If you can't read please download the document

14_Lab1

Embed Size (px)

Citation preview

  • 7/26/2019 14_Lab1

    1/5

    L1-1

    Lab 1

    Scenario: Customer is under attack

    Overview

    DescriptionThis lab introduces you to the Pravail APS installation, initial

    configuration and upgrade processes. You will learn about essential steps

    performed. This lab is divided into the following parts:

    Installation of Pravail APS in monitor mode

    Initial CLI configuration using wizard

    Upgrade process

    Attack monitoring

    Setup

    Internet

    DCN

    ext0 int0

    mgt0 mgt1

    2 Mbpslast mile

    Victim

    Infrastructure that does

    not need protection

  • 7/26/2019 14_Lab1

    2/5

    Pravail APS Installation, Initial configuration and Upgrade

    Lab 1

    L1-2 Pravail APS 3.1

    In this lab Pravail APS will be setup in monitor mode. Interfaces are

    connected in the following way:

    ext0 is receiving copies of packets coming from the internet

    int0 is receiving copies of packets coming from the data center

    mgt0 is connected to out of band management network

    mgt1 is connected to the data center. It is used for Pravail APS to

    access the internet

    Objectives

    After completing this lab, you will be able to do the following:

    Perform installation and initial configuration of Pravail APS in monitor mode;

    Perform upgrade of Pravail APS.

    Equipment/Tools

    The following equipment is required to complete this lab:

    SSH client

    web browser

    Ask you instructor for lab access instructions.

    Estimated Completion Time

    The estimated completion time for this lab is 1 hour.

    Connectivity verification

    1. Victim has IP address of

    Verify that you can access the victim web server at

    2. Ask instructor to start the attack

    3. Verify that victim is no longer available

    Pravail APS Installation

    Serial console access

    In this section you will use an SSH client installed on your PC to connect to

    the serial console port of your Pravail APS lab appliance.

    Console server IP address: 10.2.25.129

    http://10.2.25.44/

    192.168.114.1

  • 7/26/2019 14_Lab1

    3/5

    Lab 1 Pravail APS Installation, Initial configuration and Upgrade

    L1-3

    Console server login:

    Console server password:

    4. Use SSH client to connect to console server with above credentials

    5. To access Pravail APS serial console press 1

    6. After you have successfully performed above steps, ask instructor to

    start your Pravail APS instance

    Installation process

    In this section we will perform initial installation steps. These steps are

    typically performed on new Pravail APS appliance after power on.

    1. Wait while Pravail APS installation process prepares hard drive andcopies necessary software packages. This process may take up to half

    an hour.

    2. Set system hostname to

    3. Set IP address of mgt0 interface to

    4. Set Network mask of interface mgt0 to 255.255.255.128

    5. Skip media setting for interface mgt0 (press Enter)

    6. Set IP address of mgt1 interface to

    7. Set Network mask of interface mgt1 to 255.255.255.240

    8. Skip media setting for interface mgt1 (press Enter)

    9. Set default gateway to

    10.Permit HTTPS access from any network type 0.0.0.0/0as the first entry

    and confirm that there are no more entries by pressing enter for [done]

    11.Permit ICMP Ping access from any network type 0.0.0.0/0as the first

    entry and confirm that there are no more entries by pressing enter for [done]

    12.Skip cloud signal protocol ACL configuration (press Enter)

    13.Permit SSH access from any network type 0.0.0.0/0

    as the first entry and

    confirm that there are no more entries by pressing enter for [done]

    14.Check that current date/time matches actual clock in UTC time zone.

    Format of the string is MMDDhhmm[[CC]YY][.ss]

    student14

    39nJbvYu78

    192.168.114.3

    10.2.25.144

    192.168.114.14

    APS-LAB14

  • 7/26/2019 14_Lab1

    4/5

    Pravail APS Installation, Initial configuration and Upgrade

    Lab 1

    L1-4 Pravail APS 3.1

    Initial CLI configuration

    In this section, you will learn how to perform initial system configuration

    via CLI. This includes changing admin user password, configuring DNS

    service, entering license key and starting Pravail APS service.

    1. Log into the CLI using default login credentials of admin/arbor

    2. Use services aaa local password admin interactive command to

    change admin user password. Change admin password to

    3. Configure a static route to the rest of DCN network using ip route add

    10.0.0.0/8 10.2.25.254 command

    4. Configure 8.8.8.8 as your dns server using services dns server add

    8.8.8.8command

    5.

    Set license key using following command (license key is typicallyprovided by ATAC)

    6. Configure Pravail APS to run in monitor mode

    services pravail mode set monitor

    7. Start Pravail APS service

    services pravail start

    8. Save configuration (config write)

    Initial start of Pravail APS service may take few minutes.

