CNT4603 - 2011 Summer
Group Assignment 7
Journals Due Tuesday, August 2, at the beginning of class.

Assignment: IPsec




Step 1: Do a tcpdump/tethereal capture of traffic among your Fedora and CentOS machines. For traffic, please use a mix of at least HTTP, SMTP, DNS, and ssh traffic (you certainly may document additional protocols if you like.) It is important to do this first, because you are going to change how these machine talk to each and you need to be able to document a "before" and an "after" for those changes.

Remember, this documentation will be included in your writeup, so you may want to make some screen captures in addition to log files. I suggest that you use two BASH scripts, one on each machine, to create the traffic so that the traffic will be easy to replicate later. You can use a mix of nc and dig to do this.

Step 2: Configure host-to-host IPsec among your Fedora and CentOS machines. You can do this via either the Network gui, or you can do it by hand. Both methods are documented in Redhat's Deployment Guide. (Note that you will have to install the package ipsec-tools on both machines.)

Step 3: Repeat the original tcpdump/tethereal traffic among your Fedora and CentOS (remember, this is very easy to do if you utilized scripts to create it), and capture it. Verify that IPsec is being used, and demonstrate the observed changes in the data exchanged between the two machines in your write-up.



A journal is due for this assignment. Make sure that you document in your journal all of the steps that you went through, following the guidelines on the class home page. Please share the workload so that all team members get experience with all aspects of the work. Do not forget to assign your work percentages to yourself and your other teammates in your journal. Please turn in a printed copy of this assignment at the beginning of class on Tuesday, August 2nd.