications, they typically run under the ports 443 and 80, which were identified to be currently running open with the Nmap scan, which we did on the firewall. For this, let’s add new rules;

 

 

  • Disabling inbound ICMP Protocol

Disabling the inbound ICMP protocol will also be achieved under the firewall rules; however, for this, we will have to configure the WAN rules. Once you click to add a new set of rules, under the protocol which we wish to block, select the ICMP protocol.

 

  • Disabling a social media website and all of its domains

Most social media websites have a vast number of domains depending on an individual’s current location. This is mostly done in adhering to certain regions’ regulations or policies or maybe because the social media platform is currently using a different server in that particular region. However, one thing that will always remain the same for all regions is the current API, which social media is using. In this test, we will disable twitter and all of its domains by blocking its API from having any access or communication with our firewall.

Twitter API typically runs under the standard port 80, standard web service ports, for the non-secure traffic, and for the secure traffic, it runs under port 443. Since we blocked port 80 while disabling any torrent-based traffic, we will be blocking port 443.

 

  1. Enabling domains for Livestream.

To enable all domains of Livestream, we will be required to create a new outbound rule on port 443/TCP. This is the port that is used to authenticate all built-in video streaming providers such as Livestream and YouTube. Under firewall rules, click on NAT and select outbound from the above tab list. Click on add, and ensure you do not select the option “Do not NAT” for its wall disable all NAT traffic for this port.

 

 

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask