| This work belongs courses | "Network attack and defense practice." |
| Where this requirement in the job | "Network attack and defense practice," the second week of work |
| In particular aspects of the job which helped me achieve goals | Learning environment to build offensive and defensive |
| Text of the job .... | See text |
| Other references | See References |
1. knowledge carding and summary
A basic offensive and defensive network experimental environment include: drones, attack aircraft, attack detection, analysis and defense platforms, network connections.
The job:
- linux attack aircraft: Kali
- windows attack aircraft: WinXPattacker
- linux drone: Metasploitable2-Linux
- windows drone: Win2kServer_SP0_target
- seed Ubuntu16.04
- Honey Gateway
2. The offense and defense environment to build process
2.1 offensive environment topology
2.2VMvare Network Configuration
Set VMnet0, VMnet1, VMnet8
Set VMnet8 NAT and DHCP:
2.3linux attack aircraft -Kail installation
Open VMware, "File" -> "Scan virtual machine" -> Import Kali
setting Kali card, select Custom VMnet8
open Virtual Machine -> enter a user name and password (both kali) -> Open Terminal-- > enter the command sudo su (provisional application root privileges) -> input apt install net-tools to install net-tools -> enter ifconfig to view the network device information
2.4 virtual machine installed drone win2kServer
Also as to scan the virtual machine is introduced, the card is provided in FIG
open Virtual Machine -> prompted press ALT + CTRL + DEL shortcut into the system -> user name administrator, mima1234 password -> Double click the lower right corner "two small TV" style icon to enter the local Area connection status window -> "properties" -> "Internet protocol (TCP / IP)" -> " properties" -> set IP addresses are shown
2.5windows Attacker installation
Also as to scan the virtual machine is introduced, the card is provided in FIG
open Virtual Machine -> password mima1234 -> into the command prompt -> network device information input view ipconfig
2.6Metasploitable2-Linux installation
Also to import virtual machines scanned, the card is set as follows
to open Virtual Machine -> enter a user name and password (both msfadmin) -> enter the command sudo su (provisional application root privileges) -> Enter vim / etc / rc.local
entering vim editor -> press "i" enters the input mode -> the file before the penultimate line exit0, the following two insert
the ifconfig eth0 192.168.200.125 255.255.255.128 Netmask
route the Add default GW 192.168.200.1
- -> press ESC to return to command mode, enter: wq to save and exit -> reboot
enter ifconfig command to view the network device information after reboot
2.7SEEDUbuntu installation configuration
"File" -> "New Virtual Machine" -> "Custom" -> compatibility settings is not required -> "to install the operating system later" -> Operating System Options "linux", version of the option "ubuntu" -> name position setting is not required -> "next" -> "Next" -> "Next" -> "Next" -> "Next" -> "next" -> "use an existing virtual disk" -> select seedubuntu of vmdk file -> set default Thereafter, the next step to completion.
NIC installed as shown in
open Virtual Machine -> enter a user name seed, password dees -> gain root privileges (root password seedubuntu) by su command -> ifconfig to view the network device information
2.8 gateway installed honeypot
"File" -> "New Virtual Machine" -> "Custom" -> Hardware Compatibility Select "Workstation 6.5-7.x" -> "to install the operating system later" -> Operating System Options " linux ", version select" CentOS 5 and earlier "-> position setting is not required -> number of processors and cores can select 1 -> adaptive memory allocation ->" network address Translation (NAT "->" LSI Logic "->" SCSI (S) "->" create a new virtual disk "-> default to completion
Add a mirror
to add two network cards, set as shown in
open Virtual Machine -> press the Enter key to install Honeywall software -> enter a user name roo, password honey -> Enter su - to gain root privileges to enter the configuration interface -> "4 Honeywall Configuration" -> " Yes" ( declaration of non-risk) -> "Defaults" -> "Yes" (rebuild)
Honeypot Configuration
". 4 Honeywall the Configuration" ->
"and the IP. 1 Mode Information" ->
"the IP of Honeypot the Address 2" ->
"192.168.200.124 192.168.200.125" ->
"the LAN Broadcast. 5 the Address" - >
"192.168.200.127" (honeynets segment broadcast IP address) ->
"the Prefix CIDR the LAN. 6" ->
"192.168.200.0/25" (honey configuration network segment)
Honeywall management configuration
arranged to select the main interface ". 4 Honeywall the Configuration" ->
"the Remote Management 2" ->
"the IP the Address Management. 1" ->
"192.168.200.8" (the management interface the IP) ->
"Management 2 Netmask "->
" 255.255.255.128 "(the management interface IP mask) ->
" management gateway 3 "->
" 192.168.200.1 "(management port gateway) ->
" 7 Manager "(settings can be managed honey range remote control terminal IP network gateway) ->
"192.168.200.0/25" (gateway management network segment)
Sebek configuration server
configured to select the main interface ". 4 Honeywall the Configuration" ->
"Sebek. 11" ->
"the 192.168.200.0" (Sebek server IP) ->
port selected from "1101" ->
Sebek packet processing option select "Drop"
2.9 Connectivity Test
In windowsAttacker the browser to open https: //192.168.200.8-->
Login roo, honey password and then modify the code ->
honeypot gateway through su - to gain root privileges after running tcpdump -i eth0 icmp
The ping win2kserver Kail
winattacker the ping win2kserver
win2kserver the ping windowsattacker
SEEDUbuntu the ping Metasploitable2-Linux
information roo in tcpdump, you can see the normal function of the bridge
3. The problems and solutions encountered in the study
- Question 1: VMvare no VMnet0
- Problem 1 Solution: See the Vmware installation, no VMnet0 , can also be opened directly as administrator
4. Learning perception, thinking, etc.
- The structure of the network attack and defense environment composed of a certain understanding.
- Thank Sun Qilong students reconciliation founding of two students assiduously, writing a great blog, their work has given me great help and inspiration.