Building the Ultimate Cybersecurity Lab - Episode 1

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi guys what's up welcome back to the channel today I want to show you my ultimate cyber security lab project that I've been working on this is a really good opportunity to get hands on and build a number of different tools that I wanted to play with for a little while so the lab looks like this I'm going to have a pfSense firewall behind that pfSense firewall I'm going to have a number of different environments this environment at the top is where all my security tools will live so I will have Cali which will be our attack tool we'll do everything from this machine Caldera which is an adversary emultion tool we're going to have wazu which is a same xdr tool nessus for vulnerability scanning we'll use security onion for threat hunting networking and monitoring The Hive will be used for security instert response and cortext will be used as an analysis tool so that integrates with the hive down here in the bottom we have our environment for vulnerable machines in this environment we'll have met blable to we'll have boogy web up and we will have D vulnerable web up we will also leave space in this network for images that we will download from vom Hub in the middle here we will have an active directory ABB so we will have a Windows Server 2022 one on ad and group policy and dhp and DNS and we will also create these two instances that's a Windows 10 and a Windows 11 machine and we will connect them to that domain over here we will have Ubuntu we'll have Docker on that and then we'll also use painer for deploying all our Docker containers all in all I think it's a really exciting lab there's loads of tech across this lab so if you're in cyber security and you want to get hands on and learn some new technology then this is going to be a brilliant lab if you want to follow along and build this lab as well everything I build in this environment is going to be hosted on proxmox I made a video a few weeks ago on the proxmox server that I built I will link it here so if you want to go back if you have a server and you want put proxmox on it by all means do that that video will show you the step-by-step guide to do that then come back here and then you can continue on on the lab build so this video will be part one of this series and in this video we're going to look at the the firewall setup we're also going to build Cali Linux we're going to build yuntu we're going to Docker on painer before we get ahead of ourselves and dive straight into deploying things then I think we need to take a minute to look at the network design and how we're going to segment all of this environment out so as I said this will all exist behind a pfSense firewall I have a number of different Vons and I'm going to use for different things Von one in the corner here is where all our security tools are going to live we're going to Von T down here all our vulnerable machines Von 20 will be used for our Windows environment and Von 30 will be used for Docker and all our containers and at some point during the lab build we will extend our environment out to one of these Cloud providers or maybe even all three if we can so I've logged into proxmox and there's a few things that I want to show you before we start first of all I've already downloaded the images that I need to build the different machines so I've downloaded the Cali Linux ISO I've also downloaded the pfSense firewall image I've went and downloaded the Ubuntu desktop ISO and also the abund live server if you want to follow along I will leave the instructions or leave the links to those different locations in the description below so before we create the farall image I want to add an additional Linux Bridge so this will be the local Lan environment so all of these links here to these different Networks that is the network adapter that will do all of those so I'm just going to do that click create the next bridge I'm going to leave this as VM br2 is fine address here is 10101 024 I'm going to click on this Von aware and I'm also going to put in a comment here say lab Lan and I create that and I'm also going to click on apply config yes okay done so you can see see now that it's active now that that is done let's click on create VM I'm going to change the ID and I'm going to call this 2011 and I'm going to say prod firewall next I'm going to choose the pfSense image that I uploaded click next next again I'm going to change the storage location to ZFS that's fine I'm going to change this to actually I'll just leave this as 32 gig that's fine go next next and next again and we'll just leave it the way it is go next then we're going to leave this leave this as vmbr0 so this is the one interface we'll come back in after and add the additional Network cck next and then finish once that's done just click on the farall on the left hand side go to hardware and I'm just going to add an additional Network device I'm going to click on ADD and then select vm2 so the lab Lan Network that we just created previously click on ADD then just click on start and then we'll go into console and we will run through the firewall build so we'll just let this R up and then we'll run to the config okay we accept still pay of sense okay I'm just going to click okay for most of these that's fine I'm going to head SPS bar there click okay destroy yes that's fine now let's reboot so at this point you will have to run through the actual firewall config settings should Vons be set up now I'm going to click on no I'll do that bit after so need to enter the one network adapter so that's vet zero and then the line is VT net one yes I'm fine with that okay so that's been completed while we're here we need to set the interface IP address so go to option two and I want to change the Lan do I want to configure pv4 address VI dhp no I need to set it up manually and going to put in the new address for this is going to be vlam 1 in our diagram so if you go back here you will see that this is vlam 1 so that's going to be 10.10.10 so this one is going to be 101 1.254 go back here here and put this in enter it's going to be a sl24 and we just press enter no I don't care about IPv6 for now yes we want to enable DHCP on that Network so click on yes create the start address so I think I had said that dhtp was going to be from 10 10150 so if we go here 10 10. 