    Initial GUI configuration

    1. Log into

    using credentials you have configured

    2. Change system time zone to local on Administration->General page.

    Also make sure that date format and hour format are set conveniently

    to you.

    3. Configure 10.2.25.129as SMTP server.

    This will clear up alert you are getting after initial installation. You can

    review this alert in Administration->System Alerts.

    Pravail APS upgrade

    As a part of this training, we will perform system upgrade. Typically

    upgrade files are uploaded through GUI (Administration->Files), but for

    sake of simplicity we will use direct transfer from remote file server.

    39nJbvYu78

    https://10.2.25.144/

    8PKCG-2P125-34J85-0TK1K-4FXYD-X9VS2-53MJ6-HZ5J3-1HGYW

    / system license set Pravail "PRA-APS-2104 expires: 1384934336"

  • 7/26/2019 14_Lab1

    5/5

    Lab 1 Pravail APS Installation, Initial configuration and Upgrade

    L1-5

    1. Upgrade files are located on local anonymous FTP server 10.2.25.129.

    To copy files to your Pravail APS appliance, use following commands:

    system file copy ftp://10.2.25.129/arbos-5.3-DFYD-i686-vlab disk:

    system file copy ftp://10.2.25.129/Pravail-APS-3.1-DFYD-vlabdisk:

    2. Stop Pravail APS service using services pravail stop

    3. Save configuration (config write)

    4. Uninstall old Pravail APS package using system files uninstall

    command. You can find exact names of installed packages in system

    file show list.

    5. Install new Arbos package using

    system file install disk:arbos-5.3-DFYD-i686-vlab

    6. After installation of new Arbos package immediately reboot appliancewith reloadcommand.WARNING: do not save system configuration

    after installation of new Arbos package until you reboot the device.

    Note that due to architectural limitations of lab environment reload

    command will actually power down your appliance. Ask your instructor

    to power it back on.

    7. Install new Pravail APS package using

    system file install disk:Pravail-APS-3.1-DFYD-vlab

    8. Start Pravail APS service

    services aps start

    9. Save configuration (config write)

    Basic attack monitoring

    1. Check AIF highlights widget of summary page, note matching traffic

    2. Note Blocked traffic and Blocked hosts on overview widget of

    summary page

    This completes the lab exercise.


Life Is Just A Dream - Or Is It?

Life Is Just A Dream - Or Is It?

Documents
Barclays1

Barclays1

Documents
The Best American Humorous Short Stories

The Best American Humorous Short Stories

Documents
One Flew Over the Cuckoo's Nest

One Flew Over the Cuckoo's Nest

Documents
Acetone Peroxide

Acetone Peroxide

Documents
The Last Carnival I Ever Saw

The Last Carnival I Ever Saw

Documents
Venture Capital

Venture Capital

Documents
Star Wars Original Trilogy Trivia (Episodes IV-VI)

Star Wars Original Trilogy Trivia (Episodes IV-VI)

Documents
United States Constitution

United States Constitution

Documents
(Tesla) - The Tesla Magnetic Car Engine

(Tesla) - The Tesla Magnetic Car Engine

Documents
Compressing And Decompressing Folders

Compressing And Decompressing Folders

Documents
Steve Jobs' Commencement Speech at Stanford

Steve Jobs' Commencement Speech at Stanford

Documents
Basic Buffer Overflows Explained

Basic Buffer Overflows Explained

Documents
Heidegger Kritik

Heidegger Kritik

Documents
Chapter 24

Chapter 24

Documents
Star Wars Trivia!

Star Wars Trivia!

Documents
The Dutch Republic In International Trade

The Dutch Republic In International Trade

Documents
Algorithms

Algorithms

Documents
Simple Functions in Haskell

Simple Functions in Haskell

Documents
How Computer Keyboards Work

How Computer Keyboards Work

Documents
18 Tricks to Teach Your Body

18 Tricks to Teach Your Body

Documents
Explore The Levels of Creation

Explore The Levels of Creation

Documents
Chapter 23

Chapter 23

Documents
Keyboard Shortcuts for the Opera Browser for Mac OS X

Keyboard Shortcuts for the Opera Browser for Mac OS X

Documents
Physical Modelling Synthesis Overview

Physical Modelling Synthesis Overview

Documents
Introduction to Six Sigma

Introduction to Six Sigma

Documents
Personality Development

Personality Development

Documents
Fortran

Fortran

Documents
Daniel Zanella and Alexander Weygers

Daniel Zanella and Alexander Weygers

Documents
xCDC14a

xCDC14a

Documents