53
edits
Changes
Created page with "<ul> <li class="toclevel-1"><a href="#Instation_Requirements"><span class="tocnumber">1</span> <span class="toctext">Setup for Labs</span></a> <ul> <li class="toclevel-2"><a h..."
<ul>
<li class="toclevel-1"><a href="#Instation_Requirements"><span class="tocnumber">1</span> <span class="toctext">Setup for Labs</span></a>
<ul>
<li class="toclevel-2"><a href="#Introduction"><span class="tocnumber">1.1</span> <span class="toctext">Introduction</span></a></li>
<li class="toclevel-2"><a href="#Objectives"><span class="tocnumber">1.2</span> <span class="toctext">Objectives</span></a></li>
<li class="toclevel-2"><a href="#Required_Materials_.28Bring_to_All_Labs.29"><span class="tocnumber">1.3</span> <span class="toctext">Required Materials (Bring to All Labs)</span></a></li>
<li class="toclevel-2"><a href="#Prerequisites"><span class="tocnumber">1.4</span> <span class="toctext">Prerequisites</span></a></li>
<li class="toclevel-2"><a href="#Linux_Command_Online_Reference"><span class="tocnumber">1.5</span> <span class="toctext">Online Tools and References</span></a></li>
<li class="toclevel-2"><a href="#Resources_on_the_web"><span class="tocnumber">1.6</span> <span class="toctext">Course Notes</span></a></li>
</ul>
</li>
<li class="toclevel-1"><a href="#Performing_Lab_1"><span class="tocnumber">2</span> <span class="toctext">Performing Lab 1</span></a>
<ul>
<li class="toclevel-2"><a href="#Task1"><span class="tocnumber">2.1</span> <span class="toctext">Task #1: Install Kali Linux as Host on Your Hard Disk Pack (notebook or netbook) and Install VirtualBox</span></a></li>
<li class="toclevel-2"><a href="#Task2"><span class="tocnumber">2.2</span> <span class="toctext">Task #2: Install / Setup Vulnerable Linux OS as a Virtual Machine</span></a></li>
<li class="toclevel-2"><a href="#Task3"><span class="tocnumber">2.3</span> <span class="toctext">Task #3: Install / Setup Windows 2003 as a Virtual Machine</span></a></li>
</ul>
</li>
<li class="toclevel-1"><a href="#Completing_the_Lab"><span class="tocnumber">3</span> <span class="toctext">Completing the Lab</span></a></li>
<li class="toclevel-1"><a href="#Preparing_for_Quizzes"><span class="tocnumber">4</span> <span class="toctext">Preparing for Quizzes</span></a></li>
</ul>
</td></tr></tbody></table><script type="text/javascript"> if (window.showTocToggle) { var tocShowText = "show"; var tocHideText = "hide"; showTocToggle(); } </script>
<a name="Installation Requirements" id="Fedora_16_Installation_.28on_Main_Host_-_f16host.29"></a><h1> <span class="mw-headline">Setup for Labs</span></h1>
<a name="Introduction" id="Introduction"></a><h2> <span class="mw-headline">Introduction</span></h2>
<dl><dd><ul><li>This lab teaches the student how and why attackers break
into systems. For this purpose everyone will be a "victim" in the class
as well as a "bad guy". Generally, we try to envision a network server
environment.
</li></ul>
</dd></dl>
<dl><dd><ul><li>Unfortunately, <b>performing penetration system testing on an organization's network without their consent can lead to serious consequences</b>. The college has created a lab that allows students to perform penetration testing in a safe environment - it is called the <b>IFS Lab</b>.
This lab is in heavy demand due to the IFS program, and may not be
available for SEC520 students. Another method to encourage the "safe and
permitted practice of penetration testing at the college" is to have
students host vulnerable operating systems as <b>virtual machines</b> on their host computer system (i.e. Hard Disk Packs).
</li></ul>
</dd></dl>
<dl><dd><ul><li>This lab assumes that you already have the required materials (listed below in the <b>Required Materials</b> section), and are ready to perform this lab.
</li></ul>
</dd></dl>
<br>
<a name="Objectives" id="Objectives"></a><h2> <span class="mw-headline">Objectives</span></h2>
<ol><li>Install <b>Kali Linux (host)</b> on hard disk pack (or other suitable configuration).</li>
<li>Install Virtual Machine application called <b>VirtualBox</b> on host OS (Kali Linux).</li>
<li>Setup and install a <b>vulnerable Linux OS as a Virtual Machine on</b> the host.</li>
<li>Setup and install <b>Windows 2003 Server as a Virtual Machine</b> on the host.
</li></ol>
<p><br>
</p>
<a name="Required_Materials_.28Bring_to_All_Labs.29" id="Required_Materials_.28Bring_to_All_Labs.29"></a><h2> <span class="mw-headline">Required Materials</span></h2>
<ul>
<li> <b>SATA Hard Disk in removable disk tray</b> (Note: can use existing Notebook / Netbook with VMware)</li>
</li><li> <b>Kali Linux Installation DVD</b> (Refer to methods to obtain and burn media in main page).
</li><li> <b>Vulnerable Linux Installation DVD</b> (Refer to methods to obtain and burn media in main page).
</li><li> <b>Windows 2003 Server Installation CD</b> (Refer to methods to obtain and burn media in main page).
</li><li> <b>Lab Logbook (Lab1 Reference Sheet)</b> (to make notes and observations).
