instructor lab setup guide

at 800 x 600 or at monitor’s native resolution and configured at 256 colors, and compatible mouse, Wireless Card Instructor Station 1 RedHat Linux 8, 9 or Fedora Pentium-based PC with 1

LPT LAB SETUP GUIDE

Document overview

This document provides background information for technical staff responsible for setting up a training room facility for the LPT course This guide describes the requirements for the network equipment and computer stations that are installed and configured by the facilities personnel for the training courses

Training room environment

The training room environment consists primarily of the following equipment:

at 800 x 600 (or at monitor’s native resolution) and configured

at 256 colors, and compatible mouse

Instructor Station 1 Windows 2003 Server with

latest Service Packs Pentium-based PC with 10GB free disk space, 256 MB RAM

(512 MB preferred), 1 NIC (disable or unplug extras), 15-inch monitor and cards to drive

at 800 x 600 (or at monitor’s native resolution) and configured

at 256 colors, and compatible mouse, Wireless Card

Instructor Station 1 RedHat Linux 8, 9 or Fedora Pentium-based PC with 10GB

free disk space, 256 MB RAM (512 MB preferred), 1 NIC (disable or unplug extras), 15-inch monitor and cards to drive

at 800 x 600 (or at monitor’s native resolution) and configured

at 256 colors, and compatible mouse

Victim Machine 1 Windows 2003 Server with

latest Service Packs

Pentium-based PC with 10GB free disk space, 256 MB RAM(512 MB preferred) , 1 NIC (disable or unplug extras), 15-inch monitor and cards to drive

at 800 x 600 (or at monitor’s native resolution) and configured

at 256 colors, and compatible mouse

Instructor’s computer

The instructor’s computer must:

ƒ Be installed with Windows 2003 Server with latest SP (Standard or Enterprise Edition)

ƒ Be installed with SQL Server 2000 with latest SP

ƒ Be running Microsoft Internet Information Server (IIS)

ƒ Be running IP protocol

ƒ Contain all testing tools from the LPT Lab Files CD-ROM resident on the hard drive in LPT tools folder at the

Desktop (The lab files CD-ROMs are available from LPT courseware kit)

ƒ Contain all Windows 2003 source files in c:\i386

ƒ Have PowerPoint, Word and Excel installed (Microsoft Office 2000, XP or 2003 version)

ƒ Have Adobe Acrobat, WinZip installed (both can be found in Miscellaneous directory in LPT Lab files CD-ROM)

ƒ Install VMWare or Microsoft Virtual PC with Windows 2003 Server with latest SP

ƒ Install Wireless card (USB or PCI)

ƒ Have an Overhead Projector connected

ƒ Have a CD-ROM as part of its hardware

ƒ Set Windows Explorer to show all files and file types and extensions

ƒ The use of Ghost images is recommended to reduce setup time if computer failure occurs If using Ghost, the

Instructor’s computer should have an 8 GB hard drive that consists of a 4 GB FAT partition for WINNT and at least one other partition on which to store images of the computers

Student workstations

Student workstations must:

ƒ Be installed with Windows 2003 Server with latest SP (Standard or Enterprise Edition)

ƒ Be installed with IIS

ƒ Contain all testing tools from the CD-ROM resident on the hard drive in LPT tools folder at the Desktop (The lab

files CD-ROMs are available from LPT courseware kit)

ƒ Contain all Windows 2003 source files in c:\i386

ƒ Set Windows Explorer to show all files and file types

ƒ Have Adobe Acrobat, WinZip installed (both can be found in Miscellaneous directory in LPT Lab files CD-ROM)

ƒ Install VMWare or Microsoft Virtual PC with Windows 2003 Server with latest SP (Standard or Enterprise Edition)

ƒ Install Matrix screen saver located in LPT Lab files CD-ROM\Miscellaneous directory – set the time to 15

minutes

ƒ Download the LPT desktop wallpaper from http://www.eccouncil.org/classroom/lpt-background.jpg and set up the downloaded image as Windows background wallpaper

Victim workstation

Victim workstation must:

ƒ Be installed with Windows 2003 Server (Standard or Enterprise Edition) with latest SP

ƒ Be installed with SQL Server 2000 with latest SP

ƒ Be installed with IIS

ƒ Be running SNMP services

ƒ Contain all testing tools from the CD-ROM resident on the hard drive in LPT tools folder at the Desktop

ƒ Contain all Windows 2003 source files in c:\i386

ƒ Set Windows Explorer to show all files and file types

ƒ Install and configure SPEARS SHOP website (see later part of this guide)

Room environment

ƒ The room must contain a whiteboard measuring a minimum of 1 yard by 2-3 yards in length (1 meter by 2-3

meters)

ƒ The room should contain an easel and large tablet

ƒ The room must be equipped with legible black and blue felt tip pens (CHISEL-Point, not fine-tip)

Firewall and IDS

You must have a hardware firewall like Cisco PIX connected to the network You can use software IDS like SNORT or hardware IDS You can plug the Firewall and IDS directly to the switch and you don’t have to create MZ and DMZ zones The Firewall and IDS are required for exercises in the classroom

Classroom configuration

The configuration of this classroom is modular Computers can be added or removed by either row or column, depending

on the needs of the particular class The following is a sample room setup that provides optimal support This setup allows

for ease of access to "troublespots" by the instructor, and allows students to break into functional small and larger teams

Victim Red Hat Instructor

Projector

Sample Classroom Setup

INTERNET

Students Machines

Windows 2003 IP Addresses: 10.0.0.X/24

Set up the machines based on the classroom setup diagram The lab exercises for the students are instructor led and they are based on the testing tools in the trainer slides The instructor is encouraged to demonstrate and guide the students on the usage of the penetration testing tools against the Victim’s computer Do not encourage live penetration testing on the Internet using these tools in the classroom Please feel free to include your own exercises

