SlideShare a Scribd company logo

A Simple Laboratory Environment for Real World Offensive Security Education

C
chunkybacon

The document describes a virtual machine-based laboratory environment for teaching practical cybersecurity skills. The environment uses Kali Linux, Metasploitable, and FreeBSD virtual machines. It includes a set of structured labs covering topics like password hacking and network attacks. Future work directions include updating vulnerable systems, adding platforms and devices, and automating grading. The goal is to provide a simple yet effective way to educate students in an authentic offensive security context.

Education
1 of 30
Download to read offline
Motivation Environment Labs Future Work Summary A Simple Laboratory Environment for Real-World Offensive Security Education Maxim Timchenko David Starobinski Electrical and Computer Engineering Department Boston University SIGCSE’15, March 7, 2015 A Simple Laboratory Environment for Real-World Offensive Security Education 1 / 23
Motivation Environment Labs Future Work Summary Outline 1. Motivation / Goals 2. Environment 3. Labs 4. Future Work A Simple Laboratory Environment for Real-World Offensive Security Education 2 / 23
Motivation Environment Labs Future Work Summary Goals for a Laboratory Environment Must Have • Security • Separation Stretch Goals • Redundancy • Persistence Simple • Simple to install and use • Reuse available parts • This is an introductory course A Simple Laboratory Environment for Real-World Offensive Security Education 3 / 23
Motivation Environment Labs Future Work Summary “Real-world” and “Offensive” • Practice topics using tools common within the industry • Discuss actual exploits, demonstrate issues vividly • Metasploit modules • Social engineering • Cover current events (e.g. 2014: Shellshock, Heartbleed) • Attacker mindset vs. developer mindset A Simple Laboratory Environment for Real-World Offensive Security Education 4 / 23
Motivation Environment Labs Future Work Summary Environments Local isolated network containing actual hardware • Expensive • Limited flexibility • Limited sharing Photo: Leonardo Rizzi, Flickr, Creative Commons A Simple Laboratory Environment for Real-World Offensive Security Education 5 / 23
Motivation Environment Labs Future Work Summary Environment Virtualization Centralized On Premises • Set-up and maintenance • Limited scaling • Example: Tele-Lab [10] A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
Motivation Environment Labs Future Work Summary Environment Virtualization Cloud • More complex architecture • Expensive scaling • Potentially, worst responsiveness (traffic and delay) • Example: Salah [6] on AWS • Yesterday: Weiss et al. - EDUrange A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
Motivation Environment Labs Future Work Summary Environment Virtualization Local • Easy set-up • No scaling issues • Best responsiveness • Example: SEED [2] on VMWare/VirtualBox A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
Motivation Environment Labs Future Work Summary Detailed Environment Architecture Lab Workstation “Attacker” Kali Linux VM “Target” Metasploitable VM “Zombie” FreeBSD 6 VM BU Intranet, Internet gateway File Server for VM Images A Simple Laboratory Environment for Real-World Offensive Security Education 7 / 23
Motivation Environment Labs Future Work Summary VM Image Sets Lab Workstation File Server for VM Images Carol Bob Alice Local non-persistent environmentReference Image Persistent Student Environments A Simple Laboratory Environment for Real-World Offensive Security Education 8 / 23
Motivation Environment Labs Future Work Summary The Attacker - Kali Linux • Pentesting and Auditing • Based on Debian Wheezy • Hundreds of tools • Top 10: Aircrack, Burp Suite, Hydra, John, Maltego, Metasploit, NMAP, ZAP, SQLmap, Wireshark • Maintained by Offensive Security A Simple Laboratory Environment for Real-World Offensive Security Education 9 / 23
Motivation Environment Labs Future Work Summary The Target - Metasploitable 2 • Intentionally Vulnerable VM • Based on Ubuntu • Many vulnerabilities of various obviousness • Two intentionally vulnerable web applications (DWVA, Mutillidae) • No GUI A Simple Laboratory Environment for Real-World Offensive Security Education 10 / 23
Motivation Environment Labs Future Work Summary Resource Requirements OS Memory Use, MB (4GB RAM) Kali Metasploitable FreeBSD 6 Host OS 0 2 4 6 8 10 12 14 16 Disk Use, GB A Simple Laboratory Environment for Real-World Offensive Security Education 11 / 23
Motivation Environment Labs Future Work Summary Studying Cybersecurity Anywhere Photo: Alper Cugun, Flickr, CC-BY 2.0 — Whitehat Icon: Open Security Architecture, CC-BY-SA A Simple Laboratory Environment for Real-World Offensive Security Education 12 / 23
Motivation Environment Labs Future Work Summary Audience • A mix of undergraduate and graduate students • A variety of skill levels • Requirements: a programming language, basics of Linux A Simple Laboratory Environment for Real-World Offensive Security Education 13 / 23
Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] Many papers containing one or two labs each A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] Many papers containing one or two labs each Internet tutorials, e.g. “How to use Metasploit to hack X” A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
Motivation Environment Labs Future Work Summary Lab Topics and Dependencies Introduction Law and Ethics Search Engine Hacking Network Utilities Network Attacks Password Hacking Intrusion Detection Metasploit A Simple Laboratory Environment for Real-World Offensive Security Education 15 / 23
Motivation Environment Labs Future Work Summary Network Attacks Lab • Zombie scan with nmap • ARP Poisoning • DNS resolving and caching • DNS Poisoning • Example: poison Metasploitable’s DNS and replace one website with another A Simple Laboratory Environment for Real-World Offensive Security Education 16 / 23
Motivation Environment Labs Future Work Summary Sample Lab Page A Simple Laboratory Environment for Real-World Offensive Security Education 17 / 23
Motivation Environment Labs Future Work Summary Sample Solution Page A Simple Laboratory Environment for Real-World Offensive Security Education 18 / 23
Motivation Environment Labs Future Work Summary Production Workflow (PDF) HTML Source Common Stylesheet Lab Stylesheet Solution Stylesheet Print Stylesheet Print JavaScript Prince Prince Lab PDF Solution PDF A Simple Laboratory Environment for Real-World Offensive Security Education 19 / 23
Motivation Environment Labs Future Work Summary Production Workflow (HTML) HTML Source Common Stylesheet Lab Stylesheet Solution Stylesheet HTML Proc. Lab HTML Solution HTML Processing Rules A Simple Laboratory Environment for Real-World Offensive Security Education 20 / 23
Motivation Environment Labs Future Work Summary Directons for Future Work • Updates to Metasploitable • Easier modifications to Metasploitable • Adding other OS images and platforms • Adding network device simulation (routers, peripherals) • Automated grading A Simple Laboratory Environment for Real-World Offensive Security Education 21 / 23
Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity • A set of structured labs based on the environment A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity • A set of structured labs based on the environment • Directions for future work A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
Motivation Environment Labs Future Work Summary Thank you for your attention! The sources for this talk and several of the labs can be found in our GitHub repository: https://github.com/maxvt/cyberlabs Contact the authors at: • staro@bu.edu • maxvt@bu.edu, @maxvt • http://nislab.bu.edu/ A Simple Laboratory Environment for Real-World Offensive Security Education 23 / 23