1.50 and in the end 10 1. 100 set no here okay and then let hit enter to continue so that's the base image of the firewall created so we'll build the C Linux instance next and then we'll connect to the firewall to configure the rest of the firewall rules so let's click on create VM to build the K Linux instance VM I'm going to change the ID to 202 this is going to be called prod Cali I con next select the iso image of the C Linux ISO that I uploaded next next again I'm going to change the store to ZFS I'm going to give this 120 gig of storage next I One Core to that next again so8 192 we'll give this 8 G RAM and then we go next again and then we want to put this into VM br2 so the network switch that we created so that will be connected through this link here to our firewall and and click on next and then finish so let's hit on start and boot this up and we will run to the build on continue going to little British English is fine so let's choose a host name I'm just going to keep that Cali have no domain name click continue Jed is my name then username is going to be Jed I'm going to choose a password which is not password 1 2 3 so we're going to use the entire dis continue continue again finish petitioning WR change to dis continue WR changes yes gr install so install go driver click on yes and continue I'm just going to select this dis and then click continue again so the installation has completed so let's click on continue should reboot now we need to go into hardware and then just remove the ISO uh do not use any media okay okay so let's just log in first of all let's check the network we are on so we are 1010 150 which is exactly what we wanted so we can ping the firewall happy days so let's go to the firewall one 1010 1.254 admin and PF sense oh that didn't work admin pfSense so now we've logged into the firewall let's run through the different settings that we need so we need to create the additional networks and Vance add the firewall rules for those Vance so they can get out to the internet and talk to each each other we also have to configure DHCP for those different networks so let's first of all do the networks so go to interfaces and assignments and then just click on Vons so if you look here we have to add Von 10 Von 20 and Von 30 so let's go back we click on add these are going to be off the Lan interface so this is vant 10 I'm going to click on Save I'm going to click add I'm going to add L I'm going choose V 20 save add Von 30 click on save so let's go into interface assignments next we need to assign these vlans to the Lan interface very simple just click on ADD and add again and add again and you can see these networks have been named as op one up two and up three we will change the names when we were adding the IP addresses to those interfaces so let's go to interfaces and then go to up one going to enable the interface I'm going to change the name this is going to be Von 10 ipv4 is going to be static ipv4 the address is going to be 101010 254 and this is also a sl24 network we're going to go to the very bottom and click on Save and play so let me do that for the other two enable this is going to be Von 20 static ip4 101020 254 and that's going to be sl24 and apply and then let's do the next one so it's Von 30 101030 254 and again this one is also a sl24 let's click on Save and play okay so that is the Vons configured we renamed them and we've also configured the IP addresses for those networks next thing we'll do is configure the firewall rules for those networks so click on firewall click on rules if you click into land you will see the existing firewall rules that be that come whenever you build the firewall initially then you have Von 10 20 and 30 you'll see there's no rules for these Vons so let's create them so if you go back to Lan I'm going to take this rule here that has the source L subnet destination anything on any port of very open rule but it's going to be okay for this this lab environment so I'm going to click on copy I'm going to choose Von 10 and going to click on paste you can see that's been completed so let's go back to Lan I'm going to do the same so going to copy that I'm going to do this for Von 20 paste and then go back again copy this is going to be for Von 30 now there is one other change we need to make to each of these rules so if you go to vantan you will see here the source is L subnet so we need to change that to V 10 subnets so let edit the rule if you go down to the actual Source itself you'll see there it says L subnets just change that to vantan subnets and then just save that so go to B on 20 and do the same and then beond 30 is the last one save and then we headit apply so that will apply all the network changes that we've just made the final thing that we need to do to complete the firewall setup is just to make sure DHCP is set up for those different networks so under Services you'll see DHCP server so we'll see this is what we set up previously so 10 10 1 50 to 100 now one thing we didn't do as part of that is add any DNS so I'm going to add that now I'm just going to add 1011 254 and 8.8.8.8 so I'll add that to each of the different networks and just click and save and apply so let's do the same for Von 10 I'm going to enable DP on this interface it's going to be 10 101050 this is double check and it's going to end at 101050 100 let's not forget DNS 10. 254 and save that so I made a mistake this should be 101. 10. 