Tag: Cybersecurity

Getting Started: Home Lab

Tim Rosenberg

Skill Level: Novice

Objectives

  • Install vmWare
  • Create a Linux Virtual Machine (Ubuntu Server)
  • Create a Kali Virtual Machine
  • Identify the IP address of each
  • Ping from machine to machine on a bridged virtual network

Introduction

This short guide is how to build a home security training lab.

The Hypervisor

I prefer vmWare . Download it and install it. There is Workstation for Windows and Fusion for Mac.

Building a VM

  1. Open vmware and click ‘Create a New Virtual Machine’

  1. Select ‘Typical’ and click Next
  2. Choose the .iso file you downloaded. By default, most Windows browsers (Chrome, Edge, Firefox, etc.) will save it in a folder marked Downloads (we’ll get into file management much later).
  3. Give the VM a name that is meaningful. Hypervisors save virtual machines like files. They reside in a directory and can be easily copied and moved. Notice where mine is being created. It’s in the directory \VMS\Sample_build on the E: drive
  4. Choose the default disk size of 20GB
  5. Click the Customize Hardware… button
  6. Click the Network Adapter
  7. Change to Bridged
  8. Close and the virtual machine will start.
  9. Accept the default options for all the screens and the OS will eventually install.

The Attacker Station (Red)

Kali – I prefer the ISO and hand install process. You can also download a pre-built VM. There is no wrong answer; especially if this is your first lab build.

  • Get the VM up and write down your password in your Red Team book
  • SNAPSHOT THE VM.
  • Get in the habit of snapshotting any VM as soon as you get the OS installed and running.
  • Taking a snapshot of a clean install makes it fast and easy to revert to known clean.

SNAPSHOT TIPS

  • Power the VM off
  • Edit the VM to remove your ISO or any attached CD/DVD installation files
    • VM->Settings->
    • Uncheck Connect at power on
    • Check Use physical drive
  • Click on VM->Snapshot->Take Snapshot…
  • Give the snapshot a meaningful name (e.g. ‘clean install’, ‘initial install’) and use the description field to clearly state the date, OS and version. I’ve even put ‘REVERT TO HERE’ just to be clear.
  • Over the weeks and months of your builds you’ll be switching between more and more VM’s, various saved states, etc. Better notes today = less confusion tomorrow

Install Linux

Any flavor of Linux – it does not matter. I prefer Ubuntu. You will be asked to create a user with a username and password. I use sadmin for the username and chiapet for the password and I have for years.

  • Why? This is a private lab; who cares?
  • I need to be build quickly and reliably.
  • You can return to this machine next month/year(s) and still login.

Objective Test

  • What is the username and password of your Linux server?
  • What is the username and password of your Kali box?
  • What is the IP address of your Linux server? (hint – login and type: ip a)
  • What is the IP address of your Kali box?
  • Can you ping each box from the other?
    • syntax is: ping <ip address>
    • If your Linux server has an IP address of 192.168.100.22 you would type (from your Kali box): ping 192.168.100.22

Troubleshooting

  • Read the screen. There may be an error on there.
  • If there’s an error, copy and past it into your AI of choice

Next Steps

  • Installing Apache
  • Using host only networking
  • Maybe some Wireshark

Embracing AI for Enhanced Content Delivery

Tim Rosenberg

Dear Cyber Community,

At the Cyber Exercise Hub, I am committed to providing you with high-quality, up-to-date content to support your journey in cyber exercises and cyber security. To achieve this goal efficiently and effectively, I have decided to leverage the power of Artificial Intelligence (AI) in our content creation process.

How I Use AI

AI technology offers tremendous potential to streamline our operations and ensure timely content delivery. Here are some ways I plan to incorporate AI:

  • Content Generation: AI will assist in generating initial drafts of articles, tutorials, and guides. This will allow me to cover a broader range of topics and respond quickly to emerging trends and developments in cybersecurity.
  • Research Assistance: AI tools will help me gather and synthesize information from various sources, ensuring my content is comprehensive and well-informed.
  • Resource Compilation: AI will aid in organizing and updating the repository of tools, scripts, and configuration files, making it easier for you to find what you need.

Ensuring Quality and Accuracy

While AI is a valuable tool, I understand the importance of human oversight. Therefore, I am committed to the following practices:

  • Human Editing: All AI-generated content will be reviewed and edited. This ensures that the information I provide is accurate, relevant, and easy to understand.
  • Quality Testing: For technical content, such as code and configuration files, I will test and validate AI-generated resources before making them available to you.
  • Transparency: I will clearly indicate when content has been generated or assisted by AI, so you are aware of the tools and methods I use.

Our Commitment to You

My primary goal is to deliver valuable and reliable content that empowers you in your cyber exercise endeavors. By integrating AI into my processes, I aim to enhance our ability to serve you better while maintaining the high standards you expect from the Cyber Exercise Hub.

I appreciate your trust and support as I embrace these innovative technologies. If you have any questions or feedback about my use of AI, please feel free to reach out.

Thank you for being a part of our community.

Sincerely,

Tim Rosenberg
Founder, the Cyber Exercise Hub

AI generated and human edited