Single host operating system

Assignment Help Computer Engineering
Reference no: EM131214486

Environment Setup

Objective

This lab is to be used if you're setting up your own lab environment (preferred method of performing the labs) on your own system. The instructions also assume you're using a single host operating system and installing multiple guests in VMWare - modify accordingly if you plan on achieving the same result another way (i.e. using multiple system).

We are mainly going to follow the "Pregame" chapter in the Hacker Playbook book by Kim to build the Kali Linux and Win 7 Pro VMs. Keep in mind those instructions are a bit dated on the Kali side as some of the tools mentioned are already installed in the latest release (2.0). I'd do a quick check for each tool before I attempted to install...and also use snapshots in case somethings goes horribly wrong and you break the OS or tools already installed. You can safely follow the Windows VM setup procedure and any additional tools that need to be added for future lab assignments will be posted or linked.

Materials

For the purposes of Lab 0, you will need the following:
- A working host system (Mac OSX or Windows 7/8 preferred) on which you will install VMWare Workstation (MS) or Fusion (OSX)
- A system (laptop/desktop) capable of running at least 2-3 virtual machines in addition to the host operating system. This includes enough disk storage (usually not an issue) and memory/processor capacity (usually the bottleneck).
- Access to the DePaul MSDNAA and VMWare eHub sites (as a current student the default answer is yes, but you should verify if your account is active) and have downloaded the necessary guest operating system and VMWare software packages
- When we say "Host" operating system we mean the system that is installed on the hard drive of your desktop or laptop, on which you will install VMWare software. A "Guest" operating system is an operating system running inside of VMWare software on your host system. You will likely only have 1 host operating system (unless you're dual booting) and you can have multiple guest operating systems.
- The Pregame chapter in the Hacker Playbook 2 book by Kim
- For anyone not familiar with setting up VMWare and installing a guest operating system, as we will for the lab system we are building, please see:
o https://vimeo.com/118060289 pass is: cns488

Usernames and Passwords

For the VMs you'll be using, use the following guide:
- Windows 2000/2003 Servers - administrator/student
- Windows 7 Pro Attack VM - Whatever you configure, make it easy to remember
- Kali Attack VM - root/toor (unless you custom installed your own, then it is whatever you set it to)
- Metasplotable - msfadmin/msfadmin
- DVL - root/toor (I think and hope)

Network Settings

To stay consistent with the labs as they are written for the CDM lab environments I'd strongly suggest that you use the following convention for your network addressing. Keep in mind this assumes you're using "host-only" networking on all VMs used for the lab:
- Kali - 10.0.0.11
- Windows 7 - 10.0.0.12
- Windows 2003 - 10.0.0.13
- Windows 2000 - 10.0.0.14
- Metasploiable - 10.0.0.15
- DVL 1.5 - 10.0.0.16
- Others - 10.0.0.17-20

Procedures

Install VMWare Workstation or Fusion

On your host operating system, install the necessary VMWare software.

1. For host systems running Mac OSX you should install Fusion version 8 (although 5, 6, or 7 will work just fine if you already have this installed)

2. For host systems running Microsoft Windows XP, 7, or 8 you should install VMWare Workstation 11 or 12 (although previous versions will work as well if you already have these installed)

3. Follow the prompts to complete the VMWare install - pretty straight forward and installs on all modern operating systems without a hitch

4. Google any errors you get - now or later one - and there is a very high chance that the solution is posted to the VMWare user forum or tech support pages. One thing to note if you plan to install a 64-bit guest OS and your using an Intel processor then you may need to enable VT support in your system's BIOS

Install the Guest OSs For the Attack Systems

You will download and launch or install two (2) different attack platforms as outlined in the Pregame chapter of the Hacker Playbook. One will be Kali Linux and the other will be a Windows 7 attack platform.

Downloading and Installing Kali

1. This one's really easy...use the links on D2L to download the pre-built VM version of Kali 2.0.

2. Unzip, open by double-clicking on the .vmx fil or go to VMWare Workstation/Fusion and Open a VM, point to the unzipped directory and select the Kali VM.

3. Optional Steps (something to consider):

a. Set you network card, processor, and memory for the VM as appropriate for your hardware
b. A general recommendation here would be to give this one the most power, or on par with the Windows 7 system, as you'll be interacting with the attack platforms the most throughout the labs

Installing Windows 7

1. For this one I'd follow the Pregame chapter - but basically create yourself a Windows 7 Pro VM by downloading the ISO/IMG file from the DePaul MSDNAA site and using the wizard within VMWare Workstation or Fusion to install. If I have to explain how to install a MS operating system here you may be in trouble in this course.

