Python – Security Analysis of Network Protocols – Report Writing Assessment Answer

By
Responsive Centered Red Button

Need Help with this Question or something similar to this? We got you! Just fill out the order form (follow the link below), and your paper will be assigned to an expert to help you ASAP.

Order Form

Python Network Protocols Report Writing Assessment Answer
Assignment Task:
Task 1:
Write a simple secure file transfer service in python (version  3). You will require to submit two python files, one for the server and one for the client, following the naming convention stated in the assignment specification.  The details of this task are as follows:
(a) The protocol must negotiate the authentication method and the security parameters.
(b) 
 The protocol can support server-only and mutual authentication.

(c)  The actual file transfer can be very simple.  For instance once the communication is protected then the client requests the files list and the server sends the list of files in its configured directory for this protocol. The client then requests a file by sending the filename back to the server.  The server will then responds with the file content and the client stores the file in a configured directory.
(d)  You must provide a security analysis of your protocol and a brief description of the logic of the protocol in the report.
(e)  To demonstrate the protocol you must prepare two Linux containers that can communicate through a virtual bridge and have IP addresses from the same range.  Or use a core network emulation with a single router with two interfaces each connected to one of the defined virtual bridges. In either case Wireshark can be used to capture the traffic.
Note:
(a)  For all the cryptographic primitives use the
cryptography
module of python
 If a cryptographic primitive is not supported by the installed openssl version on the VM you can use an alternative primitive that achieves the same goal.
(b)  Your choices of authentication method, key exchange, and symmetric encryption methods will affect your grade in this task.
(c)  The authentication method does not rely on external services (for simplicity).
(d)  You can use configuration files for both client and server to feed any required information for the server and client such as security parameters etc.  Python provides easy to use and powerful functions for reading and parsing files or strings. Few examples are:

 YAML where the content can be read directly to python data structures.

 Simplified INI file where options are specified as keyword=value  one per line for which you can use the
split()
function to separate the keyword from the value.  Similarly you can use keyword value with one option per line (space as separator as well as any other character that will not appear as part of the keywords or values).

 For simplicity you can use
os.urandom()
function directly for random values whenever needed in your protocol.  You can also use the python
random
library.

 You can mimic a simplified version of protocols you learn in the subject regarding negotiation, authentication, key exchange, key derivation, and encryption used in your protocol.

 To start you can use the VM as both client and server and once you completed the protocol test it in two separate containers.

Task 2:
In this task you will configure a VPN between a branch office and head office of  talos.sec.
Download your individualised Core Network Emulator configuration file (use only one of the two
members’ file).

 Create a site-to-site IPsec VPN using strongswan extension of core between the two nodes
sphinx 
(branch office) and griffin (head office).

 The VPN gateways must use public key authentication and Fully Qualified Domain Names (FQDN) 
that match the CN (Common Name) field in their certificates.

The VPN must provide confidentiality for the traffic between the internal networks of the two branches.

Task 3:
In this task you will configure firewall on
sphinx
and
griffin
.

 The firewall on
sphinx
must protect the branch office network against any unauthorised communication.  This includes the gateway itself.

 The firewall on
griffin
must protect the head office internal networks and the DMZ against unauthorised communication.  This includes the gateway itself.

Task 4:
  In this task you will use Linux Containers to add additional services to
talos.sec
network.

 Create a container named
deadalus
attached to Internal Servers (
core_lxdbr4
).  This server must be a primary LDAP server and a primary Kerberos server (use TALOS.SEC as the realm name).  You must extend the LDAP server’s schema with Kerberos so the user database is provided 
by LDAP and authentication with Kerberos.

Create a container named
icarus
attached to Sydney Branch Office (
core_lxdbr2
).  This server must be a secondary LDAP server and a secondary Kerberos server.  Enable replication 
between the two servers.

Create a container named leto attached to DMZ (core_lxdbr1).  This server must provide secure SMTP, IMAP, and POP3 services for email communication of  talos.sec domain. Given the core configuration provides access to the Internet the mail server must be able to send email to external servers.  The server must also provide a secure web-based interface to the users’ mailboxes. The server must use the LDAP and Kerberos for authentication.

 The fqdn hostname of the containers must match the container names.  For instance the container
deadalus
must have
deadalus.talos.sec
as its fqdn.  This is a requirement of the assignment not a technical one.

 The core network configuration file must contain all of the configuration elements including the certificate and private key files.  The only files relevant to the assignment that are excluded from the core configuration file will be the containers.

 Keep multiple back-ups of core network emulator configuration in progress as well as text of node’s configuration.  The Reload and Save options of core emulator gui are quite close which could result in accidentally reloading the configuration instead of saving it (this has happened to other students in the past).  Take snapshots of your containers before performing operations that may not be easily reversible. Export a container once it arrives at its final working state.

 Do not remove any of the nodes in initial configuration.

 You can use the VM to test the browser access to mail server (graphical access).  You can also use a container to test a text-based client access to the mail server as more functionality may be required on the client which may not be available via core pc nodes.  Another option is to prepare a desktop VM and use a Host-only adapter on that VM and an additional Host-only adapter on the VM that runs Core and attach this interface using a RJ45 node within core configuration.

This Python Report Writing Assessment has been solved by our Python Language experts at TVAssignmentHelp. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our Experts are well trained to follow all marking rubrics & referencing style.

Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered. You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turnitin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction.

How to create Testimonial Carousel using Bootstrap5

Clients' Reviews about Our Services