Recommended

Attack-driven defense
Attack-driven defenseAttack-driven defense
Attack-driven defenseZane Lackey
 
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017A Collaborative Approach to Teach Software Architecture - SIGCSE 2017
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017Maurício Aniche
 
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...Mark Guzdial
 
Level Up Your Integration Testing With Testcontainers
Level Up Your Integration Testing With TestcontainersLevel Up Your Integration Testing With Testcontainers
Level Up Your Integration Testing With TestcontainersVMware Tanzu
 
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31Masayuki Igawa
 
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptx
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptxIPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptx
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptxssuser455e28
 
Performance Analysis of Idle Programs
Performance Analysis of Idle ProgramsPerformance Analysis of Idle Programs
Performance Analysis of Idle Programsgreenwop
 
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Vincenzo Ferme
 

Recommended

Attack-driven defense
Attack-driven defenseAttack-driven defense
Attack-driven defenseZane Lackey
 
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017A Collaborative Approach to Teach Software Architecture - SIGCSE 2017
A Collaborative Approach to Teach Software Architecture - SIGCSE 2017Maurício Aniche
 
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...
The Role of CS Departments in The US President’s “CS for All” Initiative: Pan...Mark Guzdial
 
Level Up Your Integration Testing With Testcontainers
Level Up Your Integration Testing With TestcontainersLevel Up Your Integration Testing With Testcontainers
Level Up Your Integration Testing With TestcontainersVMware Tanzu
 
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31
Ensuring OpenStack Version up Compatibility for CloudOpen Japan 2013-05-31Masayuki Igawa
 
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptx
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptxIPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptx
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptxssuser455e28
 
Performance Analysis of Idle Programs
Performance Analysis of Idle ProgramsPerformance Analysis of Idle Programs
Performance Analysis of Idle Programsgreenwop
 
