Cyber Security I. Netzplan: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
 
(13 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 4: Zeile 4:
 
==IPv4==
 
==IPv4==
 
*'''gateway 192.168.Y.254'''
 
*'''gateway 192.168.Y.254'''
*'''nameserver 78.47.133.194'''
+
*'''route add -net 10.88.0.0/16 192.168.Y.88'''
*'''externe Domain labXX.linuggs.de'''
+
*'''nameserver 1.1.1.1'''
*'''interne Domain labXX.int'''
+
*'''externe Domain it2XX.xinmen.de'''
 
+
*'''interne Domain sec-labs.de'''
 
{| class="wikitable"
 
{| class="wikitable"
! Teilnehmer !! Labor !! Netz !! Haupt-IP !! Zweite-IP !! CLIENTS !! SERVER !! DMZ
+
! Teilnehmer !! Labor !! Haupt-IP !! Zweite-IP !! INSIDE !! SERVER !! DMZ
 
|-
 
|-
| TN01 || lab00 || 172.26.0.0/22  || 192.168.Y.21 || 192.168.Y.41 || 172.26.1.0/24 || 172.26.2.0/24 || 172.26.3.0/24
+
| TN01 || it201 || 192.168.Y.201 || 192.168.Y.221 || 172.17.201.0/24 || 10.0.10.0/24 || 10.88.201.0/24
 
|-
 
|-
| TN02 || lab04 || 172.26.4.0/22  || 192.168.Y.22 || 192.168.Y.42 || 172.26.5.0/24 || 172.26.6.0/24 || 172.26.7.0/24
+
| TN02 || it202 || 192.168.Y.202 || 192.168.Y.222 || 172.17.202.0/24 || 10.0.10.0/24 || 10.88.202.0/24
 
|-
 
|-
| TN03 || lab08 || 172.26.8.0/22  || 192.168.Y.23 || 192.168.Y.43 || 172.26.9.0/24 || 172.26.10.0/24 || 172.26.11.0/24
+
| TN03 || it203 || 192.168.Y.203 || 192.168.Y.223 || 172.17.203.0/24 || 10.0.10.0/24 || 10.88.203.0/24
 
|-
 
|-
| TN04 || lab0c || 172.26.12.0/22 || 192.168.Y.24 || 192.168.Y.44 || 172.26.13.0/24 || 172.26.14.0/24 || 172.26.15.0/24
+
| TN04 || it204 || 192.168.Y.204 || 192.168.Y.224 || 172.17.204.0/24 || 10.0.10.0/24 || 10.88.204.0/24
 
|-
 
|-
| TN05 || lab10 || 172.26.16.0/22 || 192.168.Y.25 || 192.168.Y.45 || 172.26.17.0/24 || 172.26.18.0/24 || 172.26.19.0/24
+
| TN05 || it205 || 192.168.Y.205 || 192.168.Y.225 || 172.17.205.0/24 || 10.0.10.0/24 || 10.88.205.0/24
 
|-
 
|-
| TN06 || lab14 || 172.26.20.0/22 || 192.168.Y.26 || 192.168.Y.46 || 172.26.21.0/24 || 172.26.22.0/24 || 172.26.23.0/24
+
| TN06 || it206 || 192.168.Y.206 || 192.168.Y.226 || 172.17.206.0/24 || 10.0.10.0/24 || 10.88.206.0/24
 
|-
 
|-
| TN07 || lab18 || 172.26.24.0/22 || 192.168.Y.27 || 192.168.Y.47 || 172.26.25.0/24 || 172.26.26.0/24 || 172.26.27.0/24
+
| TN07 || it207 || 192.168.Y.207 || 192.168.Y.227 || 172.17.207.0/24 || 10.0.10.0/24 || 10.88.207.0/24
 
|-
 
|-
| TN08 || lab1c || 172.26.28.0/22 || 192.168.Y.28 || 192.168.Y.48 || 172.26.29.0/24 || 172.26.30.0/24 || 172.26.31.0/24
+
| TN08 || it208 || 192.168.Y.208 || 192.168.Y.228 || 172.17.208.0/24 || 10.0.10.0/24 || 10.88.208.0/24
 
