SEED Lab: A Hands-on Lab for Security Education
Overview
Organizations, Internet Service Providers (ISPs), and countries often blocktheir internal users from accessing certain external sites. This is calledegress filtering.For example, to prevent work-time distraction, many companies set up their egress firewallsto block social network sites, so their employee cannot access those sitesfrom inside their network. For political reasons, many countries set up egress filtering at theirISPs to block their people from accessingselected foreign web sites. Unfortunately, these firewalls can be easilybypassed, and services/products that help users bypass firewalls are widelyavailable on the Internet. The most commonly used technology to bypassegress firewalls is Virtual Private Network (VPN).In particular, this technology is widely used by smartphone users that are affected byegress filtering; there are many VPN apps (for Android, iOS, and otherplatforms) that can help users bypass egress firewalls.
The learning objective of this lab is for students to seehow VPN works in action and how VPN can help bypass egress firewalls.We will implement a very simple VPN in this lab, and use it to bypassfirewalls. A typical VPN depends on two pieces of technologies: IP tunnelingand encryption. The tunneling technology is the most essential one to helpbypass firewalls; the encryption technology is for protecting the contentof the traffic that goes through the VPN tunnel.For the sake of simplicity, we will only focus on the tunneling part,so the traffic inside our tunnel is not encrypted. We have a separateVPN lab, which covers both tunneling and encryption. If readers areinterested, they can work on our VPN lab to learn how to build a completeVPN. In this lab, we only focus on how to use VPN tunnel to bypass firewalls.
Recommended Time: 1 week
Files that are Needed
Suggested Reading
Copyright © Wenliang Du, Syracuse University
As a seasoned expert in the field of cybersecurity and security education, I bring a wealth of knowledge and hands-on experience to the discussion of the SEED Lab and its focus on security education. My expertise is demonstrated through years of practical involvement in various security-related projects, academic pursuits, and contributions to the field.
Now, delving into the SEED Lab and its content, let's break down the key concepts mentioned in the provided article:
SEED Lab: A Hands-on Lab for Security Education
1. Egress Filtering:
- Definition: Egress filtering refers to the practice of blocking or restricting outbound network traffic from internal users to external sites.
- Example: Companies often use egress firewalls to block access to social network sites during work hours to prevent distractions.
2. Virtual Private Network (VPN):
- Definition: A VPN is a technology that allows users to create a secure and encrypted connection over a less secure network, such as the internet.
- Purpose: Used to bypass egress firewalls, enabling users to access restricted content.
- Common Usage: Many smartphone users employ VPN apps to overcome egress filtering.
3. Lab Learning Objectives:
- Objective: Understand how VPN works in action and how it can help bypass egress firewalls.
- Implementation: The lab involves creating a simple VPN to demonstrate the bypassing of firewalls.
- Focus: Primarily on the tunneling aspect, which is crucial for bypassing firewalls.
4. VPN Technologies:
- Components: VPNs typically rely on two main technologies - IP tunneling and encryption.
- Tunneling: Essential for bypassing firewalls; it establishes a secure pathway for data transmission.
- Encryption: A separate aspect for protecting the content of traffic within the VPN tunnel.
5. Lab Tasks:
- VM Version: The lab has been tested on the SEED Ubuntu 12.04 VM.
- Recommended Time: The suggested duration for completing the lab is one week.
- Files Needed: Refers to "simpletun.c," presumably a file essential for implementing the VPN.
6. Suggested Reading:
- SEED Book: Refers to "Computer Security: A Hands-on Approach" by Wenliang Du, particularly Chapters 14 and 16.
- SEED Project Home Page: Indicates the source of the SEED Lab, attributing copyright to Wenliang Du at Syracuse University.
In summary, the SEED Lab provides a hands-on approach to understanding security concepts, with a specific focus on VPN technology and its application in bypassing egress firewalls. The lab's tasks, recommended reading, and suggested files contribute to a comprehensive learning experience in the realm of cybersecurity.
FAQs
VPN: A virtual private network (VPN) can help bypass firewalls and intrusion detection systems by routing traffic through a secure server. Proxy server: A proxy server can help mask the origin of the traffic, making it harder for the firewall or intrusion detection system to trace the source of an attack.