</li></ul>
<p><br>
</p>
<a name="Prerequisites" id="Prerequisites"></a><h2> <span class="mw-headline">Prerequisites</span></h2>
<ul><li> <b>None</b> (First Lab)
</li></ul>
<p><br>
</p>
<a name="Linux_Command_Online_Reference" id="Linux_Command_Online_Reference"></a><h2> <span class="mw-headline">Online Tools and References</span></h2>
<ul>
<li><a href="http://www.kali.org/" target="_new">Kali Linux Website</a></li>
<li><a href="http://linuxmanpages.com/" target="_new">Online Linux Manpages</a><ul>
<li><a href="http://www.unix.com/man-page/Linux/8/adduser/" target="_new">adduser</a></li>
<li><a href="http://linuxmanpages.com/man8/visudo.8.php" target="_new">visudo</a></li>
<li><a href="http://linuxmanpages.com/man8/rpm.8.php" target="_new">rpm</a></li>
<li><a href="http://www.unix.com/man-page/Linux/8/service/" target="_new">/sbin/service</a></li>
</ul></li>
<li><a href="http://www.virtualbox.org/wiki/Documentation" target="_new">VirtualBox Documentation</a></li>
<li><a href="http://docs.fedoraproject.org/en-US/Fedora_Core/5/html/Release_Notes/" target="_new">Fedora Core 5 Documentation</a></li>
<li><a href="http://technet.microsoft.com/en-us/windowsserver/bb512919.aspx" target="_new">Windows 2003 Server Documentation</a></li>
<li><a href="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ntcmds.mspx?mfr=true" target="_new">Online MS Windows Command Reference</a></li>
</ul>
<br><br>
<a name="Resources_on_the_web" id="Resources_on_the_web"></a><h2> <span class="mw-headline">Course Notes</span></h2>
<ul>
<li><a href="http://zenit.senecac.on.ca/wiki/index.php/SEC520#Course_Resources" target="_new">Required Course Materials</a></li>
</ul>
<p><br>
</p>
<a name="Performing_Lab_1" id="Performing_Lab_1"></a><h1> <span class="mw-headline">Performing Lab 1</span></h1>
<a name="Task1" id="Investigation_1:_How_to_Perform_a_Fedora_DVD_Install_on_Your_Removable_Hard_Drive"></a><h2> <span class="mw-headline">Task #1: Install Kali Linux as Host Server on Your Hard Disk Pack (notebook or netbook) and Install VirtualBox</span></h2>
<br>
There are many toolkits that
are avaible for individuals to help "harden" their computer systems...<br /><br />
Examples include: <b>Live Hacking CD</b>, <b>Samurai Web Testing Framework</b>,
<b>Organizational Systems Wireless Assistant.</b>, <b>Ardius</b>, <b>Operator</b>", etc. There are even distributions for the <b>Raspberry Pi</b> (although we need to have a pen testing solution support virtual machines for this course).
<br><br>
TE:
Make certain NOT to accept the default computer name. Use a smaller
name (like three letters), otherwise, the telnet server package will NOT
be installed by default
One tookit that contained many of the penetration-testing tools taught in this course was <b>BackTrack</b>. BackTrack is a specialized distribution based on Ubuntu. A newer distribution called <b>Kali Linux</b> is a newer and more complete build of Linux Backtrack using Debian (i.e. Kali is "BackTrack 6"). There is a noticeable improvement which includes fixes to "broken packages" (less hassle to the student to setup and use), as well as better wireless support, and better flexibility for customization.<br /><br /><b>We will be using Kali Linux for this semester...</b><br /><br />
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Our Labs Assume Using a Removable Hard Disk</b><br>Although there are several ways to setup your pentration testing system, this lab will assume that you are using a removable hard disk.<br /><br />
Whichever configuration you decide to use, your system MUST allow both the Kali Linux system to be running at the same time as your other vulnerable Windows and Linux operating systems (to conduct penetration testing).
<br><br><b>NOTE:
It is recommended NOT to use all disk space for the host machine, since
a future assignment may require the installation of other host and VM
operating system...</b>.
</div>
</div>
<br>
INSTRUCTIONS:
<ol>
<li><b>Use your Hard Disk Pack solely for this course: Do not share the
contents with this diskpack with any other courses that you are taking</b>.
Remember: this is a course dealing with "Internet Security" which means
that you could lose your work if you do something wrong.</li>
<li>Obtain the <b>Kali Linux installation media</b> (eg. DVD, USB Stick).</li>
<li>Insert your Hard Disk Pack and Kali Linux CD into your lab machine.</li>
<li>Boot your lab machine, and at the BIOS display, press <b>F10</b> (password: <b>ENTER</b>) and then select <b>the CD/DVD drive containing the Kali Linux install media</b> for boot selection.
</li><li>Select the first <b>INSTALL</b> option in the Kali Linux startup menu.</li>
<li>Accept the recommended or default selections during the install. Remember to write down any passwords (do not forget them!). You may want to (when prompted) add a non-existent username to the administrator's group that you can add later to have admin access.</li>
<li>When you have completed your install, remove the installation media, restart your Kali Linux machine.</li>
<li>Make certain that you can connect to the Internet (confirm by using a web-broswer)</li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/Caution.png" height="35" border="0" width="35"></a></div>
<div><b>Caution When Running XWindows as Root</b><br>It is usually a
"bad idea" to run XWindows as root. Running a graphical environment that
has the privileges as root can cause damamge when users become
accustomed to working in an everyday environment. It is suggested to create a regular user (same one that you added to group admin).<br /><br />
</div>
</div>
<ol>
<li value="9">You can use the <b>Synaptic Package Manager</b> (graphic tool) or the Linux commands <b>apt-get</b> to install other applications that you wish to use in on your system (eg. different web-browser).</li>
<li>It is recommended NOT to graphically install VirtualBox on your Kali machine. The lab's author has had success with installing VirtualBox (as a .deb file) from the main website.</li>
<li>Download the appropriate VirtualBox .deb file (32/64 bit) from the following link:<br /><a href="https://www.virtualbox.org/wiki/Downloads" target="_blank">https://www.virtualbox.org/wiki/Downloads</a> <br /><br /></li>
<li>After the file has downloaded, open a Linux shell, go to the directory containing the downloaded file Issue the following command as root:</li>
</ol>
<pre>
gdebi [filename]
</pre>
<ol>
<li value="13">Make appropriate selections to have VirtualBox application installed.</li>
<li>Start the VirtualBox application. If the appliation does not appear in any of the menus, simply run the <b>virtualbox</b> command in root in a shell terminal.</li>
<li>Proceed to Task #2</li>
</ol>
<p><b>Answer the Task #1 observations / questions in your lab log book.</b>
</p>
<br><br>
<a name="Task2" d="Investigation_2:_How_many_file_packages_and_files_are_installed_on_the_system.3F"></a><h2> <span class="mw-headline">Task #2: Install / Setup Vulnerable Linux OS as a Virtual Machine</span></h2>
<p><br>
</p><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Idea.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Idea.png" height="35" border="0" width="35"></a></div>
<div><b>Other Vulnerable Linux Distributions</b><br>Although we will be
using an outdate version of Fedora Linux, there are other Linux
distributions of Linux that are designed with security flaws for
penetration testing. An example would be <b>DVL</b> (<i>Damn Vulnerable Linux</i>). For interest, here is a link to download and install DVL:<br> <a href="http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/">http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/</a>.
</div>
</div>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Testing Vulnerable Operating Systems</b><br>Since this course
will be exploring security issues with operating systems, weak or
"outdated" operating systems are preferred. This seems to run against
our nature to update an operating system immediately after an
installation. <b>You are allowed to update your host OS, but do NOT run updates on the vulnerable OS (Virtual Machines)</b>. You will update (or "harden") those vulnerable operating systems in later labs...