|-
 
|-
| TN09 || lab20 || 172.26.32.0/22 || 192.168.Y.29 || 192.168.Y.49 || 172.26.33.0/24 || 172.26.34.0/24 || 172.26.35.0/24
+
| TN09 || it209 || 192.168.Y.209 || 192.168.Y.229 || 172.17.209.0/24 || 10.0.10.0/24 || 10.88.209.0/24
 
|-
 
|-
| TN10 || lab24 || 172.26.36.0/22 || 192.168.Y.30 || 192.168.Y.50 || 172.26.37.0/24 || 172.26.38.0/24 || 172.26.39.0/24
+
| TN10 || it210 || 192.168.Y.210 || 192.168.Y.230 || 172.17.210.0/24 || 10.0.10.0/24 || 10.88.210.0/24
 
|-
 
|-
| TN11 || lab28 || 172.26.40.0/22 || 192.168.Y.31 || 192.168.Y.51 || 172.26.41.0/24 || 172.26.42.0/24 || 172.26.43.0/24
+
| TN11 || it211 || 192.168.Y.211 || 192.168.Y.231 || 172.17.211.0/24 || 10.0.10.0/24 || 10.88.211.0/24
 
|-
 
|-
| TN12 || lab2c || 172.26.44.0/22 || 192.168.Y.32 || 192.168.Y.52 || 172.26.45.0/24 || 172.26.46.0/24 || 172.26.47.0/24
+
| TN12 || it212 || 192.168.Y.212 || 192.168.Y.232 || 172.17.212.0/24 || 10.0.10.0/24 || 10.88.212.0/24
 
|-
 
|-
| TN13 || lab30 || 172.26.48.0/22 || 192.168.Y.33 || 192.168.Y.53 || 172.26.49.0/24 || 172.26.50.0/24 || 172.26.51.0/24
+
| TN13 || it213 || 192.168.Y.213 || 192.168.Y.233 || 172.17.213.0/24 || 10.0.10.0/24 || 10.88.213.0/24
 
|-
 
|-
| TN14 || lab34 || 172.26.52.0/22 || 192.168.Y.34 || 192.168.Y.54 || 172.26.53.0/24 || 172.26.54.0/24 || 172.26.55.0/24
+
| TN14 || it214 || 192.168.Y.214 || 192.168.Y.234 || 172.17.214.0/24 || 10.0.10.0/24 || 10.88.214.0/24
 
|}
 
|}
  
Zeile 49: Zeile 49:
 
*wget https://xinux.de/downloads/linuggs.de/cybersec1.drawio.svg
 
*wget https://xinux.de/downloads/linuggs.de/cybersec1.drawio.svg
 
=Wie passe ich einen Debian/Ubuntu Rechner an=
 
=Wie passe ich einen Debian/Ubuntu Rechner an=
 +
'''Beispiel'''
 
;Resolver
 
;Resolver
 
*cat /etc/resolv.conf  
 
*cat /etc/resolv.conf  
 
  nameserver 78.47.133.194
 
  nameserver 78.47.133.194
  search lab34.linuggs.de  
+
  search it2xx.xinmen.de
 
;Netzwerk
 
;Netzwerk
 
*cat /etc/network/interfaces
 
*cat /etc/network/interfaces
 
  auto enp0s3
 
  auto enp0s3
 
  iface enp0s3 inet static
 
  iface enp0s3 inet static
   address 172.26.55.2/24
+
   address 10.88.2xx.2/24
 
   gateway 172.26.55.1
 
   gateway 172.26.55.1
 
;Hostnamen setzen
 
;Hostnamen setzen
*hostnamectl set-hostname opfer.lab34.linuggs.de
+
*hostnamectl set-hostname www.it2xx.xinmen.de
 
;Lokale Hostnamensauflösung
 
;Lokale Hostnamensauflösung
 
*cat /etc/hosts
 
*cat /etc/hosts
 
  127.0.0.1 localhost.localdomain localhost
 
  127.0.0.1 localhost.localdomain localhost
 
  ::1 localhost6.localdomain6 localhost6
 
  ::1 localhost6.localdomain6 localhost6
  '''172.26.55.2   opfer.lab34.linuggs.de opfer'''
+
  '''127.0.0.1   www.it2xx.xinmen.de www'''
 
