Differences between revisions 4 and 24 (spanning 20 versions)
Revision 4 as of 2017-01-12 18:41:58
Size: 2902
Editor: scot
Comment:
Revision 24 as of 2021-01-20 19:58:09
Size: 4837
Editor: scot
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= Lab 01 Virtual Machine (VM) Creation and Network Configuration = = Lab 01 - Virtual Machine (VM) Creation and Network Configuration =
Line 6: Line 6:
 * Configure a network address translation (NAT) firewall using pfSense,
Line 18: Line 17:
 1. Open internet explorer and to to https://samuel.cs.southern.edu
 1. Select VMs (this will show any VMs that currently exist for you).
 1. Select Deploy to deploy a new VM
 1. Click Configure Cloud, and select the name of your cloud (Israel)
 1. Select the pfSense template and click ok.
 1. Click on the Configure Virtual Machine and set the "Virtual Machine Name" to: "CPTE427-'''username'''-pfsense" where you replace '''username''' with your school username. It is unneccesary to give the "computer name" at this time.
 1. Click OK, Click Deploy at the bottom right.
 1. Start the SCVMM from a lab machine.
 1. Find Clouds, Nimbus.
 1. Right Click on Nimbus and select Create New Virtual Machine
 1. Select the pfSense template and click ok, next.
 1. Set the "Virtual Machine Name" to: "CPTR 427-'''username'''-pfsense" where you replace '''username''' with your school username. Click Next... until you get to Add Properties
 1. Select an action to perform automatically when the virtualization server starts: "Turn on the VM if it was running..."
 1. Select Next, Create
Line 27: Line 26:
Repeat the process above for the following VM templates (use the template name below for the Virtual Maqchine Name e.g. "CPTR427-scot-ubuntu": (Optional) Repeat the process above as directed for the following VM templates (use the template name below for the Virtual Maqchine Name e.g. "CPTR427-scot-ubuntu":
Line 29: Line 28:
 1. Ubuntu (Latest LTS)
 1. Windows10
1. WindowsServer (2016)
 1. Ubuntu Desktop
 1. Windows Server (latest core)
 
1. Kali (Latest)
Line 34: Line 33:
After you have created all the virtual machines, see Dr. A and he will configure your NICs with the appropriate VLANs. If your machines have been started, you will need to turn them off at this point. '''''After you have created all the virtual machines, see Dr. A and he will configure your NICs with the appropriate VLANs. If your machines have been started, you will need to turn them off at this point. DO NOT CONTINUE BEYOND THIS POINT UNTIL YOUR NETWORK IS CONFIGURED BY Dr. A or the Student Lab Director (this year Esther)'''''

{{{
As an aside, here are the steps that we will do for you:

1. Add a second non-legacy network adapter to your pfSense box.
2. Connect the second network adapter to the Private VLANs network
3. Enable the VLAN and assign you one see NetworkConfiguration/VlanAssignments for VLAN assignments
4. Set the MAC address to static!
Line 38: Line 45:
{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab01/network.svg}} {{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/network.svg}}
Line 40: Line 47:
This means that you can setup your interior computers. The above image is a big enough hint for you to setup the network for each of the clients. Fill in the settings for each one in the write-up section below. This means that you can setup your interior computers. By default, pfSense sets up a DHCP server, so you shouldn't have to setup any network information on the clients yet.
Line 48: Line 55:
{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-1.png}} {{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-1.png}}
Line 52: Line 59:
{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-2.png}} {{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-2.png}}
Line 56: Line 63:
=== Windows 10 Setup === === Ubuntu 20.04 Desktop Setup ===
Line 58: Line 65:
Bootup the Windows 10 machine and go through the install process. Bootup the Ubuntu Desktop machine and go through the install process. pfSense automatically sets up DHCP, so you should have network access immediately. You can now open a browser, go to https://192.168.1.1 and finish setting up pfsense.

 * User: admin
 * Pass: pfsense

You should be able to use the defaults for now except for the following notable exceptions. Just give your system a name and remember your IP.

 1. Do not block private networks! You may also unblock bogon networks.
 1. I would recommend giving your Ubuntu Desktop a reserved IP. You can do this through the DHCP service.
 1. I would recommend that you install xrdp for remote desktop access to your Ubuntu Desktop
 1. I would recommend that you forward RDP through to your Ubuntu machine so that you don't have to use lab machines to access your VMs all the time.

=== Kali Setup ===

Install Kali linux.

