Tweet
The Naval Postgraduate School has available some:
You can find them here.
It's more than 40 exercises in 5 GB VM images.
I haven't done them but I'll definitely take a look. They seem interesting for n00bs like myself, they cover the following topics:
The VM's can be downloaded from here.
Anyone tried this exercises already? feedback?
Fully packaged Linux-based computer science lab exercises with an initial emphasis on cybersecurity
It's more than 40 exercises in 5 GB VM images.
I haven't done them but I'll definitely take a look. They seem interesting for n00bs like myself, they cover the following topics:
- Software Vulnerabilities
- An example program vulnerable to a stack buffer overflow (including 64-bit version)
- Explore C library printf function vulnerabilities (including 64-bit version)
- Exploit a program using a buffer overflow and return-to-libc
- An introduction to using gdb to debug a simple C program
- Use metasploit on a Kali Linux system to attack a "metasploitable" host.
- Risks of the setuid feature, including environment variables
- Reverse engineer a simple vulnerable service to discover and demonstrate some of its properties
- Explore over 200 vulnerable services from the DARPA Cyber Grand Challenge
- Networking
- The student uses telnet to access a remote computer, and employs the tcpdump tool to view plaintext passwords, and to observe how use of ssh mitigates that vulnerability
- The nmap utility is used to locate an ssh server on a network and to discover the port number being used by the service.
- The nmap utility is utilized in combination with the tshark network traffic analysis utility to demonstrate a security problem with an ssh server
- Simple routing example with two LANs and an internet connection via NAT
- The iptables utility is used to configure a “firewall” component to only forward selected application service traffic between a client and a server.
- TCP/IP protocol vulnerabilities, including SYN flooding, RST attacks and session hijacking
- Use of ARP spoofing for Man-in-the-middle attacks
- DNS spoofing and cache poisoning on a local area network
- Use of snort for network intrusion detection
- Set up a DMZ for an enterprise
- Use a Radius authentication service to authenticate network devices
- Authenticate users of Linux servers using an LDAP service
- Network Traffic Analysis
- The tshark network traffic analysis tool is used to identify and display a specific network packet containing a plaintext password.
- Introduction to the use of Wireshark analyze network traffic.
- Use Wireshark for more advanced analysis of network traffic
- Develop programs using the PCAP library to analyze an unknown packet capture.
- Explore the NetFlow network traffic protocol and data record type using the CMU SiLK software suite.
- Crypto Labs
- Exploration of cryptographic hashes and the potential for hash collisions.
- Introduction to generating cryptographic hashes using the openssl utility.
- Explore public key certificates from a variety of web sites
- Use of a public/private key pair to access a server via ssh.
- Use an SSH agent to manage your private key and avoid retyping your passphase
- Use of SSL to authenticate both sides of a connection, includes creating and signing certificates using a CA.
- Exploration of symmetric key encryption modes.
- Example use of OpenVPN to protect network traffic.
- Web Security Labs
- Illustrates web tracking techniques and the role of ad servers
- Cross Site Request Forgery with a vulnerable web site
- Cross site scripting attacks on a vulnerable web server.
- SQL injection attacks and countermeasures.
- System Security & Operations
- Acess Control Lists (ACLs) on Linux
- Using tar and dump/restore for file backups, including remote backups
- Use of Linux capabilities to limit program privileges.
- System log basic usage and configuration on an Ubuntu system.
- System log basic usage and configuration on a CentOS system.
- Data recovery from deleted files within EXT2 and NTFS file systems
- File integrity checking and intrustion detetion with AIDE
- Introduction to passwords and elementary cracking schemes
- Use of the denyhost utility to block brute force attacks on SSH
- Introduction to Linux and shell commands
- Industrial Control System Security
- Program a software-based Programmable Logic Controller (PLC)
- Forensic analysis of a PLC session from a rouge client, including CIP & EtherNet/IP protocols
- Simulated example of a vulnerable PLC system
- Application firewall and whitelisting to protect a PLC
- use iptables to limit traffic destined for a PLC through a firewall
- Intro to the GrassMarlin SCADA/ICS network discovery tool
- use the GrassMarlin tool to view traffic you generate interacting with a PLC
The VM's can be downloaded from here.
Anyone tried this exercises already? feedback?
Comment