CT30A9700 Network security laboratory works

These laboratory works are individual assignments - group work is not allowed. However, if you discuss with the laboratory work configuration/analysis about other students who are attending the course, please add a note to your documentation in order to avoid plagiarism charges. Also if you use some stuff from any other source you have to refer it.

Before you start, read these

It is important that you read this section first. If you completely mess up the virtual machine on some computer send an email to tite.sysadm@lut.fi, where you mention what you did and on what computer you did it (the computer name on top of the case). The virtual image will be restored to the original as soon as the administrator can do it. See also 6218 classroom rules.


Before trying any of these on the virtual machines, it is recommended to remove all existing exercise material, configs and settings from the both virtual machines. Do:

sudo apt-get purge snort
sudo apt-get purge fail2ban
sudo apt-get purge iptables-persistent
sudo iptables -F
sudo iptables -F -t nat
sudo iptables -F -t mangle
sudo iptables -X 

And remove any entries that can be used to load previous iptables configuration from


Or remove executable bits from any custom iptables init script in with

chmod -x /etc/init.d/iptables

Or from the interfaces file at


It is also recommended that you clean up the mess after you are done with that virtual machine.

Returning the laboratory work documentations

With laboratory works the only way to return the document and other additional files is to upload them to department SVN repository. Instructions about how to use SVN from command line.

The repository is located at https://www2.it.lut.fi/svn/courses/CT30A9700/

  • Each of the course attendees is added to the allowed users list and an individual directory is created for each based on your student number.
    • Login is done with LUT credentials
    • Works outside University network
  • Put the laboratory work material into folder under your student number in format LabX, where X is the number of the laboratory work.
  • E.g., A student whose student id is 0123456 puts the Laboratory work 2 material into: https://www2.it.lut.fi/svn/courses/CT30A9700/0123456/Lab2/

Deadline for the laboratory works is 2.5.2014 :!:

Laboratory work

The course has three laboratory works. For each work you will first conduct laboratory experiment and then write a report about it. The report has to be in PDF format.

On each report, you must have:

  • Brief explanation of what you are doing in this lab work (what parts you are doing and what parts you are not doing)
  • All configuration files (in the same SVN repository, no need to include these in the document)
  • Captured data, if any, in separate file and add small portions into document to support your analysis
  • Screen captures, if needed – these can be taken in Ubuntu with “Print Screen” button
  • In the document you have to explain the steps you did in this lab work
    • What applications you installed and how
    • How did you configure the installed applications (what did you change/add/remove in the configuration file)
    • How did you proceed with the task
    • Testing the configuration
    • Analyzing the result
  • Conclusion (what you noted)

The work instructions assume that you are using the computers and virtual machines (Server and Wireshark ubuntu) at classroom 6218.

Laboratory work 1: Network monitoring (14p)

Laboratory work 2: Network Intrusion detection (20p)

Laboratory work 3: Firewalls (16p)

Last modified: 2014/02/18 12:06