=== Window 2016 ===

Install Windows 2016.

|| Edition || AVMA key ||
|| Datacenter || {{{TMJ3Y-NTRTM-FJYXT-T22BY-CWG3J}}} ||
|| Standard || {{{C3RCX-M6NRP-6CXC9-TW2F2-4RHYD}}} ||
|| Essentials || {{{B4YNW-62DX9-W8V6M-82649-MHBKQ}}} ||


== Write-Up / Show ==

For each system show the following:

 1. You can login (for pfSense use the website all others use IE)
 1. Show me that the system can access the web by bringing up a web page (for pfSense if any other system can access the web, that is proof enough).
 1. For each OS (Windows Desktop, Windows Server, Kali, Metasploit) using commandline only, show me the following:
    1. IP Address, Subnet, Gateway and DNS
    1. Show that DNS works by looking up google.com
    1. Show the arp table.

Lab 01 - Virtual Machine (VM) Creation and Network Configuration

This lab contains information directions and exercises to teach you how to:

  • Setup your VMs (specific to your class)
  • Configure networking on the required VMs behind the firewall
  • Use the commandline to find network information including
    • IP address
    • Hostname
    • DNS information and
    • Gateway all on BSD, Linux and Windows.

Creating the VMs

First we will setup the pfSense VM.

  1. Start the SCVMM from a lab machine.
  2. Find Clouds, Nimbus.
  3. Right Click on Nimbus and select Create New Virtual Machine
  4. Select the pfSense template and click ok, next.
  5. Set the "Virtual Machine Name" to: "CPTR 427-username-pfsense" where you replace username with your school username. Click Next... until you get to Add Properties

  6. Select an action to perform automatically when the virtualization server starts: "Turn on the VM if it was running..."
  7. Select Next, Create
  8. Don't turn on the machine yet! Directions for setting up each machine are given below in the setup section.

(Optional) Repeat the process above as directed for the following VM templates (use the template name below for the Virtual Maqchine Name e.g. "CPTR427-scot-ubuntu":

  1. Ubuntu Desktop
  2. Windows Server (latest core)
  3. Kali (Latest)
  4. Metasploitable (latest).

After you have created all the virtual machines, see Dr. A and he will configure your NICs with the appropriate VLANs. If your machines have been started, you will need to turn them off at this point. DO NOT CONTINUE BEYOND THIS POINT UNTIL YOUR NETWORK IS CONFIGURED BY Dr. A or the Student Lab Director (this year Esther)

As an aside, here are the steps that we will do for you:

1. Add a second non-legacy network adapter to your pfSense box.
2. Connect the second network adapter to the Private VLANs network
3. Enable the VLAN and assign you one see NetworkConfiguration/VlanAssignments for VLAN assignments
4. Set the MAC address to static!

== Network Setup ==

{{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/network.svg}}

This means that you can setup your interior computers. By default, pfSense sets up a DHCP server, so you shouldn't have to setup any network information on the clients yet. 

== Setting up the VMs ==

=== pfSense Setup ===

Start the pfSense VM and allow it to start with defaults. It will eventually ask you for some information like:

{{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-1.png}}

You can answer no to the VLANs question as shown above and then use the first Network Interface Card (NIC) for the WAN and the second NIC for the LAN. It will ask you one more time and you can leave it blank. Answer "y" if you believe that it is correct and it will boot. It should look something like the following:

{{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-2.png}}

If you should reboot at this point, it should not ask you again for configuration information, but come up directly to the screen above. 

=== Ubuntu 20.04 Desktop Setup ===

Bootup the Ubuntu Desktop machine and go through the install process. pfSense automatically sets up DHCP, so you should have network access immediately. You can now open a browser, go to https://192.168.1.1 and finish setting up pfsense. 

 * User: admin 
 * Pass: pfsense

You should be able to use the defaults for now except for the following notable exceptions. Just give your system a name and remember your IP.

 1. Do not block private networks! You may also unblock bogon networks. 
 1. I would recommend giving your Ubuntu Desktop a reserved IP. You can do this through the DHCP service. 
 1. I would recommend that you install xrdp for remote desktop access to your Ubuntu Desktop
 1. I would recommend that you forward RDP through to your Ubuntu machine so that you don't have to use lab machines to access your VMs all the time.

=== Kali Setup ===

Install Kali linux.

=== Window 2016 ===

Install Windows 2016.

|| Edition    || AVMA key ||
|| Datacenter || {{{TMJ3Y-NTRTM-FJYXT-T22BY-CWG3J

||

Standard

C3RCX-M6NRP-6CXC9-TW2F2-4RHYD

Essentials

B4YNW-62DX9-W8V6M-82649-MHBKQ

Write-Up / Show

For each system show the following:

  1. You can login (for pfSense use the website all others use IE)
  2. Show me that the system can access the web by bringing up a web page (for pfSense if any other system can access the web, that is proof enough).
  3. For each OS (Windows Desktop, Windows Server, Kali, Metasploit) using commandline only, show me the following:
    1. IP Address, Subnet, Gateway and DNS
    2. Show that DNS works by looking up google.com
    3. Show the arp table.

NetworkSecurity/Lab/Lab01 (last edited 2021-02-09 15:20:42 by scot)