In the second course project, you will install an operating system with a variety of vulnerabilities and then install tools that monitor attacks into it. After you have the system running, you will work with penetration testing software to attack the system.
The system that you are expected to install is Metasploitable 3. We recommend that you create a virtual machine for the installation by, e.g., using Virtualbox. Once you have the Metasploitable 3 virtual machine running, install Snort into it -- see their F.A.Q.. Make sure that your Snort rules are up to date.
Now you have a system that you can attack! Next, download Metasploit and get familiar with it.
As a primer to the attacks, read Intrusion detection evasion: How Attackers get past the burglar alarm.
Start your attacks by a simple port scan. If you worked through the Securing Software -course, you can also use the portscanner that you implemented as a part of the first assignments.
You will then write a brief (1000 words) report with the title "Is it easier to fix the application than to detect attacks?". Include at least three attacks that Snort could identify and two attacks that Snort could not identify into the report. If you cannot find any attacks that Snort cannot identify, remove some of the Snort rules (and include description about this into the report as well!).
Once your report is completed, you will review two reports from other course participants. Note that your report should be +- 20% of the expected report length and it must include the content expected above.
The discussion channel that was set up for the previous project is still available. The channel is the Matrix room
#cybersecuritybase:matrix.org. We recommend that you join the room with the following link: https://riot.im/app/#/room/#cybersecuritybase:matrix.org. If you wish to use another program for participating the discussions, visit https://matrix.org/docs/projects/try-matrix-now.html.
As previously, if you hate modern technology, the channel is also bridged to
#cybersecuritybase on Freenode. Use at your own risk.
Returning the project
Performing the reviews