SlideShare une entreprise Scribd logo

A Simple Laboratory Environment for Real World Offensive Security Education

C
chunkybacon

The document describes a virtual machine-based laboratory environment for teaching practical cybersecurity skills. The environment uses Kali Linux, Metasploitable, and FreeBSD virtual machines. It includes a set of structured labs covering topics like password hacking and network attacks. Future work directions include updating vulnerable systems, adding platforms and devices, and automating grading. The goal is to provide a simple yet effective way to educate students in an authentic offensive security context.

Formation
1  sur  30
Télécharger pour lire hors ligne
Motivation Environment Labs Future Work Summary A Simple Laboratory Environment for Real-World Offensive Security Education Maxim Timchenko David Starobinski Electrical and Computer Engineering Department Boston University SIGCSE’15, March 7, 2015 A Simple Laboratory Environment for Real-World Offensive Security Education 1 / 23
Motivation Environment Labs Future Work Summary Outline 1. Motivation / Goals 2. Environment 3. Labs 4. Future Work A Simple Laboratory Environment for Real-World Offensive Security Education 2 / 23
Motivation Environment Labs Future Work Summary Goals for a Laboratory Environment Must Have • Security • Separation Stretch Goals • Redundancy • Persistence Simple • Simple to install and use • Reuse available parts • This is an introductory course A Simple Laboratory Environment for Real-World Offensive Security Education 3 / 23
Motivation Environment Labs Future Work Summary “Real-world” and “Offensive” • Practice topics using tools common within the industry • Discuss actual exploits, demonstrate issues vividly • Metasploit modules • Social engineering • Cover current events (e.g. 2014: Shellshock, Heartbleed) • Attacker mindset vs. developer mindset A Simple Laboratory Environment for Real-World Offensive Security Education 4 / 23
Motivation Environment Labs Future Work Summary Environments Local isolated network containing actual hardware • Expensive • Limited flexibility • Limited sharing Photo: Leonardo Rizzi, Flickr, Creative Commons A Simple Laboratory Environment for Real-World Offensive Security Education 5 / 23
Motivation Environment Labs Future Work Summary Environment Virtualization Centralized On Premises • Set-up and maintenance • Limited scaling • Example: Tele-Lab [10] A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
Motivation Environment Labs Future Work Summary Environment Virtualization Cloud • More complex architecture • Expensive scaling • Potentially, worst responsiveness (traffic and delay) • Example: Salah [6] on AWS • Yesterday: Weiss et al. - EDUrange A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
Motivation Environment Labs Future Work Summary Environment Virtualization Local • Easy set-up • No scaling issues • Best responsiveness • Example: SEED [2] on VMWare/VirtualBox A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
Motivation Environment Labs Future Work Summary Detailed Environment Architecture Lab Workstation “Attacker” Kali Linux VM “Target” Metasploitable VM “Zombie” FreeBSD 6 VM BU Intranet, Internet gateway File Server for VM Images A Simple Laboratory Environment for Real-World Offensive Security Education 7 / 23
Motivation Environment Labs Future Work Summary VM Image Sets Lab Workstation File Server for VM Images Carol Bob Alice Local non-persistent environmentReference Image Persistent Student Environments A Simple Laboratory Environment for Real-World Offensive Security Education 8 / 23
Motivation Environment Labs Future Work Summary The Attacker - Kali Linux • Pentesting and Auditing • Based on Debian Wheezy • Hundreds of tools • Top 10: Aircrack, Burp Suite, Hydra, John, Maltego, Metasploit, NMAP, ZAP, SQLmap, Wireshark • Maintained by Offensive Security A Simple Laboratory Environment for Real-World Offensive Security Education 9 / 23
Motivation Environment Labs Future Work Summary The Target - Metasploitable 2 • Intentionally Vulnerable VM • Based on Ubuntu • Many vulnerabilities of various obviousness • Two intentionally vulnerable web applications (DWVA, Mutillidae) • No GUI A Simple Laboratory Environment for Real-World Offensive Security Education 10 / 23
Motivation Environment Labs Future Work Summary Resource Requirements OS Memory Use, MB (4GB RAM) Kali Metasploitable FreeBSD 6 Host OS 0 2 4 6 8 10 12 14 16 Disk Use, GB A Simple Laboratory Environment for Real-World Offensive Security Education 11 / 23
Motivation Environment Labs Future Work Summary Studying Cybersecurity Anywhere Photo: Alper Cugun, Flickr, CC-BY 2.0 — Whitehat Icon: Open Security Architecture, CC-BY-SA A Simple Laboratory Environment for Real-World Offensive Security Education 12 / 23
Motivation Environment Labs Future Work Summary Audience • A mix of undergraduate and graduate students • A variety of skill levels • Requirements: a programming language, basics of Linux A Simple Laboratory Environment for Real-World Offensive Security Education 13 / 23
Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] Many papers containing one or two labs each A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] Many papers containing one or two labs each Internet tutorials, e.g. “How to use Metasploit to hack X” A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
Motivation Environment Labs Future Work Summary Lab Topics and Dependencies Introduction Law and Ethics Search Engine Hacking Network Utilities Network Attacks Password Hacking Intrusion Detection Metasploit A Simple Laboratory Environment for Real-World Offensive Security Education 15 / 23
Motivation Environment Labs Future Work Summary Network Attacks Lab • Zombie scan with nmap • ARP Poisoning • DNS resolving and caching • DNS Poisoning • Example: poison Metasploitable’s DNS and replace one website with another A Simple Laboratory Environment for Real-World Offensive Security Education 16 / 23
Motivation Environment Labs Future Work Summary Sample Lab Page A Simple Laboratory Environment for Real-World Offensive Security Education 17 / 23
Motivation Environment Labs Future Work Summary Sample Solution Page A Simple Laboratory Environment for Real-World Offensive Security Education 18 / 23
Motivation Environment Labs Future Work Summary Production Workflow (PDF) HTML Source Common Stylesheet Lab Stylesheet Solution Stylesheet Print Stylesheet Print JavaScript Prince Prince Lab PDF Solution PDF A Simple Laboratory Environment for Real-World Offensive Security Education 19 / 23
Motivation Environment Labs Future Work Summary Production Workflow (HTML) HTML Source Common Stylesheet Lab Stylesheet Solution Stylesheet HTML Proc. Lab HTML Solution HTML Processing Rules A Simple Laboratory Environment for Real-World Offensive Security Education 20 / 23
Motivation Environment Labs Future Work Summary Directons for Future Work • Updates to Metasploitable • Easier modifications to Metasploitable • Adding other OS images and platforms • Adding network device simulation (routers, peripherals) • Automated grading A Simple Laboratory Environment for Real-World Offensive Security Education 21 / 23
Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity • A set of structured labs based on the environment A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity • A set of structured labs based on the environment • Directions for future work A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
Motivation Environment Labs Future Work Summary Thank you for your attention! The sources for this talk and several of the labs can be found in our GitHub repository: https://github.com/maxvt/cyberlabs Contact the authors at: • staro@bu.edu • maxvt@bu.edu, @maxvt • http://nislab.bu.edu/ A Simple Laboratory Environment for Real-World Offensive Security Education 23 / 23

