200 likes | 374 Views
About the Hands-on Lab. Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802. Theory Practice. Learning by Doing. IST 515. Hands-on Labs Folder. Lab User Guide About the Lab Slide. Lab Folder. Objectives.
E N D
About the Hands-on Lab Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802 Theory Practice Learning by Doing IST 515
Hands-on Labs Folder • Lab User Guide • About the Lab Slide Lab Folder
Objectives This module will familiarize you with the following: • The special needs for IA education • Common approaches used in lab design • The challenges faced • Motivations for virtual security lab (VSL) • VSL implementation at UP • How to install “VMware Infrastructure Client”? • How to login to VSL? • The hands-on exercises for this course.
Reading • IST 515, “A Brief Guide for Using VSL.” (Required) • Jorg Keller and Ralf Naues, “Design of a Virtual Computer Security Lab,” Proceedings of Communication, Network, and Information Security (CNIS 2006), 2006. http://pv.fernuni-hagen.de/docs/547-045.pdf • Padman, V. and Memon, N., “Design of A Virtual Laboratory for Information Assurance Education and Research,” Proc. of the 2002 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY (17-19 June 2002). • Summers, W. C., Carlos Martin, B., “Using a Virtual Lab to teach an online Information Assurance Program,” InfoSec CD 2005 (Sept. 2005). • VMWare, Inc. http://vmware.com
The Special Needs for IA Education • Hands-on exerciseis a critical and integrated component of any effective information security education and training program. • Students are expected to experiment withsecurity softwarewithout worry that their experiment may impact other computer systems / students. • Students should be able to evaluate the security of differentoperating systems, attempt to compromise the security of computer systems, and install additionalsecurity mechanismswithout concern that their actions may affect other computers systems / students. • Security hardware (Firewall, IDS); Human factors; Defense-in-depth; Multidisciplinary.
Common Approaches Used • Some instructors require students to complete the exercises using their own computers. • Lab experiences are typically conducted in anisolatedcomputer lab where security problems that may occur are unable to affect other computers on campus. • A common alternative is to develop avirtual networkenvironment using simulators: - Virtual Network System (VNS). - Use virtual machines (VM) to emulate the hardware of different computers in a network. • Virtual Gaming /Simulation (2nd Life)
The Challenges Faced • The number of security related courses are increasing. • The number of students interested in SRA are increasing. • The physical space for security lab remains the same or reduced. • Difficulty in maintaining an isolated security lab to meet classes and students’schedules. • Need to accommodate commuter students. • Need to provide distance-learning education. • Lack of emulators for security hardware
Motivations for VSL • Increasing advanced hands-on learningin networking and security courses (without sacrificing from content). • Making campus computing resources available to commuter studentsfor 7/24. • Providing hands-on learning experiences in a distance learning model. • Reducing lab hardware, software, and maintenance costs, and the need for specialized computer labs. • Providing an agile and secured computing environment.
Virtual Machine / Environment • Virtual machines are software emulations of fully functional operating systems such as Windows XP, Windows Sever 2008, and Linux.
X.2 X.3 X.4 X.6 X.7 X.8 Target Virtual Machines X: 192.168.0 Client Virtual Machines ESX Server vslvc.ist.psu.edu Client Physical Machines VIC
Networking Status • All virtual machines (Targets and clients) are networked together. • You should be able to access target machines/servers without special setting. • You need to turn off the firewall setting in your client machines (note: in Windows Security, located in the Control Panel) in order to communicate with each other and capture their traffic.
Hands-on Practice • Install VMware Infrastructure Client. • Login to the virtual security Lab and your client machines. • Find the IP address of your client machines. • Check the network connection between target and client machines. • Check the network connection between your client machines. • Get to know your virtual security lab environment.
Install VMware Infrastructure Client • Start an Internet browser (e.g., IE Explorer or Firefox). • Enter URL: https://vhol.up.ist.psu.edu/ • Click on the link “Download vSphere Client” to download the VS Client. • Install it on your computer (note: the client only needs to be installed one time). • If you use an earlier version of VI, please uninstall it (uninstall Microsoft Visual J as well if you use a 64 bits OS), delete related files from Program Files directory, reboot the system and then install the newer version.
How to Login to VSL? • Activate VMware Infrastructure client. • Enter the IP address of the virtual network, your Penn State User name and Password. Click the Login button to connect to the network. • Follow the instructions provided in user guide to try the hands-on lab.
Screenshot of virtual environment Power-on Button Depends on which team you were assigned. In this case, it is team 1. Open Console and Inventory are two important menu icons that you need to explore
Login to Virtual Clients • Click on the “Power on” button (green color, located on the top menu bar) to turn on the machine. • Login to the Virtual Win XP. Click on the “Administrator” Logged on button to login; • Login to the Virtual Linux. Enter“administrator” in the text box of User Name and “password” in the Password text box.
How to Access File Server • The IP for the file server is: 192.168.0.2. • Click on the “Start” button and then select the “Run” button to open a dialog box. Enter the IP address of the file sharing server. • Log into the file server using your virtual machine ID and password. You will see two folders: Share and Upload. (For Windows Clients Only) ID: IST515-Pub Password: IST515-Pub
IST 515: Penetration Test Labs • Lab 1: Security Policy. • Lab 2: Footprinting. Whois, Nslookup, Dig, Ping, Traceroute and Sam Spade. • Lab 3: Network Scanning. SuperScan, Netbrute, NMap. • Lab 4: Enumeration. LANguard Network Security Scanner, ENUM, and SNScan. • Lab 5: System Hacking. Password Cracking; spyware, and Metasploit Framework. • Lab 6: Trojan and Backdoor. • Lab 7: Buffer Overflow. • Lab 8: Social Engineering.
Lessons Learned • It allows students to gain hands-on experiences without the need of physically attending labs on campus. • Instructors can use the system in class to enhance teaching and discussion anywhere and anytime. • Assignments can be designed without limited by the available computing resources. • Students are able to experiment with security software without worry that their experiment may impact other computer systems. • Students can evaluate security of different operating systems, attempt to compromise the security of computer systems, and install additional security mechanisms without concern that their actions may affect other computers.
Thank You? Any Question?