</div>
</div>
INSTRUCTIONS:
<ol>
<li>In your regular account, run a graphical X-Windows session.</li>
<li>Obtain and burn in the image of Fedora Core 5 onto a bootable DVD. <br><br>Here is a link to a downloadable source: <a href="http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/i386/iso/FC-5-i386-DVD.iso">http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/i386/iso/FC-5-i386-DVD.iso</a><br>
( Refer to <a href="http://zenit.senecac.on.ca/wiki/index.php/SEC520#Supplies_Checklist_.28Required_for_Second_Class.29" target="_new">Required Materials</a>)<br><br></li>
<li>Insert the <b>Vulnerable Linux (FC5)</b> installation DVD into the DVD Drive.</li>
<li>From the <b>Applications</b> menu, select <b>System Tools</b>, then select <b>Oracle VM VirtualBox</b>.</li>
<li>Click on the <b>New</b> buttoni, and click on <b>Next</b> to proceed.</li>
<li>Enter a name for the Vulnerable Linux system (we will refer to the name of <b>Vulnerable Linux System</b> for the duration of these labs. Make certain that the <b>OS Type</b> is <b>Linux</b>, and the <b>Version</b> is <b>Linux 2.6</b>, and then click on <b>Next</b> to proceed.</li>
<li>Accept the default Base memory size, and click <b>Next</b> to proceed.</li>
<li>Accept all defaults for the <b>Virtual Hard Disk</b> screen, and click <b>Next</b> two times to proceed.</li>
<li>Accept the default <b>Storage Type</b> (i.e. "Dynamically expanding storage"), and proceed to the next screen.</li>
<li>In the <b>Virtual Disk Location and Size</b>, accept the default name, and set the <b>Size</b> of the Partition to <b>10 GB</b> and proceed to the final screen.</li>
<li>In the <b>Summary</b> screen, verify the information, and click <b>Finish</b> to finish the VM setup.</li>
<li>Double-click on the VM called <b>Vulnerable Linux</b> in order to install that version of Linux from the CD drive.</li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Auto Capture Keyboard Shortcut Keys</b><br>There are a number of
methods to focus the keyboard and mouse on the Virtual Machine (VM) as
opposed to the host machine. The user can accept the default key <b><right ctrl></b> to act as a capture toggle-switch.
</div>
</div>
<ol>
<li value="13">Accept the defaults in the <b>Anaconda installation wizard</b>,
but overide for Eastern Timezone. Select and remember a suitable root
password. In the software packages section to include, select <b>Web Server</b>. In addition, select the <b>Customize</b> (i.e. <i>Customize Now</i>, and make the following package selections:<ul>
<li><b>FTP Server</b></li>
<li><b>Mail Server</b></li>
<li><b>Network Servers</b></li>
<li><b>Server Configuration Tools</b></li>
</ul></li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Cannot Connect to Internet When Booting from Other Machines</b><br>
Since you are using an older version of Linux (Fedora Core 5) there is an annoying "connectivity issue" if you have booted from different machines (MAC ADDRESSES). Here is a suggested solution:<br /><ol><li>In a shell issue the command <b>ifconfig</b> and check if ethX like devices are listed.</li><li>login as root by issuing the command: <b>su -- </b>(and enter root password).</li><li>Issue the command <b>dhclient</b></li><li>Verify recognized ethernet device by using <i>ifconfig</i> command.</li>
</ol>
</div>
</div>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Installing telnet-server</b><br>It may be difficult to simply
install applications from repositories for unsupported Linux
distributions (like Fedora Core 5). Instead, perform the following steps:<ol type="a"><li> Download the rpm packages for <b>telnet-server </b>and <b>xinted</b> by clicking on the following links:<br /><a href="http://rpm.pbone.net/index.php3/stat/4/idpl/16682910/dir/fedora_5/com/telnet-server-0.17-35.2.1.i386.rpm.html">Telnet Server Download Page</a> (select a download mirror)<br /><a href="http://rpm.pbone.net/index.php3/stat/4/idpl/16683039/dir/fedora_5/com/xinetd-2.3.13-6.2.1.i386.rpm.html">xinetd Dependency Download Page</a> (select a download mirror).</li><li>Change directory to where files were downloaded.</li><li>Install the <b>xinetd</b> dependency first, then the <b>telnet-server</b> program by using <b>rpm -i <packagename> </b>(you can ignore warnings. If you can't install due to public key issues, you can download public keys from the following site: <a href="http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/" target="_blank">http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/</a>.</li><li>Issue the command: <b>/sbin/chkconfig telnet on</b> to start the telnet server.</li></ol><br />
After installing telnet-server, edit the file <b>/etc/xinetd.d/telnet</b> and change to "no" for disable. Then you need to reload xinetd by issuing the command: <b>/sbin/service xinetd reload</b><br /><br />You should become familiar with the <code>/sbin/service</code> , <code>/sbin/chkconfig</code> , and <code>/usr/sbin/sestatus</code> to set services, and to provide information to instructor for lab sign-off.
</div>
</div>
<ol>
<li value="14">Complete remaining screens to start installation - the installation process should take approximately 30 minutes to complete.</li>
<li>After reboot, the <b>Setup Agent</b> wizard will allow the user to make selections.
</li><li> Make certain to <b>DISABLE the Firewall</b> and <b>DISABLE SELinux</b></li>
<li>Create an <b>unprivileged user (remember the password)</b>.</li>
<li>Accept all other defaults and allow the system to reboot for changed to take effect.</li>
<li>After reboot, verify that you can login, make the menu selections <b>System</b>, <b>Administration</b>, <b>Server Settings</b>, <b>Services</b> (or issue the command <b>system-config-services</b> to graphically activate and verify all each of the following services are running:<ul>
<li>Web (HTTPD) Server</li>
<li>FTP (VSFTP) Server</li>
<li>Mail Server</li>
<li>SSH Server</li>
<li>TELNET Server (located under "On Demand" services)</li>
</ul>
<br>(You can alternatively list service status by issuing the command: <b>/sbin/service --status-all</b>)<br><br <="" li="">
</li><li>Proceed to Task #3</li>
</ol>
<p><b>Answer Task #2 observations / questions in your lab log book.</b>
</p><p><br>
</p>
<a name="Task3" d="Investigation_2:_How_many_file_packages_and_files_are_installed_on_the_system.3F"></a><h2> <span class="mw-headline">Task #3: Install / Setup Windows 2003 Server as a Virtual Machine</span></h2>
<p><br>
</p><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>DO NOT Install Service Packs (Beyond Service Pack 1) On Windows 2003 Server</b><br>Since
this course will be exploring security issues with the Windows
operating systems, do not update your Window 2003 Server's OS. We will
be exploiting this less-secure OS, then later "harden" this OS from
attacks.
