In the second course project, you will install an operating system with a variety of vulnerabilities and then install tools that monitor attacks into it. After you have the system running, you will work with penetration testing software to attack the system.
The system that you are expected to install is Metasploitable 3. We recommend that you create a virtual machine for the installation by, e.g., using Virtualbox (See installation notes in Appendix A on the bottom of the page). Once you have the Metasploitable 3 virtual machine running, install Snort into it -- see their F.A.Q.. Make sure that your Snort (community) rules are up to date.
Now you have a system that you can attack! Next, download Metasploit and get familiar with it.
As a primer to the attacks, read Intrusion detection evasion: How Attackers get past the burglar alarm.
Start your attacks by a simple port scan. If you worked through the Securing Software -course, you can also use the portscanner that you implemented as a part of the first assignments.
You will then write a brief (1000 words) report with the title "Is it easier to fix the application than to detect attacks?". Include at least three attacks that Snort could identify and two attacks that Snort could not identify into the report. If you cannot find any attacks that Snort cannot identify, remove some of the Snort rules (and include description about this into the report as well!).
Once your report is completed, you will review three reports from other course participants. Note that your report should be +- 20% of the expected report length and it must include the content expected above.
Returning the project
Performing the reviews
Appendix A: Installation notes
- Please read the instructions given on the metasploitable 3 git. Also pay attention to the errors the script might face. The reporting of errors on metasploitable are heavily on the informative side so they are rather useful.
- Pay attention to the versions. For example, with Packer version 1.2.0 the scripts did not work. But with Packer 1.1.3 the scripts are successful. A tested combination (18.2.2018) Ubuntu 16.04, Virtualbox 5.2.6, Packer 1.1.3, vagrant 2.0.2 worked.
- The creation of the virtual machine will take time. It downloads the base image and all the needed packages and installs them on the base system. The virtual machine boots several times and the script may seem to have halted (sometimes conveniently after an error (an expected behaviour) but sometimes it just takes time to complete the installations). Running something like htop on the side will give you indication that something is happening although the sript does not output anything at the moment.
- The biggest issue we ran into when testing this before launching the project was the install_wamp.bat SSL/TLS error when downloading the installation binaries. An easy and crude workaround for this is to download the Wampserver2.2d-x64.exe (or the 32 bit version depending on your system) manually and copying it to the git repositorys resources/wamp/ folder. This folder is copied to the virtual machine into path c:\vagrant\resources\wamp\ from which it is easily launched with minor modifications to the installation script (see below and compare it to the one in the git repo).
- Multiple tutorials for installing snort can be found from the net. Here is just one example:Snort installation
::powershell -Command "(New-Object System.Net.WebClient).DownloadFile('https://sourceforge.net/projects/wampserver/files/WampServer 2/WampServer 2.2/wampserver2.2d-x64.exe', 'C:\Windows\Temp\wampserver2.2.d-x64.exe')" <NUL C:\vagrant\resources\wamp\wampserver2.2d-x64.exe /verysilent copy /Y "C:\vagrant\resources\wamp\httpd.conf" "C:\wamp\bin\apache\Apache2.2.21\conf\httpd.conf" copy /Y "C:\vagrant\resources\wamp\phpmyadmin.conf" "C:\wamp\alias\phpmyadmin.conf" sc config wampapache start= auto sc config wampmysqld start= auto icacls "C:\wamp" /grant "NT Authority\LOCAL SERVICE:(OI)(CI)F" /T sc config wampapache obj= "NT Authority\LOCAL SERVICE"