Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Step On In,
The Water’s Fine!
An Introduction To
Security Testing Within A
Virtualized Environment
About Me:
• Tom Moore – Twitter: @c0ncealed
• Christian, Husband, & Father
• Red Team / Penetration Tester
• Security Awar...
Agenda:
My goal is to provide
meaningful information in
the area of virtualized testing
environment options. I also wish
t...
Role Playing:
You are applying for a role within my
organization’s Information Security
Group...
One of the questions that...
What Is Seen:
Candidates for employment that have a
degree or relevant certifications, but
have learned the given curricul...
What Is Needed:
Candidates for employment that not only
have a degree or relevant certifications,
but also possess a true ...
What Can Be Done:
Security Professionals in training need to
take a more direct approach towards
ensuring that they unders...
How This Can Be
Accomplished:In addition to book learning, hands-on
experience with these toolsets should be
the recipient...
What Is Needed:
Candidates for employment that not only
have a degree or relevant certifications,
but also possess a true ...
What Is Needed:
Candidates for employment that not only
have a degree or relevant certifications,
but also possess a true ...
What Is Needed:
Candidates for employment that not only
have a degree or relevant certifications,
but also possess a true ...
How You Can Get There:
Practice… Practice… Practice…
Where You Can Practice:
Set up your own virtual lab!
• The cost is we...
Need Another Reason?:
More and more, the physical system
environments are going away!
Some might argue that familiarizing
...
Definition of Terms:
Hypervisor:
A hypervisor is a virtual machine
monitor (VMM).
It is generally a piece of computer
soft...
Definition of Terms:
Virtual Machine:
A virtual machine (VM) is a software
based emulation of a computer.
Virtual machines...
Definition of Terms:
Snapshot:
A snapshot preserves the state and data
of a virtual machine at a specific point in
time.
T...
Definition of Terms:
Bridged / NAT / Host Only :
The options available to configure virtual
network adapters within VM’s.
...
Let’s Get Technical:
Enough with the hypothetical, let’s get
into the bits… cause this bytes… =P
Structure for the approac...
Hardware Considerations:
• While the CPU speeds do matter, they
will not be your primary concern.
• A quad-core CPU is rec...
Virtualization Platforms:
• VMware Fusion (Mac)
• VMware Player/Workstation (Win/Linux)
• VMware ESXi (Server)
• Parallels...
VMware ESXi Setup:
• For our example, I have set up a
VMware ESXi Hypervisor on this
MacBook Pro system.
• System Specs:
•...
VMware ESXi Setup:
• Further Information…
• This installation is performed by
using the following configuration:
•VMware E...
VMware ESXi Setup:
• Brace yourselves! Screenshots!
VMware ESXi Management:
• The one disadvantage to using
VMware ESXi, in my opinion, is that
the most effective management
...
VMware ESXi Management:
• Further Information…
• This installation is performed by
using the following configuration:
•Win...
VMware ESXi Management:
• More Screenshots?
VMware ESXi Management:
• Now we will register VMware vSphere
Client.
• The key should have been obtained
when you registe...
VMware ESXi Management:
• Now we will setup VMware vCenter
Converter Standalone.
• This will be used to convert VMware
ima...
Offensive / Forensic
Distributions:• Kali Linux
• BlackArch Linux
• Backbox Linux
• Pentoo
• SamuraiWTF
• MobiSec
• SIFT W...
Offensive / Forensic
Distributions:• Screenshots!
Virtual Appliances:
• Routers / Switches
• Vyatta
• Firewalls
• pfSense
• Intrusion Prevention Systems
• Intrusion Detecti...
Vulnerable Distributions:
• Metasploitable 2
• NOWASP Mutillidae
• OWASP Broken Web Apps
• Web Security DoJo
• HADES
• Vul...
Vulnerable Distributions:
• VulnHub
www.vulnhub.com
• Credit: g0tm1lk
Vulnerable Distributions:
• Leveraging VulnHub.com, we will pull
down a copy of Metasploitable2 as our
vulnerable guest di...
Vulnerable Distributions:
• Now let’s spin it up!
• Once we have the Metasploitable 2 VM
powered on, we will go back to ou...
Congratulations!:
• You have just gone through the
process of setting up a virtual testing
lab with a VMware ESXi hypervis...
Summary:
• InfoSec Recruiters for organizations
are looking for candidates that KNOW
how to leverage the needed tools to
p...
One More Thing:
• If you would like to support or present
at a BSides conference, please consider
presenting at BSides Cha...
I’m Out:
THANK YOU!
Contact Info:
• Name: Tom Moore
• E-mail: c0ncealedx64@gmail.com
• Twitter: @c0ncealed
* Send hate mail to Bill Gardner
TH...
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment
Upcoming SlideShare
Loading in …5
×

Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment

5,795 views

Published on

My goal is to provide meaningful information in the area of virtualized testing environment options. I also wish to convey why an understanding of this subject is vastly needed and for the most part easily attainable, even though the subject is often avoided or overlooked.