</div>
</div>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>
Do Not Accept Default Computer Name (Use smaller name)</b><br>
Make certain NOT to accept the default computer name. Use a smaller
name (like three letters), otherwise, the telnet server package will NOT
be installed by default (needs to be less than 15 characters).
</div>
</div>
INSTRUCTIONS:
<ol>
<li>Obtain an installation CD of <b>Windows 2003 Server</b> (refer to <a href="http://zenit.senecac.on.ca/wiki/index.php/SEC520#Supplies_Checklist_.28Required_for_Second_Class.29" target="_new">Required Materials</a>).</li>
<li>Create another Virtual Machine (<b>20 GB</b>) to be called <b>Vulnerable Windows</b>.</li>
<li>Install <b>Windows Server 2003 (Enterprise Edition)</b> on an <b>NTFS</b> partition. Follow similar selections for settings (such as Eastern Time Zone, administrative password) like you did in Task #2.<br><br><br><b>!!! NOTE:
Make certain NOT to accept the default computer name. Use a smaller
name (like three letters), otherwise, the telnet server package will NOT
be installed by default</b><br><br></li>
<li>Choose <b>Application Server</b> as one of the packages.</li>
<li>Complete the other defaults, and allow the system to reboot.</li>
<li>Upon boot-up, similate pressing the <b><ctrl><alt><del></b> keys by selecting in the Virtual Box Window menu: <b>Machine</b>, then selecting <b>Insert Ctrl-Alt-Del</b> in order to allow the login screen to appear.</li>
<li>At the Windows <b>Server Post-Setup Updates</b> screen, do <b><u>NOT</u></b> perform any updates, and proceed with exiting the screen.</li>
<li>You will proceed to a <b>Windows Server Post-Setup Wizard</b> to help manage your server (like installing services or roles). <b>Make certain that the following wizard settings (or roles) have been added to your Windows server Virtual Machine</b> (for later exploitation):
<ul>
<li><b>NO Updates / NO Automatic Updates</b></li>
<li>In the <b>Manage Your Server</b> section, make the following selections (add roles):<ul>
<li><b>IIS</b><ul><li><b>NOTE:</b> Select <b>Administration</b>, <b>Add Software</b>, view existing services, select <b>IIS</b>, click <b>Details</b>, and then select <b>FTP</b> server.</li></ul></li>
<li><b>SMTP SERVER</b></li>
<li><b>TELNET SERVER</b><ul>
<li><b>NOTE:</b> Select <b>Administration</b>, <b>Services</b>, scroll down the list to <b>Telnet</b>, right-click a select <b>View Properties</b>, enable telent server, <b>Apply</b> settings, and then <b>Start</b> the telent server.</li></ul></li>
<li><b>SSH SERVER</b><ul>
<li><b>NOTE:</b>You can download and install <b>FreeSSH</b> from the following URL:<br /><a href="http://www.freesshd.com/freeSSHd.exe" >http://www.freesshd.com/freeSSHd.exe</a>.</li></ul></li>
</ol>
</p><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Verification of Running Services</b><br />
To verify that services are running, you can select <b>Start</b>, <b>Administration</b>, <b>Services</b>.<br /><br /><b>Note:</b> To view that SSH service is running, select the <b>On Demand</b> services tab.
</div>
</div>
<ol>
<li value="9">Verify that all the above-mentioned services are running.</li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Register (Activate) Windows Server / Connectivity Issues</b><br />
You have 30 days to register your Windows 2003 Server. If you are experiencing connectivity issues to register your Windows 2003 Server, you can power-off Windows 2003 Server, go to<b> Virtual Box main window</b> (for your <b>Vulnerable Windows</b> server), select in the menu <b>Settings</b>, choose the <b>Network</b>tab, and change to <b>Bridged Connection</b> for the appropriate network card. When you start your Windows 2003 Server and login as <b>Administrator</b>, then you should be able to register your copy of Windows 2003 Server...
</div>
</div>
<ol>
<li value="10">Make certain that <b>Firewall is DISABLED</b>.</li>
</ul></li>
</ul>
</li>
<li>Proceed to "Completing the Lab".</li>
</ol>
<p><b>Answer Task #3 observations / questions in your lab log book.</b>
</p><p><br>
</p>
<a name="Completing_the_Lab" id="Completing_the_Lab"></a><h1> <span class="mw-headline"> Completing the Lab </span></h1>
<p><b>Arrange evidence for each of these items on your screen, then ask
your instructor to review them and sign off on the lab's completion:</b>
</p>
<ol>
<li>Booted Kali Linux (host) with running Vulnerable Linux (VM) and Vulnerable Windows 2003 Server (VM).</li>
<li>Proof of following installed servers, applications, or settings on your vulneable Linux System:
<ul>
<li>FTP, SMTP, Web Server, SSH Server, TELNET, NO Firwall is running, SELinux is disabled</li>
</ul>
</li>
<li>Proof of following installed servers, applications, or settings on your vulnerable Window 2003 Server:
<ul>
<li>NTFS Partitions, IIS, SSH Server, TELNET, NO Firewall is running</li>
</ul>
</li>
<li>Completed Lab 1 notes.</li>
</ol>
<p><br>
</p>
<a name="Preparing_for_Quizzes" id="Preparing_for_Quizzes"></a><h1> <span class="mw-headline"> Preparing for Quizzes </span></h1>
<ol>
<li>Briefly list the steps to setup a computer system to practice
penetration testing (for a Linux and Windows machine) on your own
(without having to test another organization's computer system and
seeking their approval).</li>
<li>Write a Linux command to run Xwindows from a text-based console (assuming that Xwindows has been installed).</li>
<li>Write a Linux command to display the status of all running or non-running services on the system.</li>
