Consultant junior en cybersécurité, spécialisé dans la protection des systèmes d'information et la gestion des réseaux, avec une passion pour la sécurisation des infrastructures contre les cybermenaces.
This project focuses on creating a resilient network architecture that protects critical resources through secure VLANs and a DMZ. It also includes an automated backup system and centralized logging to ensure data security and traceability in a dynamic environment. The main objective is to create an environment that not only protects sensitive data, but also facilitates the management and access to resources while respecting best practices in cybersecurity. Presentation: 1. Context and Objective: Address the current challenges of cybersecurity in 2024 and define the objective of the reorganization of our information system to improve our security posture. 2. Deployment of the Cyber-strategy: - Organization Architecture: Description of VLANs and their role in network security. - Deployed Servers: Configuration of SSH, FTPS, DHCP, MariaDB, and PostgreSQL servers, with appropriate access restrictions. 3. Internal Services Management: - Implementation of a DNS server to centralize name resolution. - Automatic backup system to ensure data protection. - Logging server to collect and analyze server logs. 4. Application of Security Rules: - Implementation of strict access controls and security policies for each VLAN. 5. Testing and Simulations: a. Attacks on FTPS: - Man-in-the-Middle attack: Intercept communications between the client and the FTPS server to test the security of file transfer protocols. - Command injection: Try to execute unauthorized commands via the FTPS protocol. b. Distributed Denial of Service (DDoS) Attacks: - Network Saturation: Simulate a DDoS attack to see how the infrastructure reacts to a massive influx of traffic and to test the systems’ ability to defend against service interruptions. c. Attacks on the pfSense firewall: - Port Scanning: Test filtering rules by performing a port scan to identify exposed services. d. Exploiting Software Vulnerabilities: - Backup Server Vulnerabilities: Attempt to access backup data to verify the security of sensitive information storage. e. Insider Attacks: - Unauthorized File Access: Simulate attacks where malicious users attempt to access protected or sensitive files on the network. - Privilege Escalation: Test the ability for an unprivileged user to gain administrative privileges through unauthorized means. 6. Resiliency Testing: - Disaster Recovery Testing: Assess the organization’s ability to recover data after an attack or failure. - Redundancy Testing: Simulate failures to verify the resilience of the architecture and business continuity. I would be happy to discuss this project in more detail and answer your questions.