Published in: Technology
  • Be the first to comment

Step On In, The Water's Fine! - An Introduction To Security Testing Within A Virtualized Environment

  1. 1. Step On In, The Water’s Fine! An Introduction To Security Testing Within A Virtualized Environment
  2. 2. About Me: • Tom Moore – Twitter: @c0ncealed • Christian, Husband, & Father • Red Team / Penetration Tester • Security Awareness Evangelist • Prior Marshall University Student • High Hack Society / Proverbs Hackers • Unrelenting G33K • 2nd Amendment Supporter • Should in NO WAY be considered an expert in anything that I may say. =) • SUPPORT HACKERS FOR CHARITY!
  3. 3. Agenda: My goal is to provide meaningful information in the area of virtualized testing environment options. I also wish to convey why an understanding of this subject is vastly needed and for the most part easily attainable, even though the subject is often avoided or overlooked.
  4. 4. Role Playing: You are applying for a role within my organization’s Information Security Group... One of the questions that I’m going to ask you would be: “What you are doing to either maintain, or increase your relevant skill-set.” What is your response?
  5. 5. What Is Seen: Candidates for employment that have a degree or relevant certifications, but have learned the given curriculum in a manner that allows them to test well on the content.
  6. 6. What Is Needed: Candidates for employment that not only have a degree or relevant certifications, but also possess a true working knowledge of how to leverage their toolsets to achieve the expected goal.
  7. 7. What Can Be Done: Security Professionals in training need to take a more direct approach towards ensuring that they understand not only the tools introduced to them, but also the underlying architectures that they operate on and sometimes exploit. A more informed candidate is what is being sought after in today’s Information Security job market.
  8. 8. How This Can Be Accomplished:In addition to book learning, hands-on experience with these toolsets should be the recipient of your invested time.
  9. 9. What Is Needed: Candidates for employment that not only have a degree or relevant certifications, but also possess a true working knowledge of how to leverage their toolsets to achieve the expected goal. Credit: CSOOnline.com - http://www.csoonline.com/article/2146363/security-leadership/self-taught-hackers-rule.html
  10. 10. What Is Needed: Candidates for employment that not only have a degree or relevant certifications, but also possess a true working knowledge of how to leverage their toolsets to achieve the expected goal. Credit: CSOOnline.com - http://www.csoonline.com/article/2146363/security-leadership/self-taught-hackers-rule.html
  11. 11. What Is Needed: Candidates for employment that not only have a degree or relevant certifications, but also possess a true working knowledge of how to leverage their toolsets to achieve the expected goal. Credit: CSOOnline.com - http://www.csoonline.com/article/2146363/security-leadership/self-taught-hackers-rule.html
  12. 12. How You Can Get There: Practice… Practice… Practice… Where You Can Practice: Set up your own virtual lab! • The cost is well worth the gain • There are many open-source solutions • Many toolset distributions now use virtual machines as primary medium • A wide variety of vulnerable environments are also available for your learning pleasure
  13. 13. Need Another Reason?: More and more, the physical system environments are going away! Some might argue that familiarizing yourself within a virtual environment will be a more relevant method of training and will give you experience that employers are already looking for in their next-generation of security professionals.
  14. 14. Definition of Terms: Hypervisor: A hypervisor is a virtual machine monitor (VMM). It is generally a piece of computer software, firmware, or hardware that creates and runs virtual machines. A computer on which a hypervisor is running is defined as a host machine. The virtual machines that run on this host are referred to as guest machines.
  15. 15. Definition of Terms: Virtual Machine: A virtual machine (VM) is a software based emulation of a computer. Virtual machines generally operate based on the architecture and functions of a real computer.
  16. 16. Definition of Terms: Snapshot: A snapshot preserves the state and data of a virtual machine at a specific point in time. The state includes the VM’s power state. (ex: powered-on, powered-off, or suspended) The data includes all of the files that make up the VM. This includes disks, memory, and other devices, such as virtual network interface cards.
  17. 17. Definition of Terms: Bridged / NAT / Host Only : The options available to configure virtual network adapters within VM’s. Bridged: Binds the virtual network adapter directly to your physical ethernet adapter. The VM will obtain DHCP lease from the physical network. NAT: Binds the virtual network adapter behind a NAT environment. Obtains internal DHCP address and shares the physical ethernet adapter’s public IP address for external communication. Host Only: Allows internal network communication only. DHCP lease obtained behind internal NAT.
  18. 18. Let’s Get Technical: Enough with the hypothetical, let’s get into the bits… cause this bytes… =P Structure for the approach: • Hardware considerations • Virtualization platform options • Example set-up of Vmware ESXi • Offensive or Forensic Distributions • Ex: Kali or SamuraiWTF • Virtual Appliances • Vulnerable Distributions • Ex: Metasploitable 2 or NOWASP