Recommandé

Attack-driven defense
Attack-driven defenseAttack-driven defense
Attack-driven defenseZane Lackey
 
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017A Collaborative Approach to Teach Software Architecture - SIGCSE 2017
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017Maurício Aniche
 
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...Mark Guzdial
 
Level Up Your Integration Testing With Testcontainers
Level Up Your Integration Testing With TestcontainersLevel Up Your Integration Testing With Testcontainers
Level Up Your Integration Testing With TestcontainersVMware Tanzu
 
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31Masayuki Igawa
 
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptx
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptxIPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptx
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptxssuser455e28
 
Performance Analysis of Idle Programs
Performance Analysis of Idle ProgramsPerformance Analysis of Idle Programs
Performance Analysis of Idle Programsgreenwop
 
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Vincenzo Ferme
 

Recommandé

Attack-driven defense
Attack-driven defenseAttack-driven defense
Attack-driven defenseZane Lackey
 
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017A Collaborative Approach to Teach Software Architecture - SIGCSE 2017
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017Maurício Aniche
 
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...Mark Guzdial
 
Level Up Your Integration Testing With Testcontainers
Level Up Your Integration Testing With TestcontainersLevel Up Your Integration Testing With Testcontainers
Level Up Your Integration Testing With TestcontainersVMware Tanzu
 
