Attacking Network Device PART — 2
The Home Lab Welcome to the second module of the “Attacking Network Devices” workshop. You have learned the basic principles in the previous module. Hands-on experience is a must for a security professional who wants to gain experience in network security testing. But the problem is, how can you achieve this goal?
This module will explain how you can build your own virtual lab that will be running switches and routers virtually with real Internetworking Operating System. Once you are able to setup this lab, you can gain more experience with the Internetworking Operating System as well as testing the security of network devices.
Here, we will again clarify one thing, network devices as explained earlier in the workshop are considered any type of device that can have an IP Address or simply a device that can come and join the network.
For keeping your hacking taste sour and juicy we will try to add as many as network devices as we can and include different types of operating systems so that we can play more in our lab.
Secondly, if you already have experience in network devices like administration and management, you might already be aware of how to setup this lab. But it’s not necessary that all of our students know this, so if you already know how to do this, you can easily skip this section.
So let’s start. Now, to run these network devices, like switches or routers, you have to definitely have virtual machine software that can run these devices virtually, but on top of this, you need an emulator as well that can emulate the network operating system. GNS3 is the top in the list and there is no other software that can emulate Internetworking Operating Systems the way GNS3 can do it for you.
Let’s download this software from the below link, of course you have to go through registration steps and then you can download from below link.
Vendor Link: http://www.gns3.com/
Extensive documentation is available on the vendor site so we will not dump that here. It is recommended to use that for getting used to working with this emulator, however, we will take the board from setting up the lab and basic network configuration plus which tools you can use and how you can use them for security testing of your network devices.
Your virtual home lab on GNS3 should be running the following type of network devices as a minimum so that you have enough systems to play with. However, you need to have good hardware to achieve this goal. Secondly, the workshop will be focused mainly on Internetworking Operating Systems, however, to add a different flavor we will quickly look at other operating systems as well.
Now, to setup Linux and Microsoft you have to install Virtual Box and then create separate virtual machines accordingly. Once you have running VMs for Linux and Microsoft Operating Systems, you can integrate those into GNS3 too.
For emulating CISCO Internetworking Operating System, you need the images just like you need OS images for Microsoft and Linux to setup Virtual Machines in Virtual Box.
The workshop is built on Mac OS so we have an installed version of GNS3 for Mac OS and are also running Virtual Box for Mac.
Run the GNS3 as save a new project with preferred name. We have setup a number of Cisco IOS for different devices along with Windows XP and Kali Linux Hosts to build our virtual home lab within GNS3.
You should first get VMs up and running for other operating systems and then you can import those Machines in GNS3. To learn more about GNS3 please visit vendor website. If you can not make it, post on the forum and we will help you with GNS3 Home Labs setup in detail which can be utilized for hands-on hacking routers / switches / firewalls / Intrusion Prevention Systems, as well.
However, this requires a dedicated workshop on “GNS3 Hack Lab”, and for hakin9 to bring this workshop to you, please post and we will build another separate workshop with this fully equipped GNS3 lab in which you can hack core network security devices like IDS/IPS/Firewalls.
Now, we will add routers and switches first so that we can first boot in and show you the IOS consoles.
Now do some initial configuration by setting up a IP Address to this and then we will integrate Kali Linux as we will use Kali Linux to attach this network device. We have setup the router with this initial configuration and the IP Address of the router is shown in below snapshot.
Now, you have to connect this router with a switch and add a Kali Linux Host so that you can build the home network virtually within GNS3. To equip this virtual lab for the workshop, we will be running more routers and hosts in the final network diagram as shown below.
The final Lab diagram can look like the below as shown in the snapshot, however, you are free to add as many devices as you need, depending on your hardware performance.
So what you have in the network is accessible by the normal user and a Bad guy. Both have access to a switch and four routers running in the network.
Exercise 1 — Discovering Network
Originally published at https://learncybersec.blogspot.com.