220.127.116.11 Lab – Set Up the IoT Security Lab Topology (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
- Part 1: Setup the Lab Environment
- Part 2: Import the IoT Security Virtual Machines
Background / Scenario
Computing power and resources have increased tremendously over the last 10 years. A benefit of having multicore processors and large amounts of RAM is the ability to use virtualization. With virtualization, one or more virtual computers operate inside one physical computer. Virtual computers that run within physical computers are called virtual machines (VMs). VMs are often called guests, and physical computers are often called hosts. Anyone with a modern computer and operating system can run VMs.
In this lab, you will set up and explore the lab environment that will be used in this course. A VM is used for many of the labs in this course. The VM is created with Oracle VirtualBox and an Oracle virtual appliance (OVA) file. The OVA file contains a special version of Linux called Kali. Kali is a very popular Linux distribution that contains many tools that are used for assessing network security. VirtualBox allows you to run this version of Linux on a Mac or PC as a VM. You can use this VM to interact with other hosts on the lab network.
Note: Only use Kali tools on networks on which you are authorized to do so. Abuse of the Kali tools will be a violation of your ethical hacking agreement.
- Host computer with at least 4 GB of RAM and 15 GB of free disk space
- Oracle VirtualBox
- IoT Security Kali Linux OVA and Metasploitable OVA files
- Internet connection
- An Ethernet patch cable
Part 1: Setup the Lab Environment
Follow the directions of your instructor to build a lab topology similar to the one shown in the Topology section of this lab. Your topology may differ slightly. For example, several PCs and Raspberry Pi devices may be connected to the same switch. What is important is that you can identify your own target Raspberry Pi using PL-App launcher.
Note: For now, do not connect Raspberry Pi devices to the network.
Instructor Note: The topology diagram provided above should serve as a guideline for the communication requirements for a single PC and Raspberry Pi pair. Depending on the lab environment and the resources available, it is possible that multiple pairs will be connected to the same switch.
Internet access is not required after the files have been downloaded. This is to isolate the student hosts from the campus network to avoid abuse of the Kali penetration testing tools on a production network.
To avoid the possibility that Kali could be used on the school network, the Kali VM will be directly connected to the Raspberry Pi in Part 2 of this lab. A number of PCs and Raspberry Pi devices can be connected to each other using a switch as well. It is important that the switch not uplink to the Internet. In addition, Kali is preconfigured with an address on the 203.0.113.0/24 network. This network is reserved for documentation and testing.
Step 1: Download and Install Oracle VirtualBox.
a. Navigate to the Oracle VirtualBox downloads page.
b. Choose and download the appropriate installation file for your operating system.
c. After you have downloaded the VirtualBox installation file, run the installer and accept the default installation settings.
Step 2: Connect the Network Topology
a. Disconnect the PC from the school network and directly connect the PC to the Raspberry Pi with the Ethernet patch cable.
Part 2: Import the IoT Security Virtual Machines
Step 1: Import the virtual machine appliance into VirtualBox.
You will open VirtualBox and import the IoT Security Kali VM .ova file to create a Kali virtual machine.
Note: The screen may look different depending on your version of VirtualBox.
a. Open VirtualBox. From the file menu, select: File > Import Appliance. Locate and select the Kali_IoTSec.ova file that you downloaded and click Next.
b. A new window will appear presenting the settings suggested in the OVA archive. Check the “Reinitialize the MAC address of all network cards” box at the bottom of the window. Leave all other settings as default. Click Import.
c. After the import is complete, VirtualBox will show the new Kali VM in its inventory. Your Kali Linux VM file name might be different than the graphic shown below.
d. Repeat the import process for the Metasploitable VM.
Step 2: Verify Network Connectivity.
In this step, you will ensure that networking is configured between the VMs and the Raspberry Pi.
The host computer has been disconnected from the campus network and connected directly to the Raspberry Pi. Because DHCP will no longer be available from the network DHCP service, we will need to run a Linux shell script. The script will start a DHCP server on the Kali VM. This will provide the Raspberry Pi to with an IP address. TCP/IP communication will then be established between the VMs and the Raspberry Pi.
Instructor Note: If you are using a network switch to connect the PC and Raspberry Pi pairs, please alter this instruction accordingly.
a. Return to the VirtualBox VM player window. Highlight the Kali VM in the list.
b. Click the green Start arrow in the menu bar. After a brief delay, you should see a new window open that displays a Username: field.
c. Enter the username of root and click Next to continue. Use toor for the password and click Sign in. If you have typed the username incorrectly for the Kali VM, click Cancel to input the correct username.
d. After Kali starts, you should see the desktop as shown below.
e. Click the Terminal icon in the desktop applications bar as shown in the figure.
f. Run the shell script that will configure IP addressing. To run the script, at the terminal prompt type the following:
[email protected]:~# ./lab_support_files/scripts/start_dhcp.sh [ ok ] Starting isc-dhcp-server (via systemctl): isc-dhcp-server.service.
g. After the script executes, at the terminal prompt, type ifconfig.
[email protected]:~# ifconfig
What IP address was assigned to the VM eth0 interface? _______________203.0.113.1
h. Minimize the VirtualBox window and open PL-App. Select the Available Devices tab. You should see your Raspberry Pi listed. Make note of the IP address of your Raspberry Pi.
IP address of the Raspberry Pi: ___________________________________
Note: If PL-App is not showing the IP address of the Raspberry Pi, use the command fping at the terminal window to determine the IP address.
[email protected]:~# fping -a -r 0 -g 203.0.113.0/24
Warning: The use of fping can be considered as an attack. Please do not use this command on a production network.
i. Return to the VM. At a terminal prompt, ping the IP address of your Raspberry Pi. Use the -c 5 parameter to limit your ping to five echo requests. If everything is working properly, you should see five successful echo replies. You have now tested the connection between the Kali Linux virtual machine and the Raspberry Pi.
j. Now open the Firefox ESR browser from the Kali desktop applications bar. Its icon is just above the Terminal icon.
k. Type the IP address of the Raspberry Pi into the address bar and press Enter. You should see the Jupyter notebooks home page appear.
Note: Because the VM shares the same network adapter as the physical computer, you can access the Pi from either machine.
l. Start and log into the Metasploitable VM. Notice the displayed messages.
What is the login credential?
Username: msfadmin password: msfadmin
What is the IP address assigned to Metasploitable VM? What was the command used to determine the IP address?
The IP address is 203.0.113.5. The command used to determine the IP address is ifconfig.
Note: To release the mouse from Metasploitable VM, press the right control key.
m. To verify network connectivity, you should be able to ping all the VMs and the Raspberry Pi.
Step 3: Shut down the VMs.
a. In the VirtualBox menu in the Kali VM window, select File > Close.
b. Click the Save the machine state radio button and click OK. The next time you start the virtual machine, you will be able to resume working in the operating system in its current state.
The other two options are:
- Send the shutdown signal: This option simulates safely shutting down a physical computer.
- Power off the machine: This option simulates an unsafe shutdown of a physical computer.
c. Repeat the shutdown process for the Metasploitable VM.