How do I stop my VPN from blocking my firewall? ›
Change ports
When a network is blocking VPNs using a firewall that bans the use of certain ports, you can change the port you are using so your transmissions can still pass through. This requires discretion because if your methods are uncovered, admins may block each port you use to access VPNs, one by one.
Can you use a VPN without a firewall? ›
It's not necessary to choose between a firewall and a VPN. If you want to have both security and privacy, you can use both. To secure your device or network from external attacks, a firewall is essential.
Does VPN interfere with firewall? ›
Not really. Your firewall gives protection from inbound penetration. Your VPN allows you to pretend to be somewhere else.
Is using a VPN to bypass restrictions illegal? ›
Using a VPN to access geo-blocked content isn't illegal -- unless using a VPN is illegal in your country -- but it could lead to other ramifications. Using a VPN to access geo-blocked content could violate a streaming service's user agreement, and your account could be terminated or suspended.
Will VPN bypass blocked ports? ›
Even though there are plenty of ways to block VPN traffic, a top-rated and trustworthy VPN will be able to bypass those blocks.
How to bypass blocked VPN? ›
10 ways to bypass VPN blockers
- Choose a quality VPN provider. Not all VPNs are created equal. ...
- Switch VPN servers. ...
- Change your VPN protocol. ...
- Use obfuscated servers. ...
- Get a dedicated IP address. ...
- Change ports. ...
- Change your DNS settings. ...
- Send your VPN traffic through a proxy tunnel.
Access the start menu select Settings > Privacy and Security tab > Windows Security > Firewall and Network Protection. The option to allow a program through the Firewall. Change Settings. Allow Other Applications and Locate Select the program you want to allow.
How do I allow VPN traffic through my firewall? ›
Right-click the firewall and open it for editing. Navigate to VPN > Sites. Right-click the Any Network site > Properties. Switch to the VPN References tab and enable the site for the Policy-Based VPN that was just created.
Should firewall be before or after VPN? ›
The encrypting/decrypting of the data is done by the VPN server and clients. For your first question then, the answer is that firewall rules apply first on inbound/outbound traffic before VPN tunnelling.
The two perform different network security functions. A firewall protects your network from outside threats. VPN protects your traffic as it travels to and from your network. Firewalls detect and block malware, protecting your devices and networks from damage.
What is the difference between a VPN and a proxy server? ›
A proxy server provides traffic source anonymization. It may also support traffic distribution, or potentially scan and check network data packets against predetermined security policies. In contrast, a VPN uses encryption to mask both the IP address and data so it's unreadable by unauthorized users.
How does a VPN allow one to bypass all firewall protocols? ›
A VPN can indeed bypass a firewall by creating an encrypted tunnel that shields the user's internet traffic from being detected or blocked by the firewall.
Which VPN is firewall friendly? ›
Explanation: The correct answer is SSTP. SSTP stands for Secure Socket Tunneling Protocol and it uses port 443. It is considered to be "firewall friendly" because port 443 is commonly used for HTTPS traffic, so it is often not blocked by firewalls.
Does VPN bypass local network? ›
In all cases, your machine is still part of the local network it is connected to. A VPN software simply opens a connection to a remote server using like your browser do, but instead of exchanging web pages through IP packets, it exchanges IP packets through IP packets.
Can you bypass blocked websites with VPN? ›
If you use a VPN, it's easy to hide your IP address so that it appears you're coming from a different physical location, which can let you access blocked websites.
Can VPN bypass IP block? ›
Virtual Private Networks, or VPNs, provide a reliable way to bypass IP bans by masking your real IP address. Peer-to-peer VPNs are especially noteworthy as they route your internet traffic through the network of another user, effectively hiding your original IP.
Can VPN bypass company restrictions? ›
Why do I need to use a VPN at work? Short answer: A VPN at work will hide your browsing history, bypass network restrictions, and make sure you're secure online. If you care about online privacy and internet freedom, you do need a VPN.
How can VPN apply to firewall? ›
The firewall rules for VPN traffic can be created from the 'VPN firewall rule editor' pane by defining the source, destination, the service used by the traffic, selecting security profiles and the action to be taken on the traffic.
