Differences between revisions 16 and 35 (spanning 19 versions)
Revision 16 as of 2012-03-22 20:15:25
Size: 3971
Editor: fwoutside
Comment:
Revision 35 as of 2019-02-07 19:45:40
Size: 950
Editor: scot
Comment:
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:
First of all, you don't need to be here. All the necessary information on this page is linked from the Moodle2 website. That being said, this will contain all the necessary information to complete the labs as assigned in CPTR 427. This page contains the necessary information to complete the labs as assigned in CPTR 427. (Note to admins: This page underwent major revisions on 1/12/2017 – see the previous page for legacy content).
Line 7: Line 7:
== Topics == == Lab Topics ==
Line 9: Line 9:
 * [[attachment:Lab 01 Virtual Machine Setup.docx]]
 * [[attachment:Lab 02 Symmetric Encryption Tools.docx]]
 * [[attachment:Lab 03 NMAP.docx]]
 * [[attachment:Lab 04 Vulnerability Scanners.docx]]
 * [[attachment:Lab 05 Netstat and TCPDump.docx]]
 * [[attachment:Lab 06 Identity and Email Security.docx]]
 * [[attachment:Lab 07 Kerberos.docx]]
 * [[attachment:Lab 08 Certificate Server - Code Signing and SSL.docx]]
 * [[attachment:Lab 09 Forensics Survey - Wireless Security - War Drive.docx]]
 * [[attachment:Lab 10 IPSec and VPN.docx]]
 * [[attachment:Lab 11 Intrusion Detection.docx]]
 * [[attachment:Lab 12 Firewall.docx]]
 * [[attachment:Lab 13 Windows Group Policies.docx]]
 * [[attachment:Lab 14 Proxy Spam Filter and Smart Host.docx]]

= Labs Hints =

== Lab 01: Getting started with your virtual machines ==

For your '''Windows''' machines you will need to perform the following steps once you have received the virtual machine.

 1. Change the password on owner.
 1. Rename your machine (they all come out of the factory with the same name)
 1. Your factory machine has not been activated. You will need a key from MSDNAA to activate your machine.
 1. NOW that you have a key, activate your machine.

For Ubuntu machines...

 1. Change the password on owner.
 2. Rename your machine to your own liking.

== Lab 08: SSL and code signing lab ==

Hints: To get a code signing template to show up on the web page, you need to add it to the templates. Just go into the CA and right click templates and select new.... DO NOT ADD your site to the trusted sites list in windows. This will cause you problems. If at first you don't succeed, close it all and restart IE.

 1. When installing your certificate authority, you should install an enterprise CA.
 1. Click on the server name in IIS Manager, then double click on Server Certificates
 1. Create a certificate request (right hand pannel)
 1. Make sure to fill in your data correctly.

Before you submit the request you need to change the permissions on the Web Server template.

 1. Open Certificate Authority from Administrative Tools
 1. Click the + symbol to expand your CA
 1. Right Click on Certificate Templates and click Manage.
 1. Double Click on "Web Server"
 1. Click the Security Tab and add the "Enroll" permission to Authenticated Users.
 1. Click OK.
 1. Close the Certificate Template Console Window
 1. Restart the certificate service (right click on the CA, All tasks, stop... then start).

Submitting your request to the Enterprise Certificate Authority through the gui will give you an error:

{{{
The request contains no certificate template information. 0x80094801 (-2146875391)

Denied by Policy Module 0x80094801, The request does not contain a certificate template
extension or the Certificate Template request attribute.
}}}

From [[http://pdconsec.net/blogs/davidr/archive/2008/08/13/No_2D00_Certificate_2D00_Template_2D00_In_2D00_Request.aspx|this site]] we found that there is a command line way to specify the certificate:

{{{
certreq -submit -attrib "CertificateTemplate: WebServer" WebServerCertReq.txt
}}}

== Lab 13: Windows NTFS/Share Permissions Lab ==

''RSAT'' (Remote Server Administration Tools) has replaced (somewhat) the Support Tools. At any rate you can get them here:
   * [[http://www.microsoft.com/downloads/details.aspx?FamilyId=9FF6E897-23CE-4A36-B7FC-D52065DE9960&displaylang=en]]
   * [[attachment:Scriptomatic2.exe]]
   * [[attachment:Windows6.0-KB941314-x86_en-US.msu]]
   * [[attachment:rktools.exe]]

''xcacls'' has been replaced by ''Icacls'' in Vista and Windows 2008.
 * [[/Lab01|Lab 01]] Networking basics and virtual machine Setup
 * [[/Lab02|Lab 02]] Firewall and NAT setup
 * [[/Lab03|Lab 03]] Firewall continued and remote access to Kali via VNC
 * [[/Lab03.5|Lab 03.5]] Hardening the OSs.
 * [[/Lab04|Lab 04]] Symmetric encryption
 * [[/Lab05|Lab 05]] VPN setup
 * [[/Lab06|Lab 06]] Wardriving (wireless)
 * [[/Lab07|Lab 07]] IDS/IPS Snort on pfSense
 * [[/Lab08|Lab 08]] Network and vulnerability scanning
 * [[/Lab09|Lab 09]] Metasploit framework and hacking Metasploitable Linux
 * [[/Lab10|Lab 10]] Password cracking
 * [[/Lab11|Lab 11]] Hacking Metasploitable2 (Windows)
 * [[/Lab12|Lab 12]] Hacking !WordPress 2.8

Network Security Labs

This page contains the necessary information to complete the labs as assigned in CPTR 427. (Note to admins: This page underwent major revisions on 1/12/2017 – see the previous page for legacy content).

Lab Topics

  • Lab 01 Networking basics and virtual machine Setup

  • Lab 02 Firewall and NAT setup

  • Lab 03 Firewall continued and remote access to Kali via VNC

  • Lab 03.5 Hardening the OSs.

  • Lab 04 Symmetric encryption

  • Lab 05 VPN setup

  • Lab 06 Wardriving (wireless)

  • Lab 07 IDS/IPS Snort on pfSense

  • Lab 08 Network and vulnerability scanning

  • Lab 09 Metasploit framework and hacking Metasploitable Linux

  • Lab 10 Password cracking

  • Lab 11 Hacking Metasploitable2 (Windows)

  • Lab 12 Hacking WordPress 2.8

NetworkSecurity/Lab (last edited 2021-02-17 15:00:38 by scot)