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31Masayuki Igawa
 
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptx
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptxIPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptx
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptxssuser455e28
 
Performance Analysis of Idle Programs
Performance Analysis of Idle ProgramsPerformance Analysis of Idle Programs
Performance Analysis of Idle Programsgreenwop
 
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Vincenzo Ferme
 
ImageJ and the SciJava software stack
ImageJ and the SciJava software stackImageJ and the SciJava software stack
ImageJ and the SciJava software stackCurtis Rueden
 
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Blackboard APAC
 
(Re)-Introduction to Maven
(Re)-Introduction to Maven(Re)-Introduction to Maven
(Re)-Introduction to MavenEric Wyles
 
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Spark Summit
 
JavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toJavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toNicolas Fränkel
 
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comCyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comUOPCourseHelp
 
Cyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comCyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comUOPCourseHelp
 
MvvmCross Introduction
MvvmCross IntroductionMvvmCross Introduction
MvvmCross IntroductionStuart Lodge
 
MvvmCross Seminar
MvvmCross SeminarMvvmCross Seminar
MvvmCross SeminarXamarin
 
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld
 
20100730 phpstudy
20100730 phpstudy20100730 phpstudy
20100730 phpstudyYusuke Ando
 
How to build a proper software staging environment for testing
How to build a proper software staging environment for testing How to build a proper software staging environment for testing
How to build a proper software staging environment for testing TestCampRO
 
Modeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityModeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityFlorian Lier
 
33rd degree
33rd degree33rd degree
33rd degreeDariusz Kordonski
 
Most Useful Design Patterns
Most Useful Design PatternsMost Useful Design Patterns
Most Useful Design PatternsSteven Smith
 
Efficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftEfficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftrgcalvo
 
JCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxJCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxGrace Jansen
 
Plone FSR
Plone FSRPlone FSR
Plone FSRfulv
 
Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"LogeekNightUkraine
 
201502 - Integration Testing
201502 - Integration Testing201502 - Integration Testing
201502 - Integration Testinglyonjug
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 

Contenu connexe

Similaire à A Simple Laboratory Environment for Real World Offensive Security Education

ImageJ and the SciJava software stack
ImageJ and the SciJava software stackImageJ and the SciJava software stack
ImageJ and the SciJava software stackCurtis Rueden
 
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Blackboard APAC
 
(Re)-Introduction to Maven
(Re)-Introduction to Maven(Re)-Introduction to Maven
(Re)-Introduction to MavenEric Wyles
 
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Spark Summit
 
JavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toJavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toNicolas Fränkel
 
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comCyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comUOPCourseHelp
 
Cyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comCyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comUOPCourseHelp
 
MvvmCross Introduction
MvvmCross IntroductionMvvmCross Introduction
MvvmCross IntroductionStuart Lodge
 
MvvmCross Seminar
MvvmCross SeminarMvvmCross Seminar
MvvmCross SeminarXamarin
 
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld
 
20100730 phpstudy
20100730 phpstudy20100730 phpstudy
20100730 phpstudyYusuke Ando
 
How to build a proper software staging environment for testing
How to build a proper software staging environment for testing How to build a proper software staging environment for testing
How to build a proper software staging environment for testing TestCampRO
 
Modeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityModeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityFlorian Lier
 
Most Useful Design Patterns
Most Useful Design PatternsMost Useful Design Patterns
Most Useful Design PatternsSteven Smith
 
Efficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftEfficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftrgcalvo
 
JCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxJCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxGrace Jansen
 
Plone FSR
Plone FSRPlone FSR
Plone FSRfulv
 
Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"LogeekNightUkraine
 
201502 - Integration Testing
201502 - Integration Testing201502 - Integration Testing
201502 - Integration Testinglyonjug
 

Similaire à A Simple Laboratory Environment for Real World Offensive Security Education (20)

ImageJ and the SciJava software stack
ImageJ and the SciJava software stackImageJ and the SciJava software stack
ImageJ and the SciJava software stack
 
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
 
(Re)-Introduction to Maven
(Re)-Introduction to Maven(Re)-Introduction to Maven
(Re)-Introduction to Maven
 
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
 
JavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toJavaLand - Integration Testing How-to
JavaLand - Integration Testing How-to
 
