Conexión Modo NAT con FW-cpe

192.168.0.0/24
 Conexión Modo NAT con FW

192.168.0.0/24

192.168.81.1/24

192.168.81.0/24
 Conexión Modo Bridge con
FW –Demo Practico

 PPPOE
 Static
 DHCP

192.168.81.1/24

192.168.81.0/24
 NAT

192.168.0.1 201.232.3.3/24

Server A Server B
RDP MSSQL
HTTP FTP 192.168.0.2
CRM WAN
Internet

LAN
192.168.2.1/24

 Navegación HTTP
 SSL
 SMTP
 POP3
 IMAP
 WEBMAIL
 Todo Trafico GT
 PC Financiero 8080

192.168.2.0/24
 Certified Offensive and Defensive Security Expert
(CODSE)
Computación Forense – Adquisición de Evidencia
Prueba de concepto 1:
El escenario:

© www.dsteamseguridad.com
1
 192.168.2.11 192.168.50.4 Bridge
PPPE-DHCP-STATIC

DHCP/Simetrico 20 MB-Telefonica

Server A Server B
RDP MSSQL
HTTP FTP
201.232.3.3/24
CRM RDP WAN
HTTP
Internet
VPN
LAN
192.168.50.38/24

192.168.2,21
 Navegación HTTP
 SSL
 SMTP
 POP3
 IMAP
 WEBMAIL
 Todo Trafico GT
192.168.2.22  PC Financiero 8080

201.232.9.9
192.168.50.0/24
192.168.x.12
HTTP,SQL Server, C
FTP, RDP B
A
192.168.x.11

G
E D

192.168.x.13

RED LAN Virtualizada

RED WAN
H I

F
Megatron server Megatron server
2003 2008 B C

A
192.168.x.11

7
G
E D

192.168.x.13

RED LAN Virtualizada

RED WAN
H I

F
192.168.0.2--http
192.168.0.2--PPTP Conexión a Internet NAT- Sin firewall

192.168.0.1

201.10.10.10
(HTTP-SSH)
192.168.58.0/24

Kali y
Metasploit

192.168.1.0/24
192.168.0.2--http
192.168.0.2--PPTP Conexión a Internet NAT- Sin firewall

192.168.0.1

190.71.135.81
(HTTP-SSH)
192.168.1.3--http
192.168.10.2--PPTP Conexión a Internet NAT- con firewall

192.168.0.1

201.10.10.10
(HTTP-SSH)
192.168.0.11

192.168.10.111
 192.168.10.3— 192.168.10.200
http,smtp,RDP Conexión a Internet Bridge- con firewall
(mssql, rdp, SMB)
190.2.2.2

201.10.10.10
 http
 Mssql
 Rdp
192.168.10.111  Smtp

 http
 https
 Pop3
 Smtp
 Imap 190.2.2.3
 Vnc,rdp,ssh
(sistemas)
 8080-tcp
Finanzas
.58.33
192.168.10.133
 192.168.10.1/24

/ 192.168.10.0/24
 192.168.10.0/24 A:192.168.10.12 Bridge-Static
Tcp/25
TCP/110
TCP/2095 -- Servidores red
TCP/80 -- Firewall VPN
B:192.168.10.14 -- UTM
TCP/3389 -- Alta disponibilidad $$$
192.168.10.1/24 3389,25,110,2095,
80,1723

DMZ-WAN 192.168.0.1/24 201.232.5.5/24

 HTTP (Bridge-Static)

LAN-WAN
 HTTP
 SMTP
 POP3
1
 WEBMAIL
 SSL
 Sis: SSH
201.2.2.2
2
192.168.0.225
# nmap –sS –p0-4000 201.232.5.5
192.168.0.0/24
 NAT
192.168.2.2/24

201.232.6.6/24
192.168.15.1/24

192.168.2.22/24

LAN-WAN
 HTTP
 SMTP
 POP3
 WEBMAIL
 SSL
 Sis: SSH
201.2.2.2

IP:192.168.15.24
192.168.15.0
255.255.255.0
GW: 192.168.15,1
DNS: 200.13.3.3
DNS2:200.13.3.6
 Ejercicio Firewalls Básico
Firewall-WAN
192.168.1.91 DHCP
192.168.1.0/24
KALI - bridge

VMNET 2
192.168.37.1

VMNET 2
192.168.37.12
Windows VMNET 2
192.168.1.90 192.168.37.x
Megatron
XP ATTACK
 192.168.22.21/24 Firewall Modo BRIDGE
80
PPPOe
3389
Estática
DHCP

201.232.36.36/24

192.168.22.80/24

 Permite Navegación a todo

la LAN
 Permite correo SMTP a toda
la subred
 Permitir correo POP3 a toda
la subred
 Permitir SSH solo al jefe de
sistemas, y solo a la Ip
192.168.1.0/24 190.9.9.9
 Permitir SSL a toda la subred
http://201.232.36.36/login.aspx
 Bloquear todo a la ip
192.168.0.125
 Abrir servicios HTTP Y RDP
 192.168.1.21/24 Firewall Modo NAT
80
3389

192.168.0.1/24

201.232.36.36/24

192.168.0.11/24

192.168.1.1/24

192.168.1.10
255.255.255.0
192.168.1.1
192.168.1.1

192.168.1.0/24
 Certified Offensive and Defensive Security Professional
- Entrenamiento E-learning -
10 mb
NAT
192.168.1.1/24 201.232.22.22/24

192.168.1.4/24

192.168.0.4/24

192.168.0.0/24

192.168.0.2
255.255.255.0
192.168.0.4
201.232.1.4
 201.232.22.22/24
Bridge.
192.168.0.1/24 PPPoE
DHCP
Estático

192.168.0.0/24