SlideShare a Scribd company logo

Secure lab setup for cyber security

Download as PPTX, PDF
Birju Tank
Birju Tank

This document outlines plans for setting up a secure cybersecurity lab with three main goals: 1) Support both Windows and Linux systems to emulate a real-world environment, 2) Be able to isolate the lab network from the campus network for exercises, and 3) Provide a mixed-use space for both security exercises and general usage. Key aspects of the lab setup include using virtual machines on physical systems to lower costs, purchasing a managed switch to isolate student workstations, and configuring older or vulnerable operating systems on student systems to simulate real-world targets.

1 of 10
SECURE LAB SETUP FOR CYBER SECURITY Prepared By : Birju Tank GTU PG School, BISAG GANDHINAGAR.
Main Messages  Developing a good cyber security laboratory and related exercise takes:  Planning  Thought  Resources  Helps to think about goals and structure
Goals  Mixed use laboratory  Not enough space to dedicate to security  Need to be able to connect/disconnect from campus network quickly  Support both Windows and Linux  IUP only supported Linux, real-world environment is heterogeneous  Be able to emulate a real-world enterprise computing environment
Laboratory
One Way to Lower the Cost  Purchase one many-port switch to act as physical switch, all hubs  Can isolate groups of ports  Can bridge groups where needed  Advantages  Significant cost savings  Reduced maintenance need  Disadvantage  Initial setup difficult
Cont’d  Use of Virtual Machines within Physical Machines  Products  Microsoft Virtual PC (used 2005)  Support discontinued for Mac environment in 8/2006  VMWare (used 2006)  Another possibility: Xen  Operating systems must be modified  Higher performance gained
Laboratory – Physical Issues  Want to provide some sense of physical security for each station  Lab furniture is currently 8 cubicles with high walls  Problem: not good for general usage, students tend to “hide” in lab and take over stations  Future: a more open physical environment?
INFRASTRUCTURE  Goals  Heterogeneous and Isolated Network  Same system for each student team  Replicating tool (e.g. Norton Ghost) saves much time  Don’t forget to give each machine its own identity
Cont’d  Structure of Isolated Network  One zone (all systems off one hub)  Student Team Systems running older Windows Server, Linux systems  Non-current OSs with known security holes  All tools used in lab exercises  Added several realistic-looking accounts (e.g. backup, logwd, tomcat) with weak passwords
Cont’d  Structure of Isolated Network (continued)  Several Non-Student Systems  Other variants of Windows and Linux  1 Monitoring system  Additional Available Systems  Host systems can be used for internet access

More Related Content

Secure lab setup for cyber security

  • 1. SECURE LAB SETUP FOR CYBER SECURITY Prepared By : Birju Tank GTU PG School, BISAG GANDHINAGAR.
  • 2. Main Messages  Developing a good cyber security laboratory and related exercise takes:  Planning  Thought  Resources  Helps to think about goals and structure
  • 3. Goals  Mixed use laboratory  Not enough space to dedicate to security  Need to be able to connect/disconnect from campus network quickly  Support both Windows and Linux  IUP only supported Linux, real-world environment is heterogeneous  Be able to emulate a real-world enterprise computing environment
  • 5. One Way to Lower the Cost  Purchase one many-port switch to act as physical switch, all hubs  Can isolate groups of ports  Can bridge groups where needed  Advantages  Significant cost savings  Reduced maintenance need  Disadvantage  Initial setup difficult
  • 6. Cont’d  Use of Virtual Machines within Physical Machines  Products  Microsoft Virtual PC (used 2005)  Support discontinued for Mac environment in 8/2006  VMWare (used 2006)  Another possibility: Xen  Operating systems must be modified  Higher performance gained
  • 7. Laboratory – Physical Issues  Want to provide some sense of physical security for each station  Lab furniture is currently 8 cubicles with high walls  Problem: not good for general usage, students tend to “hide” in lab and take over stations  Future: a more open physical environment?
  • 8. INFRASTRUCTURE  Goals  Heterogeneous and Isolated Network  Same system for each student team  Replicating tool (e.g. Norton Ghost) saves much time  Don’t forget to give each machine its own identity
  • 9. Cont’d  Structure of Isolated Network  One zone (all systems off one hub)  Student Team Systems running older Windows Server, Linux systems  Non-current OSs with known security holes  All tools used in lab exercises  Added several realistic-looking accounts (e.g. backup, logwd, tomcat) with weak passwords
  • 10. Cont’d  Structure of Isolated Network (continued)  Several Non-Student Systems  Other variants of Windows and Linux  1 Monitoring system  Additional Available Systems  Host systems can be used for internet access