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comCyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
 
Cyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comCyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.com
 
MvvmCross Introduction
MvvmCross IntroductionMvvmCross Introduction
MvvmCross Introduction
 
MvvmCross Seminar
MvvmCross SeminarMvvmCross Seminar
MvvmCross Seminar
 
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
 
20100730 phpstudy
20100730 phpstudy20100730 phpstudy
20100730 phpstudy
 
How to build a proper software staging environment for testing
How to build a proper software staging environment for testing How to build a proper software staging environment for testing
How to build a proper software staging environment for testing
 
Modeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityModeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved Reproducibility
 
33rd degree
33rd degree33rd degree
33rd degree
 
Most Useful Design Patterns
Most Useful Design PatternsMost Useful Design Patterns
Most Useful Design Patterns
 
Efficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftEfficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShift
 
JCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxJCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptx
 
Plone FSR
Plone FSRPlone FSR
Plone FSR
 
Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"
 
201502 - Integration Testing
201502 - Integration Testing201502 - Integration Testing
201502 - Integration Testing
 

Dernier

Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxDr. Ravikiran H M Gowda
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...Nguyen Thanh Tu Collection
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...Nguyen Thanh Tu Collection
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsKarakKing
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSCeline George
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 

Dernier (20)

Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Spatium Project Simulation student brief
Spatium Project Simulation student briefSpatium Project Simulation student brief
Spatium Project Simulation student brief
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 

