I finished the lab installation/setup documentation this week. It came in at 21 pages and hopefully will work for anyone wishing to duplicate the lab. The document can be seen here [Word doc]. I also came up with a series of 6 tasks to fulfill the lab. Here is the basic list of remaining tasks:
- Set up exploits and get a baseline of the systems.
- Execute the exploits and investigate results.
- Investigate methods to pivot within the LAN.
- Attempt to compromise other machines.
- Investigate results of monitoring.
- Finalize documentation of lab results.
More details on each task can be seen here [Word doc].
I also did a slight revamp of the network design. The "internet facing" domain controller is now using a VirtualBox NAT interface rather than bridged. This will make scanning of the LAN from the outside much more difficult, more accurately simulating a well firewalled corporate LAN. I also moved the database services off of the domain controller and onto the Snort server. I think this more closely mirrors the real world.
No comments:
Post a Comment