  # The following lines are desirable for IPv6 capable hosts
 
  # The following lines are desirable for IPv6 capable hosts
 
  ::1    localhost ip6-localhost ip6-loopback
 
  ::1    localhost ip6-localhost ip6-loopback
Zeile 72: Zeile 73:
 
  ff02::2 ip6-allrouters
 
  ff02::2 ip6-allrouters
 
  ff02::3 ip6-allhosts
 
  ff02::3 ip6-allhosts
 +
 
=Portforwarding=
 
=Portforwarding=
 
*192.168.12.34:9923 -> 172.26.55.2:22
 
*192.168.12.34:9923 -> 172.26.55.2:22
 
*192.168.12.34:9924 -> 172.26.53.52:22
 
*192.168.12.34:9924 -> 172.26.53.52:22

Aktuelle Version vom 14. Februar 2026, 14:15 Uhr

Übersicht

IPv4

  • gateway 192.168.Y.254
  • route add -net 10.88.0.0/16 192.168.Y.88
  • nameserver 1.1.1.1
  • externe Domain it2XX.xinmen.de
  • interne Domain sec-labs.de
Teilnehmer Labor Haupt-IP Zweite-IP INSIDE SERVER DMZ
TN01 it201 192.168.Y.201 192.168.Y.221 172.17.201.0/24 10.0.10.0/24 10.88.201.0/24
TN02 it202 192.168.Y.202 192.168.Y.222 172.17.202.0/24 10.0.10.0/24 10.88.202.0/24
TN03 it203 192.168.Y.203 192.168.Y.223 172.17.203.0/24 10.0.10.0/24 10.88.203.0/24
TN04 it204 192.168.Y.204 192.168.Y.224 172.17.204.0/24 10.0.10.0/24 10.88.204.0/24
TN05 it205 192.168.Y.205 192.168.Y.225 172.17.205.0/24 10.0.10.0/24 10.88.205.0/24
TN06 it206 192.168.Y.206 192.168.Y.226 172.17.206.0/24 10.0.10.0/24 10.88.206.0/24
TN07 it207 192.168.Y.207 192.168.Y.227 172.17.207.0/24 10.0.10.0/24 10.88.207.0/24
TN08 it208 192.168.Y.208 192.168.Y.228 172.17.208.0/24 10.0.10.0/24 10.88.208.0/24
TN09 it209 192.168.Y.209 192.168.Y.229 172.17.209.0/24 10.0.10.0/24 10.88.209.0/24
TN10 it210 192.168.Y.210 192.168.Y.230 172.17.210.0/24 10.0.10.0/24 10.88.210.0/24
TN11 it211 192.168.Y.211 192.168.Y.231 172.17.211.0/24 10.0.10.0/24 10.88.211.0/24
TN12 it212 192.168.Y.212 192.168.Y.232 172.17.212.0/24 10.0.10.0/24 10.88.212.0/24
TN13 it213 192.168.Y.213 192.168.Y.233 172.17.213.0/24 10.0.10.0/24 10.88.213.0/24
TN14 it214 192.168.Y.214 192.168.Y.234 172.17.214.0/24 10.0.10.0/24 10.88.214.0/24

Weiteres

Offizielle Zertifikate
drawio rpm runterladen und installieren

Netzplan

Wie passe ich einen Debian/Ubuntu Rechner an

Beispiel

Resolver
  • cat /etc/resolv.conf
nameserver 78.47.133.194
search it2xx.xinmen.de
Netzwerk
  • cat /etc/network/interfaces
auto enp0s3
iface enp0s3 inet static
 address 10.88.2xx.2/24
 gateway 172.26.55.1
Hostnamen setzen
  • hostnamectl set-hostname www.it2xx.xinmen.de
Lokale Hostnamensauflösung
  • cat /etc/hosts
127.0.0.1	localhost.localdomain	localhost
::1		localhost6.localdomain6	localhost6
127.0.0.1    www.it2xx.xinmen.de www
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

Portforwarding

  • 192.168.12.34:9923 -> 172.26.55.2:22
  • 192.168.12.34:9924 -> 172.26.53.52:22
Abgerufen von „http://wiki.ixheim.de/index.php?title=Cyber_Security_I._Netzplan&oldid=66882