A Simple Laboratory Environment for Real World Offensive Security Education

  • 1. Motivation Environment Labs Future Work Summary A Simple Laboratory Environment for Real-World Offensive Security Education Maxim Timchenko David Starobinski Electrical and Computer Engineering Department Boston University SIGCSE’15, March 7, 2015 A Simple Laboratory Environment for Real-World Offensive Security Education 1 / 23
  • 2. Motivation Environment Labs Future Work Summary Outline 1. Motivation / Goals 2. Environment 3. Labs 4. Future Work A Simple Laboratory Environment for Real-World Offensive Security Education 2 / 23
  • 3. Motivation Environment Labs Future Work Summary Goals for a Laboratory Environment Must Have • Security • Separation Stretch Goals • Redundancy • Persistence Simple • Simple to install and use • Reuse available parts • This is an introductory course A Simple Laboratory Environment for Real-World Offensive Security Education 3 / 23
  • 4. Motivation Environment Labs Future Work Summary “Real-world” and “Offensive” • Practice topics using tools common within the industry • Discuss actual exploits, demonstrate issues vividly • Metasploit modules • Social engineering • Cover current events (e.g. 2014: Shellshock, Heartbleed) • Attacker mindset vs. developer mindset A Simple Laboratory Environment for Real-World Offensive Security Education 4 / 23
  • 5. Motivation Environment Labs Future Work Summary Environments Local isolated network containing actual hardware • Expensive • Limited flexibility • Limited sharing Photo: Leonardo Rizzi, Flickr, Creative Commons A Simple Laboratory Environment for Real-World Offensive Security Education 5 / 23
  • 6. Motivation Environment Labs Future Work Summary Environment Virtualization Centralized On Premises • Set-up and maintenance • Limited scaling • Example: Tele-Lab [10] A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
  • 7. Motivation Environment Labs Future Work Summary Environment Virtualization Cloud • More complex architecture • Expensive scaling • Potentially, worst responsiveness (traffic and delay) • Example: Salah [6] on AWS • Yesterday: Weiss et al. - EDUrange A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
  • 8. Motivation Environment Labs Future Work Summary Environment Virtualization Local • Easy set-up • No scaling issues • Best responsiveness • Example: SEED [2] on VMWare/VirtualBox A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
  • 9. Motivation Environment Labs Future Work Summary Detailed Environment Architecture Lab Workstation “Attacker” Kali Linux VM “Target” Metasploitable VM “Zombie” FreeBSD 6 VM BU Intranet, Internet gateway File Server for VM Images A Simple Laboratory Environment for Real-World Offensive Security Education 7 / 23
  • 10. Motivation Environment Labs Future Work Summary VM Image Sets Lab Workstation File Server for VM Images Carol Bob Alice Local non-persistent environmentReference Image Persistent Student Environments A Simple Laboratory Environment for Real-World Offensive Security Education 8 / 23
  • 11. Motivation Environment Labs Future Work Summary The Attacker - Kali Linux • Pentesting and Auditing • Based on Debian Wheezy • Hundreds of tools • Top 10: Aircrack, Burp Suite, Hydra, John, Maltego, Metasploit, NMAP, ZAP, SQLmap, Wireshark • Maintained by Offensive Security A Simple Laboratory Environment for Real-World Offensive Security Education 9 / 23
  • 12. Motivation Environment Labs Future Work Summary The Target - Metasploitable 2 • Intentionally Vulnerable VM • Based on Ubuntu • Many vulnerabilities of various obviousness • Two intentionally vulnerable web applications (DWVA, Mutillidae) • No GUI A Simple Laboratory Environment for Real-World Offensive Security Education 10 / 23
  • 13. Motivation Environment Labs Future Work Summary Resource Requirements OS Memory Use, MB (4GB RAM) Kali Metasploitable FreeBSD 6 Host OS 0 2 4 6 8 10 12 14 16 Disk Use, GB A Simple Laboratory Environment for Real-World Offensive Security Education 11 / 23
  • 14. Motivation Environment Labs Future Work Summary Studying Cybersecurity Anywhere Photo: Alper Cugun, Flickr, CC-BY 2.0 — Whitehat Icon: Open Security Architecture, CC-BY-SA A Simple Laboratory Environment for Real-World Offensive Security Education 12 / 23
  • 15. Motivation Environment Labs Future Work Summary Audience • A mix of undergraduate and graduate students • A variety of skill levels • Requirements: a programming language, basics of Linux A Simple Laboratory Environment for Real-World Offensive Security Education 13 / 23
  • 16. Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
  • 17. Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
  • 18. Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] Many papers containing one or two labs each A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
  • 19. Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] Many papers containing one or two labs each Internet tutorials, e.g. “How to use Metasploit to hack X” A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
  • 20. Motivation Environment Labs Future Work Summary Lab Topics and Dependencies Introduction Law and Ethics Search Engine Hacking Network Utilities Network Attacks Password Hacking Intrusion Detection Metasploit A Simple Laboratory Environment for Real-World Offensive Security Education 15 / 23
  • 21. Motivation Environment Labs Future Work Summary Network Attacks Lab • Zombie scan with nmap • ARP Poisoning • DNS resolving and caching • DNS Poisoning • Example: poison Metasploitable’s DNS and replace one website with another A Simple Laboratory Environment for Real-World Offensive Security Education 16 / 23
  • 22. Motivation Environment Labs Future Work Summary Sample Lab Page A Simple Laboratory Environment for Real-World Offensive Security Education 17 / 23
  • 23. Motivation Environment Labs Future Work Summary Sample Solution Page A Simple Laboratory Environment for Real-World Offensive Security Education 18 / 23
  • 24. Motivation Environment Labs Future Work Summary Production Workflow (PDF) HTML Source Common Stylesheet Lab Stylesheet Solution Stylesheet Print Stylesheet Print JavaScript Prince Prince Lab PDF Solution PDF A Simple Laboratory Environment for Real-World Offensive Security Education 19 / 23
  • 25. Motivation Environment Labs Future Work Summary Production Workflow (HTML) HTML Source Common Stylesheet Lab Stylesheet Solution Stylesheet HTML Proc. Lab HTML Solution HTML Processing Rules A Simple Laboratory Environment for Real-World Offensive Security Education 20 / 23
  • 26. Motivation Environment Labs Future Work Summary Directons for Future Work • Updates to Metasploitable • Easier modifications to Metasploitable • Adding other OS images and platforms • Adding network device simulation (routers, peripherals) • Automated grading A Simple Laboratory Environment for Real-World Offensive Security Education 21 / 23
  • 27. Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
  • 28. Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity • A set of structured labs based on the environment A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
  • 29. Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity • A set of structured labs based on the environment • Directions for future work A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
  • 30. Motivation Environment Labs Future Work Summary Thank you for your attention! The sources for this talk and several of the labs can be found in our GitHub repository: https://github.com/maxvt/cyberlabs Contact the authors at: • staro@bu.edu • maxvt@bu.edu, @maxvt • http://nislab.bu.edu/ A Simple Laboratory Environment for Real-World Offensive Security Education 23 / 23