A cybersecurity project focused on designing a secure network infrastructure, executing custom cyber-attacks (Red Team), and implementing robust detection and prevention mechanisms (Blue Team).
This was developed collaboratively as the final project for the Secure Network Management course at Hochschule München.
The entire enterprise environment was simulated using multiple Virtual Machines (VirtualBox) to realistically represent each network component without affecting real hardware:
- Routing & Security: pfSense firewalls (separating the External network, DMZ and Internal LAN) and VyOS routers.
- Monitoring: Snort IDS/IPS and Splunk SIEM for log ingestion and real-time alerting.
- Endpoints: Dedicated VMs for Internal Clients, Internal Attackers and External Attackers.
- Offensive Security (Python/Scapy): Developed custom scripts to launch targeted attacks, including ARP Sweeps, TCP SYN Scans, TCP/ICMP Floods (DoS) and RIP Route Injections.
- Defensive Security: Configured strict firewall ACLs, wrote custom Snort rules to detect the Scapy attack signatures and analyzed logs using Splunk.
- Traffic Analysis: Deep packet inspection using Wireshark to validate attack success and verify detection accuracy.
Crisan Gabriel & Cinteza Tudor