2. If you have a VM of Windows 7 that is already built (for example, you took SE529/CNS297 last quarter) and think the VM you built will work as your attack platform then you're already done with this step.

3. Set your hardware options (memory, cores, disk space) as you see fit.

Download and Install the Vulnerable VMs

We are obviously going to need vulnerable systems to attack during the labs. You will need a total of four (4) vulnerable virtual machines to start. Windows 2000 Server and Windows 2003 Server (downloadable from the link below) and Dame Vulnerable Linux and Metasploitable, also downloadable from the links in their respective sections below.

Downloading the Vulnerable Windows VMs

1. I'm going to attempt to host these and let you download until my provider yells at me. If you'd like to copy these off I'll have a thumb drive with me in class - if you're a DL student and can't download for some reason let me know and we'll figure out a way to get the VMs to you. Downloading is obviously preferred and should be the most expeditious way to get these VMs.

2. To download the VMs (in compressed folders), use an FTP client (FileZilla, CyberDuck, something with a download manager in case you're interrupted in the middle of a transfer).

3. Navigate to ftp.malos-ojos.com (port 21) - make sure you turn off TLS as I have this setup as (yes, an insecure) FTP site. If you leave TLS on by default it will refuse the directory listing. Easiest way to accomplish this is to use FileZilla or Cyberduck and download the configuration file for your software from the D2L site (in Content - Lab Stuff). If you're using FileZilla you need to edit the TLS setting using Site Manager under File, change to insecure FTP only.

4. The username and password are:
a. Username - [email protected]
b. Password - cnszomgp0nies! (that's a zero in the ponies and an "o" as in oh in the zomg)

5. Transfer both compressed folders (Windows 2000 and 2003) to your local system. Transfer times will obviously vary, but with a 50Mbit connection at home I was getting 3.7Mib/sec, or around 6-7 minutes per file to download.

6. Uncompress the folders and store these with your other VM folders.

Install/Launch the Vulnerable Windows VMs

1. It would be in your best interest to keep the hardware specs of these VMs as-is since they are setup to take up minimal processor/memory on your host. You won't be interacting with them that much, so power/speed is not key.

2. From VMWare select Open and point to the Windows 2000 VM folder you downloaded and uncompressed, open the VM. If promoted choose "I Moved It" so it will setup as a new VM on your system.

3. You'll notice there is a Gold snapshot already, which is fine, but I'm going to suggest that you take your own as well after you're setup is complete.

4. You may be prompted to install the latest version of VMWare tools - this is optional. I'd also setup me network connection as "host-only" as by default I have it set to bridged to support a different lab environment.

5. Once you are all setup (a reboot may be necessary) take a Gold snapshot for yourself.

6. Do the same for Windows 2003 - however, I screwed up on this one and it has a
.lck folder and file meaning he VM is locked. Not to worry, you can either delete the lck folder from the directory (along with the New Directory that I put on the FTP site my accident ?) and then power on. Or, power on the VM and select "Take Ownership" and it should work. If not power it off and delete the lck folder and power back on. Also, choose "I Moved It" for this one as well when you boot for the first time.

7. Configure the 2003 VM and again save your own Gold snapshot.

8. Check you network settings - use the guide at the beginning (these two VMs you just launched should be 10.0.0.13 and .14). Make sure you can ping between them, and if not successful troubleshoot your settings. If you have Kali and your Win 7 boxes up as well make sure they can ping/connect as well.

Downloading the Vulnerable Linux VMs

1. The vulnerable Linux VMs (not needed until later in the quarter) will be available from the interwebs for you to download directly from the source. As of the writing of this lab document we will need two (2) Linux VMs - Metasploitable, Damn Vulnerable Linux v1.5, and OWASPBWA.

2. Metasploitable download and install:
a. Get it from here: https://sourceforge.net/projects/metasploitable/files/Metasploitable2/
b. You can use this guide to get it set up if needed - https://www.offensive- security.com/metasploit-unleashed/Requirements
3. Damn Vulnerable Linux v1.5 download and install:

a. Get it from here: https://sourceforge.net/projects/virtualhacking/files/os/dvl/
b. You don't need to install this one as a VM, and the lab associated with this VM will work even if you run it as a live system that is booted from your virtual cd-rom drive from within VMWare.
c. If you really do want to install, some of these steps may come in handy: https://www.computersecuritystudent.com/SECURITY_TOOLS/DVL/less on1/

4. We are also going to use the OWASPBWA VM as a it contains broke web applications for us to test. Download and install:
a. Get it from here: https://sourceforge.net/projects/owaspbwa/files/

Final Thoughts
At the completion of this lab you should have a fully functional lab environment that you will use to conduct most all of the lab assignment this quarter. It is important to not only verify network connectivity between the VMs, but also to take your own Gold snapshots of your VMs as well as have a backup plan (i.e. I'd store a final copy of your environment on removable media or an external drive) in the event you crash and burn at some point during the quarter...that way you can get the environment back up and running quickly.

