Differences between revisions 16 and 42 (spanning 26 versions)
Revision 16 as of 2012-03-22 20:15:25
Size: 3971
Editor: fwoutside
Comment:
Revision 42 as of 2019-05-09 15:55:47
Size: 1566
Editor: scot
Comment:
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:
First of all, you don't need to be here. All the necessary information on this page is linked from the Moodle2 website. That being said, this will contain all the necessary information to complete the labs as assigned in CPTR 427. This page contains the necessary information to complete the labs as assigned in CPTR 427. (Note to admins: This page underwent major revisions on 1/12/2017 – see the previous page for legacy content).
Line 7: Line 7:
== Topics == == Requirements ==
Line 9: Line 9:
 * [[attachment:Lab 01 Virtual Machine Setup.docx]]
 * [[attachment:Lab 02 Symmetric Encryption Tools.docx]]
 * [[attachment:Lab 03 NMAP.docx]]
 * [[attachment:Lab 04 Vulnerability Scanners.docx]]
 * [[attachment:Lab 05 Netstat and TCPDump.docx]]
 * [[attachment:Lab 06 Identity and Email Security.docx]]
 * [[attachment:Lab 07 Kerberos.docx]]
 * [[attachment:Lab 08 Certificate Server - Code Signing and SSL.docx]]
 * [[attachment:Lab 09 Forensics Survey - Wireless Security - War Drive.docx]]
 * [[attachment:Lab 10 IPSec and VPN.docx]]
 * [[attachment:Lab 11 Intrusion Detection.docx]]
 * [[attachment:Lab 12 Firewall.docx]]
 * [[attachment:Lab 13 Windows Group Policies.docx]]
 * [[attachment:Lab 14 Proxy Spam Filter and Smart Host.docx]]
Each lab has elements that must be shown in a video. The following requirements apply to all labs:
Line 24: Line 11:
= Labs Hints =  1. Videos must not be longer than 2 minutes (1 point will be deducted for each 5 seconds over the 2 minute limit).
 1. Videos must include voice over (your voice) talking through the elements required for each lab.
    1. Clearly identify what you part of the requirements you are showing me
    1. Use your mouse to point out specifics
 1. Commandline demos
    1. Pause for at least 2 seconds when you have completed a command on the commandline before you press enter to run it.
    1. Make sure that the whole command is visible at one time.
Line 26: Line 19:
== Lab 01: Getting started with your virtual machines == For recommended tools see ClassesPage.
Line 28: Line 21:
For your '''Windows''' machines you will need to perform the following steps once you have received the virtual machine. == Lab Topics ==
Line 30: Line 23:
 1. Change the password on owner.
 1. Rename your machine (they all come out of the factory with the same name)
 1. Your factory machine has not been activated. You will need a key from MSDNAA to activate your machine.
 1. NOW that you have a key, activate your machine.

For Ubuntu machines...

 1. Change the password on owner.
 2. Rename your machine to your own liking.

== Lab 08: SSL and code signing lab ==

Hints: To get a code signing template to show up on the web page, you need to add it to the templates. Just go into the CA and right click templates and select new.... DO NOT ADD your site to the trusted sites list in windows. This will cause you problems. If at first you don't succeed, close it all and restart IE.

 1. When installing your certificate authority, you should install an enterprise CA.
 1. Click on the server name in IIS Manager, then double click on Server Certificates
 1. Create a certificate request (right hand pannel)
 1. Make sure to fill in your data correctly.

Before you submit the request you need to change the permissions on the Web Server template.

 1. Open Certificate Authority from Administrative Tools
 1. Click the + symbol to expand your CA
 1. Right Click on Certificate Templates and click Manage.
 1. Double Click on "Web Server"
 1. Click the Security Tab and add the "Enroll" permission to Authenticated Users.
 1. Click OK.
 1. Close the Certificate Template Console Window
 1. Restart the certificate service (right click on the CA, All tasks, stop... then start).

Submitting your request to the Enterprise Certificate Authority through the gui will give you an error:

{{{
The request contains no certificate template information. 0x80094801 (-2146875391)

Denied by Policy Module 0x80094801, The request does not contain a certificate template
extension or the Certificate Template request attribute.
}}}

From [[http://pdconsec.net/blogs/davidr/archive/2008/08/13/No_2D00_Certificate_2D00_Template_2D00_In_2D00_Request.aspx|this site]] we found that there is a command line way to specify the certificate:

{{{
certreq -submit -attrib "CertificateTemplate: WebServer" WebServerCertReq.txt
}}}

== Lab 13: Windows NTFS/Share Permissions Lab ==

''RSAT'' (Remote Server Administration Tools) has replaced (somewhat) the Support Tools. At any rate you can get them here:
   * [[http://www.microsoft.com/downloads/details.aspx?FamilyId=9FF6E897-23CE-4A36-B7FC-D52065DE9960&displaylang=en]]
   * [[attachment:Scriptomatic2.exe]]
   * [[attachment:Windows6.0-KB941314-x86_en-US.msu]]
   * [[attachment:rktools.exe]]

''xcacls'' has been replaced by ''Icacls'' in Vista and Windows 2008.
 * [[/Lab01|Lab 01]] Networking basics and virtual machine Setup
 * [[/Lab02|Lab 02]] Firewall and NAT setup
 * [[/Lab03|Lab 03]] Firewall continued and remote access to Kali via RDP
 * [[/Lab03.5|Lab 03.5]] Hardening the OSs.
 * [[/Lab04|Lab 04]] Symmetric encryption
 * [[/Lab05|Lab 05]] VPN setup
 * [[/Lab06|Lab 06]] Wardriving (wireless)
 * [[/Lab07|Lab 07]] IDS/IPS Suricata on pfSense
 * [[/Lab08|Lab 08]] Network and vulnerability scanning
 * [[/Lab09|Lab 09]] Bringing it all together with a dashboard
 * [[/Lab10|Lab 10]] Testing the setup

Network Security Labs

This page contains the necessary information to complete the labs as assigned in CPTR 427. (Note to admins: This page underwent major revisions on 1/12/2017 – see the previous page for legacy content).

Requirements

Each lab has elements that must be shown in a video. The following requirements apply to all labs:

  1. Videos must not be longer than 2 minutes (1 point will be deducted for each 5 seconds over the 2 minute limit).
  2. Videos must include voice over (your voice) talking through the elements required for each lab.
    1. Clearly identify what you part of the requirements you are showing me
    2. Use your mouse to point out specifics
  3. Commandline demos
    1. Pause for at least 2 seconds when you have completed a command on the commandline before you press enter to run it.
    2. Make sure that the whole command is visible at one time.

For recommended tools see ClassesPage.

Lab Topics

  • Lab 01 Networking basics and virtual machine Setup

  • Lab 02 Firewall and NAT setup

  • Lab 03 Firewall continued and remote access to Kali via RDP

  • Lab 03.5 Hardening the OSs.

  • Lab 04 Symmetric encryption

  • Lab 05 VPN setup

  • Lab 06 Wardriving (wireless)

  • Lab 07 IDS/IPS Suricata on pfSense

  • Lab 08 Network and vulnerability scanning

  • Lab 09 Bringing it all together with a dashboard

  • Lab 10 Testing the setup

NetworkSecurity/Lab (last edited 2021-02-17 15:00:38 by scot)