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Vincenzo Ferme
 
ImageJ and the SciJava software stack
ImageJ and the SciJava software stackImageJ and the SciJava software stack
ImageJ and the SciJava software stackCurtis Rueden
 
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Blackboard APAC
 
(Re)-Introduction to Maven
(Re)-Introduction to Maven(Re)-Introduction to Maven
(Re)-Introduction to MavenEric Wyles
 
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Spark Summit
 
JavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toJavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toNicolas Fränkel
 
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comCyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comUOPCourseHelp
 
Cyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comCyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comUOPCourseHelp
 
MvvmCross Introduction
MvvmCross IntroductionMvvmCross Introduction
MvvmCross IntroductionStuart Lodge
 
MvvmCross Seminar
MvvmCross SeminarMvvmCross Seminar
MvvmCross SeminarXamarin
 
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld
 
20100730 phpstudy
20100730 phpstudy20100730 phpstudy
20100730 phpstudyYusuke Ando
 
How to build a proper software staging environment for testing
How to build a proper software staging environment for testing How to build a proper software staging environment for testing
How to build a proper software staging environment for testing TestCampRO
 
Modeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityModeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityFlorian Lier
 
33rd degree
33rd degree33rd degree
33rd degreeDariusz Kordonski
 
Most Useful Design Patterns
Most Useful Design PatternsMost Useful Design Patterns
Most Useful Design PatternsSteven Smith
 
Efficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftEfficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftrgcalvo
 
JCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxJCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxGrace Jansen
 
Plone FSR
Plone FSRPlone FSR
Plone FSRfulv
 
Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"LogeekNightUkraine
 
201502 - Integration Testing
201502 - Integration Testing201502 - Integration Testing
201502 - Integration Testinglyonjug
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 

More Related Content

Similar to A Simple Laboratory Environment for Real World Offensive Security Education

ImageJ and the SciJava software stack
ImageJ and the SciJava software stackImageJ and the SciJava software stack
ImageJ and the SciJava software stackCurtis Rueden
 
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Blackboard APAC
 
(Re)-Introduction to Maven
(Re)-Introduction to Maven(Re)-Introduction to Maven
(Re)-Introduction to MavenEric Wyles
 
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Spark Summit
 
JavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toJavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toNicolas Fränkel
 
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comCyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comUOPCourseHelp
 
Cyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comCyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comUOPCourseHelp
 
MvvmCross Introduction
MvvmCross IntroductionMvvmCross Introduction
MvvmCross IntroductionStuart Lodge
 
MvvmCross Seminar
MvvmCross SeminarMvvmCross Seminar
MvvmCross SeminarXamarin
 
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld
 
20100730 phpstudy
20100730 phpstudy20100730 phpstudy
20100730 phpstudyYusuke Ando
 
How to build a proper software staging environment for testing
How to build a proper software staging environment for testing How to build a proper software staging environment for testing
How to build a proper software staging environment for testing TestCampRO
 
Modeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityModeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityFlorian Lier
 
Most Useful Design Patterns
Most Useful Design PatternsMost Useful Design Patterns
Most Useful Design PatternsSteven Smith
 
Efficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftEfficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftrgcalvo
 
JCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxJCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxGrace Jansen
 
Plone FSR
Plone FSRPlone FSR
Plone FSRfulv
 
Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"LogeekNightUkraine
 
201502 - Integration Testing
201502 - Integration Testing201502 - Integration Testing
201502 - Integration Testinglyonjug
 

Similar to A Simple Laboratory Environment for Real World Offensive Security Education (20)

ImageJ and the SciJava software stack
ImageJ and the SciJava software stackImageJ and the SciJava software stack
ImageJ and the SciJava software stack
 
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
Machine Data to Readable Reports - System Monitoring, Alerting and Reporting ...
 
(Re)-Introduction to Maven
(Re)-Introduction to Maven(Re)-Introduction to Maven
(Re)-Introduction to Maven
 
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...
 
JavaLand - Integration Testing How-to
JavaLand - Integration Testing How-toJavaLand - Integration Testing How-to
JavaLand - Integration Testing How-to
 
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.comCyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
Cyb 225 cyb225 cyb 225 best tutorials guide uopstudy.com
 
Cyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.comCyb 225 cyb225 cyb 225 education for service uopstudy.com
Cyb 225 cyb225 cyb 225 education for service uopstudy.com
 
MvvmCross Introduction
MvvmCross IntroductionMvvmCross Introduction
MvvmCross Introduction
 
MvvmCross Seminar
MvvmCross SeminarMvvmCross Seminar
MvvmCross Seminar
 
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
VMworld 2013: How UC San Francisco Delivered ‘Science as a Service’ with Priv...
 
20100730 phpstudy
20100730 phpstudy20100730 phpstudy
20100730 phpstudy
 
How to build a proper software staging environment for testing
How to build a proper software staging environment for testing How to build a proper software staging environment for testing
How to build a proper software staging environment for testing
 
Modeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved ReproducibilityModeling Software Systems in Experimental Robotics for Improved Reproducibility
Modeling Software Systems in Experimental Robotics for Improved Reproducibility
 
33rd degree
33rd degree33rd degree
33rd degree
 
Most Useful Design Patterns
Most Useful Design PatternsMost Useful Design Patterns
Most Useful Design Patterns
 
Efficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShiftEfficient resource management with Red Hat OpenShift
Efficient resource management with Red Hat OpenShift
 
JCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxJCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptx
 
Plone FSR
Plone FSRPlone FSR
Plone FSR
 
Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"Shestakov Illia "The Sandbox Theory"
Shestakov Illia "The Sandbox Theory"
 
201502 - Integration Testing
201502 - Integration Testing201502 - Integration Testing
201502 - Integration Testing
 

Recently uploaded

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 

Recently uploaded (20)

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 

A Simple Laboratory Environment for Real World Offensive Security Education

  • 1. Motivation Environment Labs Future Work Summary A Simple Laboratory Environment for Real-World Offensive Security Education Maxim Timchenko David Starobinski Electrical and Computer Engineering Department Boston University SIGCSE’15, March 7, 2015 A Simple Laboratory Environment for Real-World Offensive Security Education 1 / 23
  • 2. Motivation Environment Labs Future Work Summary Outline 1. Motivation / Goals 2. Environment 3. Labs 4. Future Work A Simple Laboratory Environment for Real-World Offensive Security Education 2 / 23
  • 3. Motivation Environment Labs Future Work Summary Goals for a Laboratory Environment Must Have • Security • Separation Stretch Goals • Redundancy • Persistence Simple • Simple to install and use • Reuse available parts • This is an introductory course A Simple Laboratory Environment for Real-World Offensive Security Education 3 / 23
  • 4. Motivation Environment Labs Future Work Summary “Real-world” and “Offensive” • Practice topics using tools common within the industry • Discuss actual exploits, demonstrate issues vividly • Metasploit modules • Social engineering • Cover current events (e.g. 2014: Shellshock, Heartbleed) • Attacker mindset vs. developer mindset A Simple Laboratory Environment for Real-World Offensive Security Education 4 / 23
  • 5. Motivation Environment Labs Future Work Summary Environments Local isolated network containing actual hardware • Expensive • Limited flexibility • Limited sharing Photo: Leonardo Rizzi, Flickr, Creative Commons A Simple Laboratory Environment for Real-World Offensive Security Education 5 / 23
  • 6. Motivation Environment Labs Future Work Summary Environment Virtualization Centralized On Premises • Set-up and maintenance • Limited scaling • Example: Tele-Lab [10] A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
  • 7. Motivation Environment Labs Future Work Summary Environment Virtualization Cloud • More complex architecture • Expensive scaling • Potentially, worst responsiveness (traffic and delay) • Example: Salah [6] on AWS • Yesterday: Weiss et al. - EDUrange A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
  • 8. Motivation Environment Labs Future Work Summary Environment Virtualization Local • Easy set-up • No scaling issues • Best responsiveness • Example: SEED [2] on VMWare/VirtualBox A Simple Laboratory Environment for Real-World Offensive Security Education 6 / 23
  • 9. Motivation Environment Labs Future Work Summary Detailed Environment Architecture Lab Workstation “Attacker” Kali Linux VM “Target” Metasploitable VM “Zombie” FreeBSD 6 VM BU Intranet, Internet gateway File Server for VM Images A Simple Laboratory Environment for Real-World Offensive Security Education 7 / 23
  • 10. Motivation Environment Labs Future Work Summary VM Image Sets Lab Workstation File Server for VM Images Carol Bob Alice Local non-persistent environmentReference Image Persistent Student Environments A Simple Laboratory Environment for Real-World Offensive Security Education 8 / 23