Reference no: EM131214486

Questions Cloud

The federal gift tax return : The federal gift tax return (Form 709) is generally due. $1,500,000 will pass outright from Grandfather to Grandfather’s grandson, Paul, by virtue of being named as the beneficiary of a bank account in Grandfather's name. Grandfather’s son, John, who..
Compute invested capital, : For this assignment, please do the following: Compute NOPAT, both operating approach and financing approach. Compute invested capital, both operating and financing approach. Compute ROIC and FCF (free cash flow)
Department helicopter lands a swat team : One night, a sheriff's department helicopter lands a SWAT team in the yard of a rural residence suspected of containing a methamphetamine lab.
Peripheral cues that people use to accept or reject messages : In relation to the Elaboration Likelihood Model, Professor Kahn discussed the peripheral cues that people use to accept or reject messages. Which of the following is NOT one of the peripheral cues that she mentioned?
Single host operating system : This lab is to be used if you're setting up your own lab environment (preferred method of performing the labs) on your own system. The instructions also assume you're using a single host operating system and installing multiple guests in VMWare.
Regarding maximum federal estate tax charitable deduction : Which statement is correct regarding the maximum federal estate tax charitable deduction? Which statement is correct with respect to the annual gift tax exclusion of a donor with respect to the donor?
Elaboration likelihood model : In relation to the Elaboration Likelihood Model, Professor Kahn discussed the peripheral cues that people use to accept or reject messages. Which of the following is NOT one of the peripheral cues that she mentioned?
Example of professional standard for educational leaders : Read the article. Process the situation and Respond to the questions in a concise manner.- Provide an example of a Professional Standard for Educational Leaders.
Testamentary trust had distributable net income : The trustee of a testamentary trust had distributable net income of $30,000 on December 31, 2014, the last day of the trust’s income tax year. On March 3, 2015 the trustee made a distribution of all distributable net income on hand as of December 31,..

Reviews

Write a Review

 

Computer Engineering Questions & Answers

  Make a non-gui based java application

make a non-GUI based Java application that calculates weekly pay for an employee. The application should display text that requests the user input the name of the employee, the hourly rate, and the number of hours worked for that week.

  Developing the reports useful for business decisions

Database reports offer us with the capability to further analyze our data and offer it in the format which can be utilized to make the business decisions.

  Explain the impact of the encountered threat

Share an experience in which you or someone you know has encountered one of these threats. express the impact of the encountered threat and how it was resolved.

  Apache http server a competitor to iis is the most well

apache http server a competitor to iis is the most popular web server on the internet hosting about half of the

  Develop a structure chart for segment of the holiday travel

Develop a structure chart for this segment of the Holiday Travel Vehicles system. What type of structure chart have you drawn, a transaction structure or a transform structure? Why?

  What is the degree of membership to the fuzzy set

Draw the graphic for the healthy set, representing the values, healthy and unhealthy and what is the degree of membership to the fuzzy set healthy of person B who has a BMI of 26.2? And to the fuzzy set unhealthy?

  Employeeexception class whose constructor receives a string

build an Employee class with two fields, idNum and hourlyWage. The Employee constructor requires values for both fields. Upon construction, it throw an EmployeeException if the hourlyWage is less than 6.00 or over 50.00. Save the class as Employee..

  Securing system using iptable firewall

Discuss the advantages and disadvantages of firewalls with iptables and make suggestions to overcome the disadvantages in your report - Start the services and ensure that they are available for you to do experiment with IPTable Firewall.

  Write clearly and concisely about introductory information

write a four to fivenbsp page paper in which youdescribe what a relational database is and why relational databases are

  How to create a class named integerset

A set is represented internally as an array of Booleans. Array element a[i] is true if integer "i" is in the set. Array element a[j] is false if integer "j" is not in the set. The no-argument constructor initializes a set to the so-called "empty s..

  Questionexecute a recursive directory traversal as walking

questionexecute a recursive directory traversal. as walking the file tree you will be looking for duplicate files and

  Write a program that reads a sequence of input values

Write a program that reads a sequence of input values and displays a bar chart of the values in data.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd