Changes

Jump to: navigation, search

SEC520/labs/Lab 1

8,380 bytes removed, 13:51, 31 January 2018
no edit summary
<ul><li class="toclevel-1"><a href="#Instation_Requirements"><span class="tocnumber">1</span> <span class="toctext">Setup for Labs</span></a><ul><li class="toclevel-2"><a href="#Introduction"><span class="tocnumber">1.1</span> <span class="toctext">Introduction</span></a></li><li class="toclevel-2"><a href="#Objectives"><span class="tocnumber">1.2</span> <span class="toctext">Objectives</span></a></li><li class="toclevel-2"><a href="#Required_Materials_.28Bring_to_All_Labs.29"><span class="tocnumber">1.3</span> <span class="toctext">Required Materials (Bring to All Labs)</span></a></li><li class="toclevel-2"><a href="#Prerequisites"><span class="tocnumber">1.4</span> <span class="toctext">Prerequisites</span></a></li><li class="toclevel-2"><a href="#Linux_Command_Online_Reference"><span class="tocnumber">1.5</span> <span class="toctext">Online Tools and References</span></a></li><li class="toclevel-2"><a href="#Resources_on_the_web"><span class="tocnumber">1.6</span> <span class="toctext">Course Notes</span></a></li></ul></li><li class="toclevel-1"><a href="#Performing_Lab_1"><span class="tocnumber">2</span> <span class="toctext">Performing Lab 1</span></a><ul><li class="toclevel-2"><a href="#Task1"><span class="tocnumber">2.1</span> <span class="toctext">Task #1: Install Kali Linux as Host on Your Hard Disk Pack (notebook or netbook) and Install VirtualBox</span></a></li><li class="toclevel-2"><a href="#Task2"><span class="tocnumber">2.2</span> <span class="toctext">Task #2: Install / Setup Vulnerable Linux OS as a Virtual Machine</span></a></li><li class="toclevel-2"><a href="#Task3"><span class="tocnumber">2.3</span> <span class="toctext">Task #3: Install / Setup Windows 2003 as a Virtual Machine</span></a></li></ul></li><li class="toclevel-1"><a href="#Completing_the_Lab"><span class="tocnumber">3</span> <span class="toctext">Completing the Lab</span></a></li><li class="toclevel-1"><a href="#Preparing_for_Quizzes"><span class="tocnumber">4</span> <span class="toctext">Preparing for Quizzes</span></a></li></ul></td></tr></tbody></table><script type="text/javascript"> if (window.showTocToggle) { var tocShowText = "show"; var tocHideText = "hide"; showTocToggle(); } </script><a name="Installation Requirements" id="Fedora_16_Installation_.28on_Main_Host_-_f16host.29"></a><h1> <span class="mw-headline">Setup for Labs</span></h1><a name="Introduction" id="Introduction"></a><h2> <span class="mw-headline">Introduction</span></h2>
<dl><dd><ul><li>This lab teaches the student how and why attackers break
into systems. For this purpose everyone will be a "victim" in the class
</dd></dl>
<br>
<a name="Objectives" id="Objectives"></a><h2> <span class="mw-headline">Objectives</span></h2>
<ol><li>Install <b>Kali Linux (host)</b> on hard disk pack (or other suitable configuration).</li>
<li>Install Virtual Machine application called <b>VirtualBox</b> on host OS (Kali Linux).</li>
<p><br>
</p>
<a name="Required_Materials_.28Bring_to_All_Labs.29" id="Required_Materials_.28Bring_to_All_Labs.29"></a><h2> <span class="mw-headline">Required Materials</span></h2>
<ul>
<li> <b>SATA Hard Disk in removable disk tray</b> (Note: can use existing Notebook / Netbook with VMware)</li>
<p><br>
</p>
<a name="Prerequisites" id="Prerequisites"></a><h2> <span class="mw-headline">Prerequisites</span></h2>
<ul><li> <b>None</b> (First Lab)
</li></ul>
<p><br>
</p>
<a name="Linux_Command_Online_Reference" id="Linux_Command_Online_Reference"></a><h2> <span class="mw-headline">Online Tools and References</span></h2>
<ul>
<li><a href="[http://www.kali.org/" target="_new">Kali Linux Website</a>]</li> <li><a href="[http://linuxmanpages.com/" target="_new">Online Linux Manpages</a>]<ul> <li><a href="[http://www.unix.com/man-page/Linux/8/adduser/" target="_new">adduser</a>]</li> <li><a href="[http://linuxmanpages.com/man8/visudo.8.php" target="_new">visudo</a>]</li> <li><a href="[http://linuxmanpages.com/man8/rpm.8.php" target="_new">rpm</a>]</li> <li><a href="[http://www.unix.com/man-page/Linux/8/service/" target="_new">/sbin/service</a>]</li>
</ul></li>
<li><a href="[http://www.virtualbox.org/wiki/Documentation" target="_new">VirtualBox Documentation</a>]</li> <li><a href="[http://docs.fedoraproject.org/en-US/Fedora_Core/5/html/Release_Notes/" target="_new">Fedora Core 5 Documentation</a>]</li> <li><a href="[http://technet.microsoft.com/en-us/windowsserver/bb512919.aspx" target="_new">Windows 2003 Server Documentation</a>]</li> <li><a href="[http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ntcmds.mspx?mfr=true" target="_new">Online MS Windows Command Reference</a>]</li>
</ul>
<br><br>
<a name="Resources_on_the_web" id="Resources_on_the_web"></a><h2> <span class="mw-headline">Course Notes</span></h2>
<ul>
<li><a href="[http://zenit.senecac.on.ca/wiki/index.php/SEC520#Course_Resources" target="_new">Required Course Materials</a>]</li>
</ul>
<p><br>
</p>
<a name="Performing_Lab_1" id="Performing_Lab_1"></a><h1> <span class="mw-headline">Performing Lab 1</span></h1><a name="Task1" id="Investigation_1:_How_to_Perform_a_Fedora_DVD_Install_on_Your_Removable_Hard_Drive"></a><h2> <span class="mw-headline">Task #1: Install Kali Linux as Host Server on Your Hard Disk Pack (notebook or netbook) and Install VirtualBox</span></h2>
<br>
There are many toolkits that
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files{{Admon/35px-Important.png" height="35" border="0" width="35"></a></div><div><b>important|Our Labs Assume Using a Removable Hard Disk</b><br>|Although there are several ways to setup your pentration testing system, this lab will assume that you are using a removable hard disk.<br /><br />
Whichever configuration you decide to use, your system MUST allow both the Kali Linux system to be running at the same time as your other vulnerable Windows and Linux operating systems (to conduct penetration testing).
<br><br><b>NOTE:
a future assignment may require the installation of other host and VM
operating system...</b>.
</div></div>}}
<br>
INSTRUCTIONS:
<li>Make certain that you can connect to the Internet (confirm by using a web-broswer)</li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files{{Admon/Caution.png" height="35" border="0" width="35"></a></div><div><b>caution|Caution When Running XWindows as Root</b><br>|It is usually a
"bad idea" to run XWindows as root. Running a graphical environment that
has the privileges as root can cause damamge when users become
accustomed to working in an everyday environment. It is suggested to create a regular user (same one that you added to group admin).<br /><br />
</div></div>|}}
<ol>
<li value="9">You can use the <b>Synaptic Package Manager</b> (graphic tool) or the Linux commands <b>apt-get</b> to install other applications that you wish to use in on your system (eg. different web-browser).</li>
<li>It is recommended NOT to graphically install VirtualBox on your Kali machine. The lab's author has had success with installing VirtualBox (as a .deb file) from the main website.</li>
<li>Download the appropriate VirtualBox .deb file (32/64 bit) from the following link:<br /><a href="[https://www.virtualbox.org/wiki/Downloads" target="_blank">https://www.virtualbox.org/wiki/Downloads</a> ] <br /><br /></li>
<li>After the file has downloaded, open a Linux shell, go to the directory containing the downloaded file Issue the following command as root:</li>
</p>
<br><br>
<a name="Task2" d="Investigation_2:_How_many_file_packages_and_files_are_installed_on_the_system.3F"></a><h2> <span class="mw-headline">Task #2: Install / Setup Vulnerable Linux OS as a Virtual Machine</span></h2>
<p><br>
</p><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http:{{Admon//zenit.senecac.on.ca/wiki/index.php/File:Idea.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Idea.png" height="35" border="0" width="35"></a></div><div><b>tip|Other Vulnerable Linux Distributions</b><br>|Although we will be
using an outdate version of Fedora Linux, there are other Linux
distributions of Linux that are designed with security flaws for
penetration testing. An example would be <b>DVL</b> (<i>Damn Vulnerable Linux</i>). For interest, here is a link to download and install DVL:<br> <a href="[http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/">http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/</a>].</div></div>|}}
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http:{{Admon//zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div><div><b>important|Testing Vulnerable Operating Systems</b><br>|Since this course
will be exploring security issues with operating systems, weak or
"outdated" operating systems are preferred. This seems to run against
our nature to update an operating system immediately after an
installation. <b>You are allowed to update your host OS, but do NOT run updates on the vulnerable OS (Virtual Machines)</b>. You will update (or "harden") those vulnerable operating systems in later labs...
</div></div>}}
INSTRUCTIONS:
<ol>
<li>In your regular account, run a graphical X-Windows session.</li>
<li>Obtain and burn in the image of Fedora Core 5 onto a bootable DVD. <br><br>Here is a link to a downloadable source: <a href="[http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/i386/iso/FC-5-i386-DVD.iso">http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/i386/iso/FC-5-i386-DVD.iso</a>]<br>( Refer to <a href="[http://zenit.senecac.on.ca/wiki/index.php/SEC520#Supplies_Checklist_.28Required_for_Second_Class.29" target="_new">Required Materials</a>])<br><br></li>
<li>Insert the <b>Vulnerable Linux (FC5)</b> installation DVD into the DVD Drive.</li>
<li>From the <b>Applications</b> menu, select <b>System Tools</b>, then select <b>Oracle VM VirtualBox</b>.</li>
<li>Double-click on the VM called <b>Vulnerable Linux</b> in order to install that version of Linux from the CD drive.</li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http:{{Admon//zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div><div><b>important|Auto Capture Keyboard Shortcut Keys</b><br>|There are a number of
methods to focus the keyboard and mouse on the Virtual Machine (VM) as
opposed to the host machine. The user can accept the default key <b>&lt;right ctrl&gt;</b> to act as a capture toggle-switch.
</div></div>}}
<ol>
<li value="13">Accept the defaults in the <b>Anaconda installation wizard</b>,
</ul></li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http:{{Admon//zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div><div><b>important|Cannot Connect to Internet When Booting from Other Machines</b><br>|
Since you are using an older version of Linux (Fedora Core 5) there is an annoying "connectivity issue" if you have booted from different machines (MAC ADDRESSES). Here is a suggested solution:<br /><ol><li>In a shell issue the command <b>ifconfig</b> and check if ethX like devices are listed.</li><li>login as root by issuing the command: <b>su -- </b>(and enter root password).</li><li>Issue the command <b>dhclient</b></li><li>Verify recognized ethernet device by using <i>ifconfig</i> command.</li>
</ol>
</div></div><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;">}}<div style="float: left; margin-left: -40px;"><a href="http:{{Admon//zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div><div><b>important|Installing telnet-server</b><br>|It may be difficult to simply
install applications from repositories for unsupported Linux
distributions (like Fedora Core 5). Instead, perform the following steps:<ol type="a"><li> Download the rpm packages for <b>telnet-server </b>and <b>xinted</b> by clicking on the following links:<br /><a href="[http://rpm.pbone.net/index.php3/stat/4/idpl/16682910/dir/fedora_5/com/telnet-server-0.17-35.2.1.i386.rpm.html">Telnet Server Download Page</a> ] (select a download mirror)<br /><a href="[http://rpm.pbone.net/index.php3/stat/4/idpl/16683039/dir/fedora_5/com/xinetd-2.3.13-6.2.1.i386.rpm.html">xinetd Dependency Download Page</a> ] (select a download mirror).</li><li>Change directory to where files were downloaded.</li><li>Install the <b>xinetd</b> dependency first, then the <b>telnet-server</b> program by using <b>rpm -i &lt;packagename&gt; </b>(you can ignore warnings. If you can't install due to public key issues, you can download public keys from the following site: <a href="[http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/" target="_blank">http://dl.fedoraproject.org/pub/archive/fedora/linux/core/5/</a>].</li><li>Issue the command: <b>/sbin/chkconfig telnet on</b> to start the telnet server.</li></ol><br />
After installing telnet-server, edit the file <b>/etc/xinetd.d/telnet</b> and change to "no" for disable. Then you need to reload xinetd by issuing the command: <b>/sbin/service xinetd reload</b><br /><br />You should become familiar with the <code>/sbin/service</code> , <code>/sbin/chkconfig</code> , and <code>/usr/sbin/sestatus</code> to set services, and to provide information to instructor for lab sign-off.
</div></div>}}
<ol>
<li value="14">Complete remaining screens to start installation - the installation process should take approximately 30 minutes to complete.</li>
<a name="Task3" d="Investigation_2:_How_many_file_packages_and_files_are_installed_on_the_system.3F"></a><h2> <span class="mw-headline">Task #3: Install / Setup Windows 2003 Server as a Virtual Machine</span></h2>
<p><br>
</p><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http:{{Admon//zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div><div><b>important|DO NOT Install Service Packs (Beyond Service Pack 1) On Windows 2003 Server</b><br>|Since
this course will be exploring security issues with the Windows
operating systems, do not update your Window 2003 Server's OS. We will
be exploiting this less-secure OS, then later "harden" this OS from
attacks.
</div></div>}}
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http://zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files{{Admon/35px-Important.png" height="35" border="0" width="35"></a></div><div><b>important|Do Not Accept Default Computer Name (Use smaller name)</b><br>|
Make certain NOT to accept the default computer name. Use a smaller
name (like three letters), otherwise, the telnet server package will NOT
be installed by default (needs to be less than 15 characters).
</div></div>}}
INSTRUCTIONS:
<ol>
<li>Obtain an installation CD of <b>Windows 2003 Server</b> (refer to <a href="[http://zenit.senecac.on.ca/wiki/index.php/SEC520#Supplies_Checklist_.28Required_for_Second_Class.29" target="_new">Required Materials</a>]).</li>
<li>Create another Virtual Machine (<b>20 GB</b>) to be called <b>Vulnerable Windows</b>.</li>
<li>Install <b>Windows Server 2003 (Enterprise Edition)</b> on an <b>NTFS</b> partition. Follow similar selections for settings (such as Eastern Time Zone, administrative password) like you did in Task #2.<br><br><br><b>!!! NOTE:
<li><b>NOTE:</b> Select <b>Administration</b>, <b>Services</b>, scroll down the list to <b>Telnet</b>, right-click a select <b>View Properties</b>, enable telent server, <b>Apply</b> settings, and then <b>Start</b> the telent server.</li></ul></li>
<li><b>SSH SERVER</b><ul>
<li><b>NOTE:</b>You can download and install <b>FreeSSH</b> from the following URL:<br /><a href="[http://www.freesshd.com/freeSSHd.exe" >http://www.freesshd.com/freeSSHd.exe</a>].</li></ul></li>
</ol>
</p><div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http:{{Admon//zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div><div><b>important|Verification of Running Services</b><br />|
To verify that services are running, you can select <b>Start</b>, <b>Administration</b>, <b>Services</b>.<br /><br /><b>Note:</b> To view that SSH service is running, select the <b>On Demand</b> services tab.
</div></div>|}}
<ol>
<li value="9">Verify that all the above-mentioned services are running.</li>
</ol>
<div class="messagebox" style="background-color: #f9f6b7; border: 1px solid #c4c295; color: black; padding: 5px; margin: 1ex 0; min-height: 35px; padding-left: 45px;"><div style="float: left; margin-left: -40px;"><a href="http:{{Admon//zenit.senecac.on.ca/wiki/index.php/File:Important.png" class="image" title="Important.png"><img alt="" src="SEC520_Lab_1_files/35px-Important.png" height="35" border="0" width="35"></a></div><div><b>important|Register (Activate) Windows Server / Connectivity Issues</b><br />|
You have 30 days to register your Windows 2003 Server. If you are experiencing connectivity issues to register your Windows 2003 Server, you can power-off Windows 2003 Server, go to<b> Virtual Box main window</b> (for your <b>Vulnerable Windows</b> server), select in the menu <b>Settings</b>, choose the <b>Network</b>tab, and change to <b>Bridged Connection</b> for the appropriate network card. When you start your Windows 2003 Server and login as <b>Administrator</b>, then you should be able to register your copy of Windows 2003 Server...
</div></div>|}}
<ol>
<a name="Completing_the_Lab" id="Completing_the_Lab"></a><h1> <span class="mw-headline"> Completing the Lab </span></h1>
<p><b>Arrange evidence for each of these items on your screen, then ask
your instructor to review them and sign off on the lab's completion:</b>
<p><br>
</p>
<a name="Preparing_for_Quizzes" id="Preparing_for_Quizzes"></a><h1> <span class="mw-headline"> Preparing for Quizzes </span></h1>
<ol>
Retrieved from "https://wiki.cdot.senecapolytechnic.ca/wiki/Special:MobileDiff/131178"

Navigation menu