Chao-Hsien Chu, Ph.D.College of Information Sciences and Technology

The Pennsylvania State UniversityUniversity Park, PA 16802

About the Hands-on LabAbout the Hands-on Lab

IST 515

LearningbyDoing

Theo

ry

Practi

ce

Hands-on Labs Folder

• Lab User Guide

• About the Lab Slide

Lab Folder

ObjectivesObjectives

This module will familiarize you with the following: The special needs for IA education Common approaches used in lab design The challenges faced Motivations for virtual security lab (VSL) VSL implementation at UP How to install “VMware Infrastructure Client”? How to login to VSL? The hands-on exercises for this course.

ReadingReading

• IST 515, “A Brief Guide for Using VSL.” (Required)• Jorg Keller and Ralf Naues, “Design of a Virtual Computer

Security Lab,” Proceedings of Communication, Network, and Information Security (CNIS 2006), 2006. http://pv.fernuni-hagen.de/docs/547-045.pdf

• Padman, V. and Memon, N., “Design of A Virtual Laboratory for Information Assurance Education and Research,” Proc. of the 2002 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY (17-19 June 2002).

• Summers, W. C., Carlos Martin, B., “Using a Virtual Lab to teach an online Information Assurance Program,” InfoSec CD 2005 (Sept. 2005).

• VMWare, Inc. http://vmware.com

The Special Needs for IA EducationThe Special Needs for IA Education

Hands-on exercise is a critical and integrated component of any effective information security education and training program.

Students are expected to experiment with security software without worry that their experiment may impact other computer systems / students.

Students should be able to evaluate the security of different operating systems, attempt to compromise the security of computer systems, and install additional security mechanisms without concern that their actions may affect other computers systems / students.

Security hardware (Firewall, IDS); Human factors; Defense-in-depth; Multidisciplinary.

Common Approaches UsedCommon Approaches Used

Some instructors require students to complete the exercises using their own computers.

Lab experiences are typically conducted in an isolated computer lab where security problems that may occur are unable to affect other computers on campus.

A common alternative is to develop a virtual network environment using simulators:- Virtual Network System (VNS).- Use virtual machines (VM) to emulate the hardware of different computers in a network.

Virtual Gaming /Simulation (2nd Life)

The Challenges FacedThe Challenges Faced

The number of security related courses are increasing.

The number of students interested in SRA are increasing.

The physical space for security lab remains the same or reduced.

Difficulty in maintaining an isolated security lab to meet classes and students’ schedules.

Need to accommodate commuter students. Need to provide distance-learning education. Lack of emulators for security hardware

Motivations for VSLMotivations for VSL

Increasing advanced hands-on learning in networking and security courses (without sacrificing from content).

Making campus computing resources available to commuter students for 7/24.

Providing hands-on learning experiences in a distance learning model.

Reducing lab hardware, software, and maintenance costs, and the need for specialized computer labs.

Providing an agile and secured computing environment.

Virtual Machine / EnvironmentVirtual Machine / Environment

• Virtual machines are software emulations of fully functional operating systems such as Windows XP, Windows Sever 2008, and Linux.

Virtual Lab

Win XP(2) LinuxWin XP(1) Win XP(2) LinuxWin XP(1) Win XP(2) LinuxWin XP(1)

Internet

X.2 X.3 X.4 X.6 X.7 X.8

X: 192.168.0

TargetVirtual

Machines

ClientVirtual

Machines

ClientPhysicalMachines

vslvc.ist.psu.eduESX Server

VIC

Networking StatusNetworking Status

• All virtual machines (Targets and clients) are networked together.

• You should be able to access target machines/servers without special setting.

• You need to turn off the firewall setting in your client machines (note: in Windows Security, located in the Control Panel) in order to communicate with each other and capture their traffic.

Hands-on PracticeHands-on Practice

• Install VMware Infrastructure Client.Install VMware Infrastructure Client.• Login to the virtual security Lab and your Login to the virtual security Lab and your

client machines.client machines.• Find the IP address of your client machines. Find the IP address of your client machines. • Check the network connection between target Check the network connection between target

and client machines.and client machines.• Check the network connection between your Check the network connection between your

client machines.client machines.• Get to know your virtual security lab Get to know your virtual security lab

environment. environment.

Install VMware Infrastructure ClientInstall VMware Infrastructure Client

• Start an Internet browser (e.g., IE Explorer or Firefox).

• Enter URL: https://vhol.up.ist.psu.edu/

• Click on the link “Download vSphere Client” to download the VS Client.

• Install it on your computer (note: the client only needs to be installed one time).

• If you use an earlier version of VI, please uninstall it (uninstall Microsoft Visual J as well if you use a 64 bits OS), delete related files from Program Files directory, reboot the system and then install the newer version.

How to Login to VSL?How to Login to VSL?

• Activate VMware Infrastructure client.

• Enter the IP address of the virtual network, your Penn State User name and Password. Click the Login button to connect to the network.

• Follow the instructions provided in user guide to try the hands-on lab.

Depends on which team you were

assigned. In this case, it is team 1.

Screenshot of virtual

environmentPower-on

Button

Open Console and Inventory are two

important menu icons that you need to

explore

Login to Virtual ClientsLogin to Virtual Clients

• Click on the “Power on” button (green color, located on the top menu bar) to turn on the machine.

 Login to the Virtual Win XP. Click on the “Administrator” Logged on button to login;

 Login to the Virtual Linux. Enter “administrator” in the text box of User Name and “password” in the Password text box.

How to Access File ServerHow to Access File Server

• The IP for the file server is: 192.168.0.2.

• Click on the “Start” button and then select the “Run” button to open a dialog box. Enter the IP address of the file sharing server.

• Log into the file server using your virtual machine ID and password. You will see two folders: Share and Upload.

ID: IST515-Pub

Password: IST515-Pub

(For Windows Clients Only)

IST 515: Penetration Test LabsIST 515: Penetration Test Labs

Lab 1: Security Policy. Lab 2: Footprinting. Whois, Nslookup, Dig, Ping,

Traceroute and Sam Spade.

Lab 3: Network Scanning. SuperScan, Netbrute, NMap. Lab 4: Enumeration. LANguard Network Security

Scanner, ENUM, and SNScan. Lab 5: System Hacking. Password Cracking; spyware,

and Metasploit Framework. Lab 6: Trojan and Backdoor. Lab 7: Buffer Overflow.

Lab 8: Social Engineering.

Lessons LearnedLessons Learned

It allows students to gain hands-on experiences without the need of physically attending labs on campus.

Instructors can use the system in class to enhance teaching and discussion anywhere and anytime.

Assignments can be designed without limited by the available computing resources.

Students are able to experiment with security software without worry that their experiment may impact other computer systems.

Students can evaluate security of different operating systems, attempt to compromise the security of computer systems, and install additional security mechanisms without concern that their actions may affect other computers.

Thank You?

Any Question?