100 and let's just save that Bel on 20 I want to enable that 10 102050 to 101020 100 DNS and then save and 30 101350 to 1010 30 that's 100 10 10 30254 and we're going to use for DNS and then we'll click apply changes that will apply all of those Network configs to those vlans so what we've done so far is we've built this firewall we have created all of the different networks and vlans we have also con the firewall room and we've enabled DCP so for part one for this video this is what we wanted to build we wanted to build all of this networks you wanted to build c l which you've done the final bit was to build Yun server then we'll add Docker and we'll also add painer on there so let's get started with the Ubuntu Server click on create VM this one is going to be given id2 or3 I'm going to call it prod Docker click next we're going to choose the bu to server live image click next next again storage wise I'm going to give this thing a ton of different storage I'm going to choose ZFS that's where I want to store it and going to up this so on core cck next again for Ram I'm going to give this 16 G Ram so 16 384 click next for the network we're going to click on the laon also here for vlon tag remember this will exist inside vlon 30 so in here let's just do 30 and then we click on next again and then we click on finish let's go to console and start this thing up so we going to do the install we choose English we're going to go done then we want the you want do server click done again so you will notice here that we've got the IP address of done and again I'm just going to run through all the way through this setup J I'm going to call yuny for now pick your username J upgrade to e Pro skip for now I'm going to hit that cuz I want to install open SSH cuz I want the SSH to this server from my c Linux machine now at this stage you can install other things you see Docker is in here already but I'm actually going to do it manually so then I can show you guys where to go to get the documentation on just what bits you need so let that run through the install let take a few minutes then we can do Docker and then we'll get painer installed okay so the install is complete let's go down to reboot now while that is doing that let's go back to our K Linux machine cuz I want to search online to get the commands that we need to install Docker on painer so I'm just going to go to Google so in here I'm just going to type in Docker install you want to and I'm going to choose any of these so this is the install commands that we need for Docker let's just go back to the docker server and check what's going on okay so so that server is built I can now log into that server let's go back to Cali and let's see if we can ping that server and if those firewall rules have worked so 10350 okay perfect that worked so if I do SSH J 101030 yes the password okay so I'm connected to that server let's first of all let's do the docker install so run the fun command to uninstall any conflicting packages okay so let's grab the next commands to set up the docker FP repository so paste that in and then let's go to the next set of commands so install Docker install the lest version let's copy that and paste that in so why for yes so no Services need to be restarted okay so that looks good so verify Docker engine installation okay let's copy this and go back here and this clipboard and as you you can see hello from Docker this message shows that your installation appears to be working correctly so that means Docker is installed if you do sud Docker PS that should check and see so there's no containers here it actually builds that hello world container and then just destroys it again you won't do installed we've installed Docker the last thing we have to do is install painer let's go back here to Google I'm going to get the commands we need need to install painer so install painer on Community Edition with talker perfect we'll take that one okay so let's go down to deployment we have to create a volume first of all and then we will download and install a painer server container okay let's copy this and go back to command prompt going to paste this in we need to add sudo before we run those commands so so go back put too in and then run that command again okay so that's created the painer data volume then the next one here copy that go back here and then we'll paste it so again we need to go ahead R start and add sudo so Docker PS okay so you can see this container is there it is running on Port 9443 so if we go up here and we type in the address of our Docker server so 30. 50 9443 okay so let's create a password and untick this let's create user so when you get to this page you will see where it says here environment is non- selected if you just click on environments and then you will see should be an environment is local there it is here click on live connect and that will bring you to your local environment which is here so you can see there there's two containers we have the protainer container that we had that is actually this and then you have the previous container that we ran as part of the install and that was hello world we can actually just like that and click on remove let's let's review what we've done so we go back to the design again we can see we have built this PF s firewall we have created all of the various different networks that we need we've built this C Linux machine so that's going to be our attch machine and our management machine which we'll do everything from we've also created the different vlans over in VLAN 30 here we've added the Ubuntu Server we've installed Docker and we've also added painer on there so that's what we will use to deploy all our containers and that's it so far that was what we're going to do in part one so if you followed along I hope yours is working and it's the same state as mine um if you have any questions drop them in the comment box below and I'll try and go through and answer them if you look at the high level design there's a lot of different tools that we need to install and if you're new to cyber security or you just trying to get your hands on some new cool technology in cyber security then this is a really good project that will help you so thank you so much for watching and that's pretty much it for today so I'll see you next week for

Info

Channel: Gerard O'Brien

Views: 28,870

Rating: undefined out of 5

Keywords: cybersecurity, homelab, labsecurity, pfsense, ubuntu, docker, containers, ultimatecybersecurity, firewall, security

Id: XIvn0ZDSmKA

Channel Id: undefined

Length: 23min 11sec (1391 seconds)

Published: Mon Mar 04 2024