VMware Installation

1 Install VMWare Workstation software on student and instructor machines Evaluation trial copy of VMWare is located at CD-ROM\Miscellaneous directory

2 You will need to register with VMWare at http://www.vmware.com to obtain the serial number

3 Create a new Virtual Machine and install Windows 2003 Server with latest SP (Label it as Windows 2003)

4 Configure VMWare Windows 2003 Virtual Machine’s Network settings to use Bridged – Connected directly to

the Network

5 Create a second Virtual Machine in VMWare and label it as Linux

6 Configure VMWare Linux Virtual Machine’s Network settings to use Bridged – Connected directly to the

Network

7 Configure Linux Virtual Machine’s CD-ROM settings to use iso image and point it to knoppix.iso file You can

download the knoppix.iso at http://www.eccouncil.org/classroom/lpt-knoppix.iso Alternatively you can convert the KNOPPIX (Back Track) CD-ROM to iso image using third party tools

8 Create Snapshot of Windows Virtual Machine in VMWare Students will be able to restore the virtual PC state

after completing exercises

9 Test the network by pinging the VMWare’s Windows Virtual PC from the host computer and vice versa

10 Students can target the attacks on VMWare’s virtual PC as victim

You can also use Microsoft Virtual PC instead of VMware Evaluation copy of Virtual PC can be

downloaded from http://www.microsoft.com/virtualpc

VMware / Virtual PC with Windows 2003 Server Installed

Configure the network to use Bridged – Connected directly to the physical

network

Linux Virtual Machine – point to lpt-Knoppix.iso in CD-ROM settings

VMware setup with 2 virtual machines – Linux KNOPPIX

Training Duration and Breakdown of Topics

Number of recommended days required for LPT training: 3 days (8:00 – 4:00) class

Topics Breakdown:

Day 1

ƒ Module 1: Penetration Testing Methodologies

ƒ Module 2: Customers and Legal Agreements

ƒ Module 3: Penetration Testing Planning and Scheduling

ƒ Module 4: Information Gathering

ƒ Module 5: Vulnerability Analysis

ƒ Module 6: External Penetration Testing

Day 2

ƒ Module 7: Internal Network Penetration Testing

ƒ Module 8: Routers Penetration Testing

ƒ Module 9: Firewalls Penetration Testing

ƒ Module 10: Intrusion Detection System Penetration Testing

ƒ Module 11: Wireless Networks Penetration Testing

ƒ Module 12: Denial of Service Penetration Testing

ƒ Module 13: Password Cracking Penetration Testing

Day 3

ƒ Module 14: Social Engineering Penetration Testing

ƒ Module 15: Stolen Laptop, PDAs and Cellphones Penetration Testing

ƒ Module 16: Application Penetration Testing

ƒ Module 17: Physical Security Penetration Testing

ƒ Module 18: Penetration Testing Report Analysis

ƒ Module 19: Penetration Testing Report and Documentation Writing

ƒ Module 20: Penetration Testing Deliverables and Conclusion

ƒ Module 21: Ethics and Conduct of a Licensed Penetration Tester

100Mbit (100Mbit is recommended) Hub is required instead of a switch (needed for demonstrating tools in Sniffer

modules) Cables must be bundled and tied out of pathways and work areas, and of sufficient length as not to be under stress

Firewall Settings

Do not block any ports while accessing the Internet through the firewall You should be able to ping servers on the Internet

Install and Configure SPEARS SHOP Website on the Victim Machine

Students will be targeting this website during various lab exercises Miscellaneous

ƒ Copy spears folder located at LPT Labs CD-ROM\Miscellaneous directory to c:\

ƒ Grant permission for c:\spears folder and its subdirectories to IUSR_COMPTERNAME user account in

Directory Properties Æ Permissions

ƒ Open IIS Manager Æ Select default website Æ right click Æ properties

ƒ Select home directory tab

ƒ Type c:\spears in localpath and click OK

ƒ Open Internet Explorer and navigate to http://localhost

ƒ You should see Spears Shop Website

Checklists - Check the following on all PCs

† Open Network Neighborhood Verify that all classroom computers are visible in Network Neighborhood

† Verify that the Windows OS source files are on the computer in c:\i386

† Verify that the hacking tools are on the computer in LPT tools folder at the Desktop

† Verify that Internet access is available

† Visit http://www.eccouncil.org and view the page to check Internet access

† Open Command Prompt and type nslookup certifiedhacker.com and look for connection to the server

† Verify Microsoft PowerPoint, Word, Excel are installed

† Verify Acrobat and Winzip are installed

† Verify that the Instructor computer can image through the overhead projector

† Verify each computer has 2 GB or more free disk space

† Verify Windows Explorer is set to show all files and file type including hidden files and extensions

† Verify if you can successfully boot using Windows 2003 and KNOPPIX Linux in Vmware/Virtual PC

† Cable Wiring organized and labeled

† Student Workstations and chair placement satisfactory

† Placement of LCD (overhead) projector appropriate

† Whiteboard and dry erase markers and eraser are available

† Instructor station properly organized and oriented

† Computers are labeled with client number

† EC-Council courseware’s (Official EC-Council LPT Box) available for students

† Write down the facility’s technical contact person’s hand phone number Contact him in case of network

problem

† Verify the configuration of LPT wallpaper on the desktop – black background with LPT logo at the center

† Test the “Matrix” screen saver

† Test if you can connect to SPEARS SHOP website by typing http://<Victim PC’s IP address>

Assistance:

If you have problems or require assistance in setting up the Lab for your LPT class, please e-mail haja@eccouncil.org (You will receive a reply within 24 hours)