<li>Write a Linux command to confirm that the firewall is disabled.</li>
<li>List the steps to add the user called <b>msaul</b> in the sudoer's file in order to run super-user utilities.</li>
<li>Write a Linux command to create an unpriviledged user called <b>user1</b>. You can assume that you are currently logged in a regular user, but you have administration priviledges in the <b>sudoer's file</b>.</li>
<li>List 3 important types of settings to consider when creating a Virtual Machine using a VM application such as VirtualBox.</li>
<li>Write a Linux command to change the password of an existing user.</li>
<li>Write a Linux command to start the SSH server.</li>
<li>Why is it userful to setup a host (with virtual machines) as it relates to penetration testing?</li>
</ol>
<li class="toclevel-1"><a href="#Instation_Requirements"><span class="tocnumber">1</span> <span class="toctext">Setup for Labs</span></a>
<ul>
<li class="toclevel-2"><a href="#Introduction"><span class="tocnumber">1.1</span> <span class="toctext">Introduction</span></a></li>
<li class="toclevel-2"><a href="#Objectives"><span class="tocnumber">1.2</span> <span class="toctext">Objectives</span></a></li>
<li class="toclevel-2"><a href="#Required_Materials_.28Bring_to_All_Labs.29"><span class="tocnumber">1.3</span> <span class="toctext">Required Materials (Bring to All Labs)</span></a></li>
<li class="toclevel-2"><a href="#Prerequisites"><span class="tocnumber">1.4</span> <span class="toctext">Prerequisites</span></a></li>
<li class="toclevel-2"><a href="#Linux_Command_Online_Reference"><span class="tocnumber">1.5</span> <span class="toctext">Online Tools and References</span></a></li>
<li class="toclevel-2"><a href="#Resources_on_the_web"><span class="tocnumber">1.6</span> <span class="toctext">Course Notes</span></a></li>
</ul>
</li>
<li class="toclevel-1"><a href="#Performing_Lab_1"><span class="tocnumber">2</span> <span class="toctext">Performing Lab 1</span></a>
<ul>
<li class="toclevel-2"><a href="#Task1"><span class="tocnumber">2.1</span> <span class="toctext">Task #1: Install Kali Linux as Host on Your Hard Disk Pack (notebook or netbook) and Install VirtualBox</span></a></li>
<li class="toclevel-2"><a href="#Task2"><span class="tocnumber">2.2</span> <span class="toctext">Task #2: Install / Setup Vulnerable Linux OS as a Virtual Machine</span></a></li>
<li class="toclevel-2"><a href="#Task3"><span class="tocnumber">2.3</span> <span class="toctext">Task #3: Install / Setup Windows 2003 as a Virtual Machine</span></a></li>
</ul>
</li>
<li class="toclevel-1"><a href="#Completing_the_Lab"><span class="tocnumber">3</span> <span class="toctext">Completing the Lab</span></a></li>
<li class="toclevel-1"><a href="#Preparing_for_Quizzes"><span class="tocnumber">4</span> <span class="toctext">Preparing for Quizzes</span></a></li>
</ul>
</td></tr></tbody></table><script type="text/javascript"> if (window.showTocToggle) { var tocShowText = "show"; var tocHideText = "hide"; showTocToggle(); } </script>
<a name="Installation Requirements" id="Fedora_16_Installation_.28on_Main_Host_-_f16host.29"></a><h1> <span class="mw-headline">Setup for Labs</span></h1>
<a name="Introduction" id="Introduction"></a><h2> <span class="mw-headline">Introduction</span></h2>
<dl><dd><ul><li>This lab teaches the student how and why attackers break
into systems. For this purpose everyone will be a "victim" in the class
as well as a "bad guy". Generally, we try to envision a network server
environment.
</li></ul>
</dd></dl>
<dl><dd><ul><li>Unfortunately, <b>performing penetration system testing on an organization's network without their consent can lead to serious consequences</b>. The college has created a lab that allows students to perform penetration testing in a safe environment - it is called the <b>IFS Lab</b>.
This lab is in heavy demand due to the IFS program, and may not be
available for SEC520 students. Another method to encourage the "safe and
permitted practice of penetration testing at the college" is to have
students host vulnerable operating systems as <b>virtual machines</b> on their host computer system (i.e. Hard Disk Packs).
</li></ul>
</dd></dl>
<dl><dd><ul><li>This lab assumes that you already have the required materials (listed below in the <b>Required Materials</b> section), and are ready to perform this lab.
</li></ul>
</dd></dl>
<br>
<a name="Objectives" id="Objectives"></a><h2> <span class="mw-headline">Objectives</span></h2>
<ol><li>Install <b>Kali Linux (host)</b> on hard disk pack (or other suitable configuration).</li>
<li>Install Virtual Machine application called <b>VirtualBox</b> on host OS (Kali Linux).</li>
<li>Setup and install a <b>vulnerable Linux OS as a Virtual Machine on</b> the host.</li>
<li>Setup and install <b>Windows 2003 Server as a Virtual Machine</b> on the host.
</li></ol>
<p><br>
</p>
<a name="Required_Materials_.28Bring_to_All_Labs.29" id="Required_Materials_.28Bring_to_All_Labs.29"></a><h2> <span class="mw-headline">Required Materials</span></h2>
<ul>
<li> <b>SATA Hard Disk in removable disk tray</b> (Note: can use existing Notebook / Netbook with VMware)</li>
</li><li> <b>Kali Linux Installation DVD</b> (Refer to methods to obtain and burn media in main page).
</li><li> <b>Vulnerable Linux Installation DVD</b> (Refer to methods to obtain and burn media in main page).
</li><li> <b>Windows 2003 Server Installation CD</b> (Refer to methods to obtain and burn media in main page).
</li><li> <b>Lab Logbook (Lab1 Reference Sheet)</b> (to make notes and observations).
</li></ul>
<p><br>
</p>
<a name="Prerequisites" id="Prerequisites"></a><h2> <span class="mw-headline">Prerequisites</span></h2>
<ul><li> <b>None</b> (First Lab)
</li></ul>
<p><br>
</p>
<a name="Linux_Command_Online_Reference" id="Linux_Command_Online_Reference"></a><h2> <span class="mw-headline">Online Tools and References</span></h2>
<ul>
<li><a href="http://www.kali.org/" target="_new">Kali Linux Website</a></li>
<li><a href="http://linuxmanpages.com/" target="_new">Online Linux Manpages</a><ul>
<li><a href="http://www.unix.com/man-page/Linux/8/adduser/" target="_new">adduser</a></li>
<li><a href="http://linuxmanpages.com/man8/visudo.8.php" target="_new">visudo</a></li>
<li><a href="http://linuxmanpages.com/man8/rpm.8.php" target="_new">rpm</a></li>
<li><a href="http://www.unix.com/man-page/Linux/8/service/" target="_new">/sbin/service</a></li>
</ul></li>
<li><a href="http://www.virtualbox.org/wiki/Documentation" target="_new">VirtualBox Documentation</a></li>
<li><a href="http://docs.fedoraproject.org/en-US/Fedora_Core/5/html/Release_Notes/" target="_new">Fedora Core 5 Documentation</a></li>
<li><a href="http://technet.microsoft.com/en-us/windowsserver/bb512919.aspx" target="_new">Windows 2003 Server Documentation</a></li>
<li><a href="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ntcmds.mspx?mfr=true" target="_new">Online MS Windows Command Reference</a></li>
</ul>
<br><br>
<a name="Resources_on_the_web" id="Resources_on_the_web"></a><h2> <span class="mw-headline">Course Notes</span></h2>
<ul>
<li><a href="http://zenit.senecac.on.ca/wiki/index.php/SEC520#Course_Resources" target="_new">Required Course Materials</a></li>
</ul>
<p><br>
</p>
<a name="Performing_Lab_1" id="Performing_Lab_1"></a><h1> <span class="mw-headline">Performing Lab 1</span></h1>
<a name="Task1" id="Investigation_1:_How_to_Perform_a_Fedora_DVD_Install_on_Your_Removable_Hard_Drive"></a><h2> <span class="mw-headline">Task #1: Install Kali Linux as Host Server on Your Hard Disk Pack (notebook or netbook) and Install VirtualBox</span></h2>
<br>
There are many toolkits that
are avaible for individuals to help "harden" their computer systems...<br /><br />
Examples include: <b>Live Hacking CD</b>, <b>Samurai Web Testing Framework</b>,
<b>Organizational Systems Wireless Assistant.</b>, <b>Ardius</b>, <b>Operator</b>", etc. There are even distributions for the <b>Raspberry Pi</b> (although we need to have a pen testing solution support virtual machines for this course).
<br><br>
TE:
Make certain NOT to accept the default computer name. Use a smaller
name (like three letters), otherwise, the telnet server package will NOT
be installed by default
One tookit that contained many of the penetration-testing tools taught in this course was <b>BackTrack</b>. BackTrack is a specialized distribution based on Ubuntu. A newer distribution called <b>Kali Linux</b> is a newer and more complete build of Linux Backtrack using Debian (i.e. Kali is "BackTrack 6"). There is a noticeable improvement which includes fixes to "broken packages" (less hassle to the student to setup and use), as well as better wireless support, and better flexibility for customization.<br /><br /><b>We will be using Kali Linux for this semester...</b><br /><br />
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Our Labs Assume Using a Removable Hard Disk</b><br>Although there are several ways to setup your pentration testing system, this lab will assume that you are using a removable hard disk.<br /><br />
Whichever configuration you decide to use, your system MUST allow both the Kali Linux system to be running at the same time as your other vulnerable Windows and Linux operating systems (to conduct penetration testing).
<br><br><b>NOTE:
It is recommended NOT to use all disk space for the host machine, since
a future assignment may require the installation of other host and VM
operating system...</b>.
</div>
</div>
<br>
INSTRUCTIONS:
<ol>
<li><b>Use your Hard Disk Pack solely for this course: Do not share the
contents with this diskpack with any other courses that you are taking</b>.
Remember: this is a course dealing with "Internet Security" which means
that you could lose your work if you do something wrong.</li>
<li>Obtain the <b>Kali Linux installation media</b> (eg. DVD, USB Stick).</li>
<li>Insert your Hard Disk Pack and Kali Linux CD into your lab machine.</li>
<li>Boot your lab machine, and at the BIOS display, press <b>F10</b> (password: <b>ENTER</b>) and then select <b>the CD/DVD drive containing the Kali Linux install media</b> for boot selection.
</li><li>Select the first <b>INSTALL</b> option in the Kali Linux startup menu.</li>
<li>Accept the recommended or default selections during the install. Remember to write down any passwords (do not forget them!). You may want to (when prompted) add a non-existent username to the administrator's group that you can add later to have admin access.</li>
<li>When you have completed your install, remove the installation media, restart your Kali Linux machine.</li>
<li>Make certain that you can connect to the Internet (confirm by using a web-broswer)</li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/Caution.png" height="35" border="0" width="35"></a></div>
<div><b>Caution When Running XWindows as Root</b><br>It is usually a
"bad idea" to run XWindows as root. Running a graphical environment that
has the privileges as root can cause damamge when users become
accustomed to working in an everyday environment. It is suggested to create a regular user (same one that you added to group admin).<br /><br />
</div>
</div>
<ol>
<li value="9">You can use the <b>Synaptic Package Manager</b> (graphic tool) or the Linux commands <b>apt-get</b> to install other applications that you wish to use in on your system (eg. different web-browser).</li>
<li>It is recommended NOT to graphically install VirtualBox on your Kali machine. The lab's author has had success with installing VirtualBox (as a .deb file) from the main website.</li>
<li>Download the appropriate VirtualBox .deb file (32/64 bit) from the following link:<br /><a href="https://www.virtualbox.org/wiki/Downloads" target="_blank">https://www.virtualbox.org/wiki/Downloads</a> <br /><br /></li>
<li>After the file has downloaded, open a Linux shell, go to the directory containing the downloaded file Issue the following command as root:</li>
</ol>
<pre>
gdebi [filename]
</pre>
<ol>
<li value="13">Make appropriate selections to have VirtualBox application installed.</li>
<li>Start the VirtualBox application. If the appliation does not appear in any of the menus, simply run the <b>virtualbox</b> command in root in a shell terminal.</li>
<li>Proceed to Task #2</li>
</ol>
<p><b>Answer the Task #1 observations / questions in your lab log book.</b>
</p>
<br><br>
<a name="Task2" d="Investigation_2:_How_many_file_packages_and_files_are_installed_on_the_system.3F"></a><h2> <span class="mw-headline">Task #2: Install / Setup Vulnerable Linux OS as a Virtual Machine</span></h2>
<p><br>
</p><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Idea.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Idea.png" height="35" border="0" width="35"></a></div>
<div><b>Other Vulnerable Linux Distributions</b><br>Although we will be
using an outdate version of Fedora Linux, there are other Linux
distributions of Linux that are designed with security flaws for
penetration testing. An example would be <b>DVL</b> (<i>Damn Vulnerable Linux</i>). For interest, here is a link to download and install DVL:<br> <a href="http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/">http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/</a>.
</div>
</div>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Testing Vulnerable Operating Systems</b><br>Since this course
will be exploring security issues with operating systems, weak or
"outdated" operating systems are preferred. This seems to run against
our nature to update an operating system immediately after an
installation. <b>You are allowed to update your host OS, but do NOT run updates on the vulnerable OS (Virtual Machines)</b>. You will update (or "harden") those vulnerable operating systems in later labs...
