The document describes a virtual machine-based laboratory environment for teaching practical cybersecurity skills. The environment uses Kali Linux, Metasploitable, and FreeBSD virtual machines. It includes a set of structured labs covering topics like password hacking and network attacks. Future work directions include updating vulnerable systems, adding platforms and devices, and automating grading. The goal is to provide a simple yet effective way to educate students in an authentic offensive security context.
A Simple Laboratory Environment for Real World Offensive Security Education
1. Motivation Environment Labs Future Work Summary
A Simple Laboratory Environment
for Real-World Offensive Security Education
Maxim Timchenko David Starobinski
Electrical and Computer Engineering Department
Boston University
SIGCSE’15, March 7, 2015
A Simple Laboratory Environment for Real-World Offensive Security Education 1 / 23
2. Motivation Environment Labs Future Work Summary
Outline
1. Motivation / Goals
2. Environment
3. Labs
4. Future Work
A Simple Laboratory Environment for Real-World Offensive Security Education 2 / 23
3. Motivation Environment Labs Future Work Summary
Goals for a Laboratory Environment
Must Have
• Security
• Separation
Stretch Goals
• Redundancy
• Persistence
Simple
• Simple to install and use
• Reuse available parts
• This is an introductory course
A Simple Laboratory Environment for Real-World Offensive Security Education 3 / 23
4. Motivation Environment Labs Future Work Summary
“Real-world” and “Offensive”
• Practice topics using tools common within the industry
• Discuss actual exploits, demonstrate issues vividly
• Metasploit modules
• Social engineering
• Cover current events (e.g. 2014: Shellshock, Heartbleed)
• Attacker mindset vs. developer mindset
A Simple Laboratory Environment for Real-World Offensive Security Education 4 / 23
5. Motivation Environment Labs Future Work Summary
Environments
Local isolated network containing actual hardware
• Expensive
• Limited flexibility
• Limited sharing
Photo: Leonardo Rizzi, Flickr, Creative Commons
A Simple Laboratory Environment for Real-World Offensive Security Education 5 / 23
6. Motivation Environment Labs Future Work Summary
Environment Virtualization
Centralized On Premises
• Set-up and maintenance
• Limited scaling
• Example: Tele-Lab [10]
A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
7. Motivation Environment Labs Future Work Summary
Environment Virtualization
Cloud
• More complex architecture
• Expensive scaling
• Potentially, worst responsiveness
(traffic and delay)
• Example: Salah [6] on AWS
• Yesterday: Weiss et al. - EDUrange
A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
8. Motivation Environment Labs Future Work Summary
Environment Virtualization
Local
• Easy set-up
• No scaling issues
• Best responsiveness
• Example: SEED [2] on
VMWare/VirtualBox
A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
9. Motivation Environment Labs Future Work Summary
Detailed Environment Architecture
Lab Workstation
“Attacker”
Kali Linux VM
“Target”
Metasploitable VM
“Zombie”
FreeBSD 6 VM
BU Intranet,
Internet gateway
File Server
for VM Images
A Simple Laboratory Environment for Real-World Offensive Security Education 7 / 23
10. Motivation Environment Labs Future Work Summary
VM Image Sets
Lab Workstation
File Server
for VM Images
Carol
Bob
Alice
Local non-persistent
environmentReference Image
Persistent Student
Environments
A Simple Laboratory Environment for Real-World Offensive Security Education 8 / 23
11. Motivation Environment Labs Future Work Summary
The Attacker - Kali Linux
• Pentesting and Auditing
• Based on Debian Wheezy
• Hundreds of tools
• Top 10: Aircrack, Burp Suite,
Hydra, John, Maltego,
Metasploit, NMAP, ZAP,
SQLmap, Wireshark
• Maintained by Offensive
Security
A Simple Laboratory Environment for Real-World Offensive Security Education 9 / 23
12. Motivation Environment Labs Future Work Summary
The Target - Metasploitable 2
• Intentionally Vulnerable VM
• Based on Ubuntu
• Many vulnerabilities of various
obviousness
• Two intentionally vulnerable
web applications (DWVA,
Mutillidae)
• No GUI
A Simple Laboratory Environment for Real-World Offensive Security Education 10 / 23
13. Motivation Environment Labs Future Work Summary
Resource Requirements
OS Memory Use, MB (4GB RAM)
Kali
Metasploitable
FreeBSD 6