  19. 19. Hardware Considerations: • While the CPU speeds do matter, they will not be your primary concern. • A quad-core CPU is recommended. • What you will need plenty of are: • Memory (RAM) • Hypervisors are memory hogs. • Hard Drive Capacity (HDD) • VM’s range drastically in size, especially when Snapshotted. • A sufficient Power Supply will need to be accounted for based on the above specifications.
  20. 20. Virtualization Platforms: • VMware Fusion (Mac) • VMware Player/Workstation (Win/Linux) • VMware ESXi (Server) • Parallels (Mac) • Oracle VirtualBox (Mac/Win/Linux) • ProxMox (Server) • XenServer (Server, running OpenVZ as guest) This list should not be considered all-inclusive. These are simply platforms that I have tested.
  21. 21. VMware ESXi Setup: • For our example, I have set up a VMware ESXi Hypervisor on this MacBook Pro system. • System Specs: • CPU: Quad-core Intel i7 2GHz • RAM: 16GB 1333MHz DDR3 • HDD: WD Black 500GB 7200 RPM • VMware ESXi is free for educational purposes. Register on vmware.com for a license key. • Here are some screenshots of the ESXi setup process for your reference.
  22. 22. VMware ESXi Setup: • Further Information… • This installation is performed by using the following configuration: •VMware ESXi .iso image is on host MacBook Pro. •Created a New virtual machine within VMware Fusion. •Set the ESXi .iso as the boot media for the VM. • (This is being done this way for demonstration purposes. If you have physical hardware for ESXi, use that)
  23. 23. VMware ESXi Setup: • Brace yourselves! Screenshots!
  24. 24. VMware ESXi Management: • The one disadvantage to using VMware ESXi, in my opinion, is that the most effective management interface is in the form of a Windows fat client. • Due to this, we will also go through the process of setting up a Windows 8 VM with the VMware vSphere Client as well as the VMware vCenter Converter Standalone application. • This will be our ESXi management VM.
  25. 25. VMware ESXi Management: • Further Information… • This installation is performed by using the following configuration: •Windows 8.1 .iso image is on host MacBook Pro. •Created a New virtual machine within VMware Fusion. •Set the Windows 8.1 .iso as the boot media for the VM. • (This is done so that we don’t have to have a physical Windows box for ESXi Management.)
  26. 26. VMware ESXi Management: • More Screenshots?
  27. 27. VMware ESXi Management: • Now we will register VMware vSphere Client. • The key should have been obtained when you registered for your vmware.com account and downloaded your ESXi iso files and binaries. • When its registered, you will see the status message in the bottom right- hand corner of the client disappear.
  28. 28. VMware ESXi Management: • Now we will setup VMware vCenter Converter Standalone. • This will be used to convert VMware images into an ESXi format. • It will also transfer VM’s over to our ESXi Server after conversion.
  29. 29. Offensive / Forensic Distributions:• Kali Linux • BlackArch Linux • Backbox Linux • Pentoo • SamuraiWTF • MobiSec • SIFT Workstation • DEFT Linux • REMnux
  30. 30. Offensive / Forensic Distributions:• Screenshots!
  31. 31. Virtual Appliances: • Routers / Switches • Vyatta • Firewalls • pfSense • Intrusion Prevention Systems • Intrusion Detection Systems • SecurityOnion • Security Incident and Event Monitoring • AlienVault OSSIM
  32. 32. Vulnerable Distributions: • Metasploitable 2 • NOWASP Mutillidae • OWASP Broken Web Apps • Web Security DoJo • HADES • VulnVOiP • VulnVPN • Dexter • Brainpan • Relativity
  33. 33. Vulnerable Distributions: • VulnHub www.vulnhub.com • Credit: g0tm1lk
  34. 34. Vulnerable Distributions: • Leveraging VulnHub.com, we will pull down a copy of Metasploitable2 as our vulnerable guest distribution. • Now we will use VMware vCenter Converter Standalone to convert our new vulnerable image and then push it to our ESXi server.
  35. 35. Vulnerable Distributions: • Now let’s spin it up! • Once we have the Metasploitable 2 VM powered on, we will go back to our Kali VM within VMware Fusion. • From the Kali offensive VM, let’s scan the virtual DHCP range looking for our new vulnerable guest machine!
  36. 36. Congratulations!: • You have just gone through the process of setting up a virtual testing lab with a VMware ESXi hypervisor! • You have a Windows VM set up to manage your hypervisor. • You know where to obtain your Offensive, Appliance, and Vulnerable distributions and VMs. • You also know how to convert and transfer them to your ESXi server! • You then saw how easy it was to enumerate guests from your Kali VM!
  37. 37. Summary: • InfoSec Recruiters for organizations are looking for candidates that KNOW how to leverage the needed tools to perform an assessment. • You can teach yourself skills that may not be covered in most curriculums through the use of Virtual Environments. • It takes time, it’s not easy, but it will pay off. • YOU CAN DO THIS!
  38. 38. One More Thing: • If you would like to support or present at a BSides conference, please consider presenting at BSides Charlotte! • When: June 21, 2014 (Sat) • Where: Charlotte, NC • Web: www.bsidesclt.org • Twitter: @BSidesCLT
  39. 39. I’m Out: THANK YOU!
  40. 40. Contact Info: • Name: Tom Moore • E-mail: c0ncealedx64@gmail.com • Twitter: @c0ncealed * Send hate mail to Bill Gardner THANK YOU!

×