For this project you will perform several hardening techniques to your VMs.
Learning outcomes
- Planning and design.
- VMware guest modifications.
- Modifying application software.
- Security settings on multiple platforms.
Ubuntu
Using the Ubuntu Hardening documentation and the Network Details documentation, perform the following:
First:
Apply the recommended hardening items minus the SSH secure login.
For the MOTD use the following text:
* WARNING * WARNING * WARNING * WARNING * WARNING * WARNING *
If you do not belong here, GO AWAY!
We are watching...
* WARNING * WARNING * WARNING * WARNING * WARNING * WARNING *
Test your network hardening by trying to ping before and after. From Windows you can use a continuous ping like:
ping -t 192.168.2.xx
Second:
You will have two partners for your work, but you will still make modifications to your VM. Look at the names of the people surrounding yours in the documentation, wrapping as needed. The person above you will be logging into your Ubuntu VM from their Windows VM but should be denied from the Ubuntu VM. You will create an account based on an agreed name and password using the following commands:
useradd -m -s /bin/bash username passwd username
Then make the SSH changes to only allow that account from their Windows 10 VM.
You will be logging in to the Ubuntu VM of the person below you using your Windows 10 VM.
Windows 10
Review the Windows 10 Hardening script by Aaron Horler.
After reviewing the script, write a few paragrahs about your thoughts on securing Windows 10.
Windows Server 2016
Review the Windows 2016 Security Guide.
Determine and write a few paragraphs on which options you would implement, or if easier to determine, the ones you would leave out based on the University of Texas guidelines.