Host OS
0
2
4
6
8
10
12
14
16
Disk Use,
GB
A Simple Laboratory Environment for Real-World Offensive Security Education 11 / 23
14. Motivation Environment Labs Future Work Summary
Studying Cybersecurity Anywhere
Photo: Alper Cugun, Flickr, CC-BY 2.0 — Whitehat Icon: Open Security Architecture, CC-BY-SA
A Simple Laboratory Environment for Real-World Offensive Security Education 12 / 23
15. Motivation Environment Labs Future Work Summary
Audience
• A mix of undergraduate and graduate students
• A variety of skill levels
• Requirements: a programming language, basics of Linux
A Simple Laboratory Environment for Real-World Offensive Security Education 13 / 23
16. Motivation Environment Labs Future Work Summary
Existing Lab Sets
The SEED Project [2]
A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
17. Motivation Environment Labs Future Work Summary
Existing Lab Sets
The SEED Project [2] OWASP Hackademic [5]
A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
18. Motivation Environment Labs Future Work Summary
Existing Lab Sets
The SEED Project [2] OWASP Hackademic [5]
Many papers containing
one or two labs each
A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
19. Motivation Environment Labs Future Work Summary
Existing Lab Sets
The SEED Project [2] OWASP Hackademic [5]
Many papers containing
one or two labs each
Internet tutorials, e.g. “How to use
Metasploit to hack X”
A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
20. Motivation Environment Labs Future Work Summary
Lab Topics and Dependencies
Introduction
Law and Ethics Search Engine Hacking
Network Utilities Network Attacks
Password Hacking
Intrusion Detection
Metasploit
A Simple Laboratory Environment for Real-World Offensive Security Education 15 / 23
21. Motivation Environment Labs Future Work Summary
Network Attacks Lab
• Zombie scan with nmap
• ARP Poisoning
• DNS resolving and caching
• DNS Poisoning
• Example: poison
Metasploitable’s DNS and
replace one website with another
A Simple Laboratory Environment for Real-World Offensive Security Education 16 / 23
22. Motivation Environment Labs Future Work Summary
Sample Lab Page
A Simple Laboratory Environment for Real-World Offensive Security Education 17 / 23
23. Motivation Environment Labs Future Work Summary
Sample Solution Page
A Simple Laboratory Environment for Real-World Offensive Security Education 18 / 23
24. Motivation Environment Labs Future Work Summary
Production Workflow (PDF)
HTML
Source
Common
Stylesheet
Lab
Stylesheet
Solution
Stylesheet
Print
Stylesheet
Print
JavaScript
Prince Prince
Lab PDF
Solution
PDF
A Simple Laboratory Environment for Real-World Offensive Security Education 19 / 23
25. Motivation Environment Labs Future Work Summary
Production Workflow (HTML)
HTML
Source
Common
Stylesheet
Lab
Stylesheet
Solution
Stylesheet
HTML
Proc.
Lab HTML
Solution
HTML
Processing
Rules
A Simple Laboratory Environment for Real-World Offensive Security Education 20 / 23
26. Motivation Environment Labs Future Work Summary
Directons for Future Work
• Updates to Metasploitable
• Easier modifications to Metasploitable
• Adding other OS images and platforms
• Adding network device simulation
(routers, peripherals)
• Automated grading
A Simple Laboratory Environment for Real-World Offensive Security Education 21 / 23
27. Motivation Environment Labs Future Work Summary
Summary
• A virtual-machine based environment for teaching practical
cybersecurity
A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
28. Motivation Environment Labs Future Work Summary
Summary
• A virtual-machine based environment for teaching practical
cybersecurity
• A set of structured labs based on the environment
A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
29. Motivation Environment Labs Future Work Summary
Summary
• A virtual-machine based environment for teaching practical
cybersecurity
• A set of structured labs based on the environment
• Directions for future work
A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
30. Motivation Environment Labs Future Work Summary
Thank you for your attention!
The sources for this talk and several of the labs can be found in our
GitHub repository:
https://github.com/maxvt/cyberlabs
Contact the authors at:
• staro@bu.edu
• maxvt@bu.edu, @maxvt
• http://nislab.bu.edu/
A Simple Laboratory Environment for Real-World Offensive Security Education 23 / 23