Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/betiniakarandut/lab-demo

Coporate Network Security
https://github.com/betiniakarandut/lab-demo

bind9 dns fail2ban firewall-configuration linux vpn vpn-server

Last synced: 14 days ago
JSON representation

Coporate Network Security

Host: GitHub
URL: https://github.com/betiniakarandut/lab-demo
Owner: betiniakarandut
Created: 2024-09-18T03:06:17.000Z (5 months ago)
Default Branch: master
Last Pushed: 2024-09-24T05:13:31.000Z (4 months ago)
Last Synced: 2024-11-22T01:41:37.685Z (3 months ago)
Topics: bind9, dns, fail2ban, firewall-configuration, linux, vpn, vpn-server
Language: Shell
Homepage:
Size: 612 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- Security: Security_Configuration/README.md

Awesome Lists containing this project

README

# 🛡️ Corporate Network Security Project 🚀

Welcome to the **Corporate Network Security Project**! In this project, you'll learn to design, implement, and secure a corporate network infrastructure from scratch. This comprehensive project covers everything from DNS server setup, network design, to advanced security configurations that protect against global hacker threats. Perfect for both beginners and professionals looking to enhance their practical skills in network administration and security.

## 📋 Project Overview

The project is divided into three main tasks:
1. **Build and Implement a DNS Server**: Using both TCP and UDP protocols on a Linux-based system.
2. **Design a Secure Corporate Network**: Develop a network infrastructure to protect a Global ISP from imminent hacker attacks.
3. **Configure Network Security**: Apply security configurations to the designed network, ensuring robust protection in a corporate environment.

### 🏗️ Technologies Used
- **Linux** 🐧 (Ubuntu/Debian)
- **Bind9** 📡 (DNS Server)
- **Firewall** 🔥 (Iptables/UFW)
- **VPN** 🛡️ (WireGuard/OpenVPN)
- **Fail2Ban** 🚨 (Brute-force prevention)

## 🚀 Project Breakdown

### Task A: Build and Implement DNS Server 🖥️
You'll start by building a DNS server using both **UDP** and **TCP** protocols. The server will handle domain name resolution within the network, and you will secure it against potential vulnerabilities.

📂 **Files:**
- `dns_server_script.sh`: Automates DNS setup.
- `configs/`: Contains essential DNS configuration files (e.g., `named.conf`).
- `setup_instructions.md`: Step-by-step guide to setting up the DNS server.

### Task B: Design a Secure Network 🏢
Design a highly secure network infrastructure for a corporate environment. The network should be divided into segments (e.g., DMZ, internal, external), using **firewalls** and **network isolation** techniques to protect against external threats.

📂 **Files:**
- `network_diagram.png`: Visual diagram of the network architecture.
- `design_documentation.md`: Detailed documentation of the network design, justifications, and security measures.

### Task C: Configure Network Security 🔐
The final task involves configuring advanced network security features. You'll implement **firewall rules**, set up **VPNs** for secure remote access, and protect the network from brute-force attacks using **Fail2Ban**.

📂 **Files:**
- `firewall_rules.sh`: Script to configure firewall rules.
- `vpn_setup_guide.md`: Guide for setting up secure VPNs.
- `fail2ban_config.md`: Configuration for Fail2Ban to prevent unauthorized access.
- `additional_security.md`: Extra security tips and measures to strengthen your network.

## 🎯 Key Objectives
By the end of this project, you will have:
- Set up a fully functional and secure **DNS server** using **Linux**.
- Designed a **corporate network architecture** that is secure against cyber threats.
- Configured advanced **network security** measures such as **firewalls**, **VPNs**, and **brute-force protection**.

## 📦 Folder Structure

```bash
Project_Name/
│
├── DNS_Server/ # Task A: DNS Server setup files
│ ├── configs/ # DNS configuration files
│ ├── setup_instructions.md # Instructions for DNS server setup
│ ├── dns_server_script.sh # Script for DNS automation
│ └── README.md # Overview of the DNS server task
│
├── Network_Design/ # Task B: Network design documentation
│ ├── network_diagram.png # Corporate network architecture diagram
│ ├── design_documentation.md# Documentation of network design
│ └── security_measures.md # Explanation of security features
│
├── Security_Configuration/ # Task C: Security configuration files
│ ├── firewall_rules.sh # Firewall rules configuration script
│ ├── vpn_setup_guide.sh # Instructions for VPN setup
│ ├── fail2ban_config.sh # Fail2Ban configuration for security
│ └── additional_security.md # Additional security tips and measures
│
└── final_report.md # Overall report summarizing the tasks
```

## 🛠️ How to Use This Project
```bash
git clone https://github.com/your-username/project-name.git
```
Follow the instructions provided in each task's folder to complete the project.
Review the final report [Final Report](final_report.md) for a summary of the project.

## 📜 Prerequisites
To successfully complete this project, you will need:
- Basic knowledge of Linux administration.
- Familiarity with networking concepts (DNS, VPN, firewalls).
- A Linux environment (Ubuntu recommended).

## 🤝 Contributions
Feel free to contribute to this project by suggesting improvements or adding new features!

## 👨‍💻 Developed by me
📧 Reach me at: [d'coder](https://github.com/betiniakarandut)