</div>
</div>
INSTRUCTIONS:
<ol>
<li>In your regular account, run a graphical X-Windows session.</li>
<li>Obtain and burn in the image of Fedora Core 5 onto a bootable DVD. <br><br>Here is a link to a downloadable source: <a href="http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/i386/iso/FC-5-i386-DVD.iso">http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/i386/iso/FC-5-i386-DVD.iso</a><br>
( Refer to <a href="http://zenit.senecac.on.ca/wiki/index.php/SEC520#Supplies_Checklist_.28Required_for_Second_Class.29" target="_new">Required Materials</a>)<br><br></li>
<li>Insert the <b>Vulnerable Linux (FC5)</b> installation DVD into the DVD Drive.</li>
<li>From the <b>Applications</b> menu, select <b>System Tools</b>, then select <b>Oracle VM VirtualBox</b>.</li>
<li>Click on the <b>New</b> buttoni, and click on <b>Next</b> to proceed.</li>
<li>Enter a name for the Vulnerable Linux system (we will refer to the name of <b>Vulnerable Linux System</b> for the duration of these labs. Make certain that the <b>OS Type</b> is <b>Linux</b>, and the <b>Version</b> is <b>Linux 2.6</b>, and then click on <b>Next</b> to proceed.</li>
<li>Accept the default Base memory size, and click <b>Next</b> to proceed.</li>
<li>Accept all defaults for the <b>Virtual Hard Disk</b> screen, and click <b>Next</b> two times to proceed.</li>
<li>Accept the default <b>Storage Type</b> (i.e. "Dynamically expanding storage"), and proceed to the next screen.</li>
<li>In the <b>Virtual Disk Location and Size</b>, accept the default name, and set the <b>Size</b> of the Partition to <b>10 GB</b> and proceed to the final screen.</li>
<li>In the <b>Summary</b> screen, verify the information, and click <b>Finish</b> to finish the VM setup.</li>
<li>Double-click on the VM called <b>Vulnerable Linux</b> in order to install that version of Linux from the CD drive.</li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Auto Capture Keyboard Shortcut Keys</b><br>There are a number of
methods to focus the keyboard and mouse on the Virtual Machine (VM) as
opposed to the host machine. The user can accept the default key <b><right ctrl></b> to act as a capture toggle-switch.
</div>
</div>
<ol>
<li value="13">Accept the defaults in the <b>Anaconda installation wizard</b>,
but overide for Eastern Timezone. Select and remember a suitable root
password. In the software packages section to include, select <b>Web Server</b>. In addition, select the <b>Customize</b> (i.e. <i>Customize Now</i>, and make the following package selections:<ul>
<li><b>FTP Server</b></li>
<li><b>Mail Server</b></li>
<li><b>Network Servers</b></li>
<li><b>Server Configuration Tools</b></li>
</ul></li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Cannot Connect to Internet When Booting from Other Machines</b><br>
Since you are using an older version of Linux (Fedora Core 5) there is an annoying "connectivity issue" if you have booted from different machines (MAC ADDRESSES). Here is a suggested solution:<br /><ol><li>In a shell issue the command <b>ifconfig</b> and check if ethX like devices are listed.</li><li>login as root by issuing the command: <b>su -- </b>(and enter root password).</li><li>Issue the command <b>dhclient</b></li><li>Verify recognized ethernet device by using <i>ifconfig</i> command.</li>
</ol>
</div>
</div>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Installing telnet-server</b><br>It may be difficult to simply
install applications from repositories for unsupported Linux
distributions (like Fedora Core 5). Instead, perform the following steps:<ol type="a"><li> Download the rpm packages for <b>telnet-server </b>and <b>xinted</b> by clicking on the following links:<br /><a href="http://rpm.pbone.net/index.php3/stat/4/idpl/16682910/dir/fedora_5/com/telnet-server-0.17-35.2.1.i386.rpm.html">Telnet Server Download Page</a> (select a download mirror)<br /><a href="http://rpm.pbone.net/index.php3/stat/4/idpl/16683039/dir/fedora_5/com/xinetd-2.3.13-6.2.1.i386.rpm.html">xinetd Dependency Download Page</a> (select a download mirror).</li><li>Change directory to where files were downloaded.</li><li>Install the <b>xinetd</b> dependency first, then the <b>telnet-server</b> program by using <b>rpm -i <packagename> </b>(you can ignore warnings. If you can't install due to public key issues, you can download public keys from the following site: <a href="http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/" target="_blank">http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/</a>.</li><li>Issue the command: <b>/sbin/chkconfig telnet on</b> to start the telnet server.</li></ol><br />
After installing telnet-server, edit the file <b>/etc/xinetd.d/telnet</b> and change to "no" for disable. Then you need to reload xinetd by issuing the command: <b>/sbin/service xinetd reload</b><br /><br />You should become familiar with the <code>/sbin/service</code> , <code>/sbin/chkconfig</code> , and <code>/usr/sbin/sestatus</code> to set services, and to provide information to instructor for lab sign-off.
</div>
</div>
<ol>
<li value="14">Complete remaining screens to start installation - the installation process should take approximately 30 minutes to complete.</li>
<li>After reboot, the <b>Setup Agent</b> wizard will allow the user to make selections.
</li><li> Make certain to <b>DISABLE the Firewall</b> and <b>DISABLE SELinux</b></li>
<li>Create an <b>unprivileged user (remember the password)</b>.</li>
<li>Accept all other defaults and allow the system to reboot for changed to take effect.</li>
<li>After reboot, verify that you can login, make the menu selections <b>System</b>, <b>Administration</b>, <b>Server Settings</b>, <b>Services</b> (or issue the command <b>system-config-services</b> to graphically activate and verify all each of the following services are running:<ul>
<li>Web (HTTPD) Server</li>
<li>FTP (VSFTP) Server</li>
<li>Mail Server</li>
<li>SSH Server</li>
<li>TELNET Server (located under "On Demand" services)</li>
</ul>
<br>(You can alternatively list service status by issuing the command: <b>/sbin/service --status-all</b>)<br><br <="" li="">
</li><li>Proceed to Task #3</li>
</ol>
<p><b>Answer Task #2 observations / questions in your lab log book.</b>
</p><p><br>
</p>
<a name="Task3" d="Investigation_2:_How_many_file_packages_and_files_are_installed_on_the_system.3F"></a><h2> <span class="mw-headline">Task #3: Install / Setup Windows 2003 Server as a Virtual Machine</span></h2>
<p><br>
</p><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>DO NOT Install Service Packs (Beyond Service Pack 1) On Windows 2003 Server</b><br>Since
this course will be exploring security issues with the Windows
operating systems, do not update your Window 2003 Server's OS. We will
be exploiting this less-secure OS, then later "harden" this OS from
attacks.
</div>
</div>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>
Do Not Accept Default Computer Name (Use smaller name)</b><br>
Make certain NOT to accept the default computer name. Use a smaller
name (like three letters), otherwise, the telnet server package will NOT
be installed by default (needs to be less than 15 characters).
</div>
</div>
INSTRUCTIONS:
<ol>
<li>Obtain an installation CD of <b>Windows 2003 Server</b> (refer to <a href="http://zenit.senecac.on.ca/wiki/index.php/SEC520#Supplies_Checklist_.28Required_for_Second_Class.29" target="_new">Required Materials</a>).</li>
<li>Create another Virtual Machine (<b>20 GB</b>) to be called <b>Vulnerable Windows</b>.</li>
<li>Install <b>Windows Server 2003 (Enterprise Edition)</b> on an <b>NTFS</b> partition. Follow similar selections for settings (such as Eastern Time Zone, administrative password) like you did in Task #2.<br><br><br><b>!!! NOTE:
Make certain NOT to accept the default computer name. Use a smaller
name (like three letters), otherwise, the telnet server package will NOT
be installed by default</b><br><br></li>
<li>Choose <b>Application Server</b> as one of the packages.</li>
<li>Complete the other defaults, and allow the system to reboot.</li>
<li>Upon boot-up, similate pressing the <b><ctrl><alt><del></b> keys by selecting in the Virtual Box Window menu: <b>Machine</b>, then selecting <b>Insert Ctrl-Alt-Del</b> in order to allow the login screen to appear.</li>
<li>At the Windows <b>Server Post-Setup Updates</b> screen, do <b><u>NOT</u></b> perform any updates, and proceed with exiting the screen.</li>
<li>You will proceed to a <b>Windows Server Post-Setup Wizard</b> to help manage your server (like installing services or roles). <b>Make certain that the following wizard settings (or roles) have been added to your Windows server Virtual Machine</b> (for later exploitation):
<ul>
<li><b>NO Updates / NO Automatic Updates</b></li>
<li>In the <b>Manage Your Server</b> section, make the following selections (add roles):<ul>
<li><b>IIS</b><ul><li><b>NOTE:</b> Select <b>Administration</b>, <b>Add Software</b>, view existing services, select <b>IIS</b>, click <b>Details</b>, and then select <b>FTP</b> server.</li></ul></li>
<li><b>SMTP SERVER</b></li>
<li><b>TELNET SERVER</b><ul>
<li><b>NOTE:</b> Select <b>Administration</b>, <b>Services</b>, scroll down the list to <b>Telnet</b>, right-click a select <b>View Properties</b>, enable telent server, <b>Apply</b> settings, and then <b>Start</b> the telent server.</li></ul></li>
<li><b>SSH SERVER</b><ul>
<li><b>NOTE:</b>You can download and install <b>FreeSSH</b> from the following URL:<br /><a href="http://www.freesshd.com/freeSSHd.exe" >http://www.freesshd.com/freeSSHd.exe</a>.</li></ul></li>
</ol>
</p><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Verification of Running Services</b><br />
To verify that services are running, you can select <b>Start</b>, <b>Administration</b>, <b>Services</b>.<br /><br /><b>Note:</b> To view that SSH service is running, select the <b>On Demand</b> services tab.
</div>
</div>
<ol>
<li value="9">Verify that all the above-mentioned services are running.</li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">
<div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div>
<div><b>Register (Activate) Windows Server / Connectivity Issues</b><br />
You have 30 days to register your Windows 2003 Server. If you are experiencing connectivity issues to register your Windows 2003 Server, you can power-off Windows 2003 Server, go to<b> Virtual Box main window</b> (for your <b>Vulnerable Windows</b> server), select in the menu <b>Settings</b>, choose the <b>Network</b>tab, and change to <b>Bridged Connection</b> for the appropriate network card. When you start your Windows 2003 Server and login as <b>Administrator</b>, then you should be able to register your copy of Windows 2003 Server...
</div>
</div>
<ol>
<li value="10">Make certain that <b>Firewall is DISABLED</b>.</li>
</ul></li>
</ul>
</li>
<li>Proceed to "Completing the Lab".</li>
</ol>
<p><b>Answer Task #3 observations / questions in your lab log book.</b>
</p><p><br>
</p>
<a name="Completing_the_Lab" id="Completing_the_Lab"></a><h1> <span class="mw-headline"> Completing the Lab </span></h1>
<p><b>Arrange evidence for each of these items on your screen, then ask
your instructor to review them and sign off on the lab's completion:</b>
</p>
<ol>
<li>Booted Kali Linux (host) with running Vulnerable Linux (VM) and Vulnerable Windows 2003 Server (VM).</li>
<li>Proof of following installed servers, applications, or settings on your vulneable Linux System:
<ul>
<li>FTP, SMTP, Web Server, SSH Server, TELNET, NO Firwall is running, SELinux is disabled</li>
</ul>
</li>
<li>Proof of following installed servers, applications, or settings on your vulnerable Window 2003 Server:
<ul>
<li>NTFS Partitions, IIS, SSH Server, TELNET, NO Firewall is running</li>
</ul>
</li>
<li>Completed Lab 1 notes.</li>
</ol>
<p><br>
</p>
<a name="Preparing_for_Quizzes" id="Preparing_for_Quizzes"></a><h1> <span class="mw-headline"> Preparing for Quizzes </span></h1>
<ol>
<li>Briefly list the steps to setup a computer system to practice
penetration testing (for a Linux and Windows machine) on your own
(without having to test another organization's computer system and
seeking their approval).</li>
<li>Write a Linux command to run Xwindows from a text-based console (assuming that Xwindows has been installed).</li>
<li>Write a Linux command to display the status of all running or non-running services on the system.</li>
<li>Write a Linux command to confirm that the firewall is disabled.</li>
<li>List the steps to add the user called <b>msaul</b> in the sudoer's file in order to run super-user utilities.</li>
<li>Write a Linux command to create an unpriviledged user called <b>user1</b>. You can assume that you are currently logged in a regular user, but you have administration priviledges in the <b>sudoer's file</b>.</li>
<li>List 3 important types of settings to consider when creating a Virtual Machine using a VM application such as VirtualBox.</li>
<li>Write a Linux command to change the password of an existing user.</li>
<li>Write a Linux command to start the SSH server.</li>
<li>Why is it userful to setup a host (with virtual machines) as it relates to penetration testing?</li>
</ol>