  • 11. Motivation Environment Labs Future Work Summary The Attacker - Kali Linux • Pentesting and Auditing • Based on Debian Wheezy • Hundreds of tools • Top 10: Aircrack, Burp Suite, Hydra, John, Maltego, Metasploit, NMAP, ZAP, SQLmap, Wireshark • Maintained by Offensive Security A Simple Laboratory Environment for Real-World Offensive Security Education 9 / 23
  • 12. Motivation Environment Labs Future Work Summary The Target - Metasploitable 2 • Intentionally Vulnerable VM • Based on Ubuntu • Many vulnerabilities of various obviousness • Two intentionally vulnerable web applications (DWVA, Mutillidae) • No GUI A Simple Laboratory Environment for Real-World Offensive Security Education 10 / 23
  • 13. Motivation Environment Labs Future Work Summary Resource Requirements OS Memory Use, MB (4GB RAM) Kali Metasploitable FreeBSD 6 Host OS 0 2 4 6 8 10 12 14 16 Disk Use, GB A Simple Laboratory Environment for Real-World Offensive Security Education 11 / 23
  • 14. Motivation Environment Labs Future Work Summary Studying Cybersecurity Anywhere Photo: Alper Cugun, Flickr, CC-BY 2.0 — Whitehat Icon: Open Security Architecture, CC-BY-SA A Simple Laboratory Environment for Real-World Offensive Security Education 12 / 23
  • 15. Motivation Environment Labs Future Work Summary Audience • A mix of undergraduate and graduate students • A variety of skill levels • Requirements: a programming language, basics of Linux A Simple Laboratory Environment for Real-World Offensive Security Education 13 / 23
  • 16. Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
  • 17. Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
  • 18. Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] Many papers containing one or two labs each A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
  • 19. Motivation Environment Labs Future Work Summary Existing Lab Sets The SEED Project [2] OWASP Hackademic [5] Many papers containing one or two labs each Internet tutorials, e.g. “How to use Metasploit to hack X” A Simple Laboratory Environment for Real-World Offensive Security Education 14 / 23
  • 20. Motivation Environment Labs Future Work Summary Lab Topics and Dependencies Introduction Law and Ethics Search Engine Hacking Network Utilities Network Attacks Password Hacking Intrusion Detection Metasploit A Simple Laboratory Environment for Real-World Offensive Security Education 15 / 23
  • 21. Motivation Environment Labs Future Work Summary Network Attacks Lab • Zombie scan with nmap • ARP Poisoning • DNS resolving and caching • DNS Poisoning • Example: poison Metasploitable’s DNS and replace one website with another A Simple Laboratory Environment for Real-World Offensive Security Education 16 / 23
  • 22. Motivation Environment Labs Future Work Summary Sample Lab Page A Simple Laboratory Environment for Real-World Offensive Security Education 17 / 23
  • 23. Motivation Environment Labs Future Work Summary Sample Solution Page A Simple Laboratory Environment for Real-World Offensive Security Education 18 / 23
  • 24. Motivation Environment Labs Future Work Summary Production Workflow (PDF) HTML Source Common Stylesheet Lab Stylesheet Solution Stylesheet Print Stylesheet Print JavaScript Prince Prince Lab PDF Solution PDF A Simple Laboratory Environment for Real-World Offensive Security Education 19 / 23
  • 25. Motivation Environment Labs Future Work Summary Production Workflow (HTML) HTML Source Common Stylesheet Lab Stylesheet Solution Stylesheet HTML Proc. Lab HTML Solution HTML Processing Rules A Simple Laboratory Environment for Real-World Offensive Security Education 20 / 23
  • 26. Motivation Environment Labs Future Work Summary Directons for Future Work • Updates to Metasploitable • Easier modifications to Metasploitable • Adding other OS images and platforms • Adding network device simulation (routers, peripherals) • Automated grading A Simple Laboratory Environment for Real-World Offensive Security Education 21 / 23
  • 27. Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
  • 28. Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity • A set of structured labs based on the environment A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
  • 29. Motivation Environment Labs Future Work Summary Summary • A virtual-machine based environment for teaching practical cybersecurity • A set of structured labs based on the environment • Directions for future work A Simple Laboratory Environment for Real-World Offensive Security Education 22 / 23
  • 30. Motivation Environment Labs Future Work Summary Thank you for your attention! The sources for this talk and several of the labs can be found in our GitHub repository: https://github.com/maxvt/cyberlabs Contact the authors at: • staro@bu.edu • maxvt@bu.edu, @maxvt • http://nislab.bu.edu/ A Simple Laboratory Environment for Real-World Offensive Security Education 23 / 23