20,199,115 2019-2020-2 "network attack and defense practice," the second week of work
Foreword
| This work belongs courses | <Links courses> |
|---|---|
| Where this requirement in the job | Second job - to build a network attack and defense practice environment |
| My aim in this course is | Offensive and defensive environment to build detailed process |
| Text of the job | Network attack and defense environment to build |
Network attack and defense environment to build
1. knowledge carding and summary
basic knowledge
- Honeynet: By building the deployment of trap network were lured with an analytical network attack techniques , by deploying a typical installation of the operating system and the existence of vulnerabilities highly interactive honeypots provide target environment, network attacks as a decoy traps.
- Drone environment: Linux Metasploitable and Windows XP Metasploitable
- Attack: Back Track 4 and Windows XP Attacker
- Detection and Prevention Platform: Honey Wall SEED virtual images: SEED Project
Related
| Virtual machine image name | The type of virtual machine images | username | password | IP |
|---|---|---|---|---|
| kali Linux | Attack aircraft | Chyle | Chyle | 192.168.200.64 |
| Windows XP Attacker | Attack aircraft | mima1234 | 192.168.200.4 | |
| seed Ubuntu16.04 | Linux attack aircraft / drones | seed | dees / seed ubuntu | 192.168.200.5 |
| win2KServer | Windows drone | administrator | mima1234 | 192.168.200.124 |
| Metasploitable2 | Linux drone | msfadmin | msfadmin | 192.168.200.125 |
| Honey Wall roo-v1.4 | Honeypot Gateway | roo | honey | 192.168.200.8 |
Build process
A, VMware installation (because it has been installed before, not many here say, if there are questions, please click on the detailed tutorial to view)
Second, the relevant virtual network card configuration
- Open the VMware Virtual Network Editor, there is no bridging mode during configuration! ! ! A heavy heart, follow a detailed solution
- NIC configuration about three modes, you can click here to know
VMnet1 related settings (master mode only)
VMnet8 related settings (. NAT mode data to be recorded, will follow-up with the oh subnet IP:! 192.168.200.0 subnet mask: 255.255.255.128)
Third, related to the virtual machine configuration
1, Linux attack aircraft -Kail installation
By scanning directly scan Kali Virtual Machine Wizard file, boot into, the relevant settings (the default user name Kali kali, password kali), Kali card settings selected customize VMnet8, mention the right (sudo su), installation tool (net -tools), execute ifconfig command to check the IP address recorded. Kali setup is complete.
2, Windows installation drone -win2kServer
Virtual Machine Wizard by scanning directly scan Win2kServer file, boot into, the relevant settings (accounts: administrator, Password: mima1234), through the shortcut ALT + CTRL + DEL to enter the system, the card is set to host-only mode. Time to set network parameters carefully! ! !
3, Metasploitable2-Linux installation
Virtual Machine Wizard by scanning directly scan Win2kServer file, boot into, the relevant settings (account number: msfadmin, Password: msfadmin), the card is set to host-only mode.
Manual IP address, using the following command:
sudo su 命令提升权限
vim /etc/rc.local
按i键进入编辑模式,方向键控制光标方向(hjkl四个键也行)在文件倒数第二行exit0之前, 插入以下两句
ifconfig eth0 192.168.200.125 netmask 255.255.255.128
route add default gw 192.168.200.1
现在按ESC键, 再按 :wq 然后回车。
之后reboot重启
ifconfig查看结果 
4, windows installation attack aircraft -windows Attacker
Virtual Machine Wizard by scanning directly scan Win2kServer file, boot into, the relevant settings (default password: mima1234), the card is set to NAT mode, check the IP address using ifconfig command.
5, SEEDUbuntu installation configuration
Select New Virtual Machine, custom installation-related image file to (account number: seed Password: ordinary users dees, administrator seedubuntu)
6, Roo honeypot Gateway Installation
Honeypot installation is relatively complex, must be careful! ! !
Select New Virtual Machine, custom installation-related image file, choose later to install the system -> Linux -> Cetus5 and earlier versions -> Network Address Translation -> Done -> Add Mirror -> Add two network cards -> Power (account: roo password: honey) j -> related configuration (su -)
IP configuration information
Configuring Remote Management
Sebek configuration
Access https://192.168.200.8 browser in windowsAttacker, change passwords Dsq * 123456
Fourth, the test
- Tcpdump -i eth0 icmp command to start listening honeypot, with attack aircraft kali-linux [IP Address: 192.168.200.2 drone metasploitable-linux] ping [IP address: 192.168.200.125]
2. Learning sentiment, thinking
- When I submitted the degree of difficulty of feeling a little big, the lack of knowledge of me exposed, feeling the body was emptied after finishing .... Luckily, I persevered, still trying to learn!
Reference material
- "Network attack and defense technology and practice"
- "Network attack and defense technology and practice" PPT
- VMware bridging mode, NAT mode, host mode only difference
- Kali Linux Vmware introduction
- Metasploitable2 series of tutorials
- Based on the third generation honeypot gateway ROO, simply set up the network environment ***