Scribd
Upload
47 views

Cyber Security Detection & Monitoring Lab

The document outlines the setup requirements and steps for a Cybersecurity Detection and Monitoring Lab using VirtualBox. It details the specifications for hardware, installation of VirtualBox, downloading necessary ISO files, creating and configuring various virtual machines (pfSense, Security Onion, Kali Linux, Windows Server 2019, and Windows 10), and setting up networking. Additionally, it includes optional software configuration for Splunk and testing procedures for connectivity and functionality within the lab environment.

Uploaded by

naveenchalla9347
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
47 views

Cyber Security Detection & Monitoring Lab

The document outlines the setup requirements and steps for a Cybersecurity Detection and Monitoring Lab using VirtualBox. It details the specifications for hardware, installation of VirtualBox, downloading necessary ISO files, creating and configuring various virtual machines (pfSense, Security Onion, Kali Linux, Windows Server 2019, and Windows 10), and setting up networking. Additionally, it includes optional software configuration for Splunk and testing procedures for connectivity and functionality within the lab environment.

Uploaded by

naveenchalla9347
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 9

Cybersecurity Detection

and Monitoring Lab Setup


Requirements:

● Specifications:
○ CPU: i5/R5 or higher
○ RAM: 16 GB or more recommended
○ Storage: At least 1 TB SSD recommended
● VirtualBox: A Free and open-source hypervisor.

1.Install VirtualBox :

1. Download VirtualBox:
○ Visit the VirtualBox website and download the windows/macOS
version.
2. Install VirtualBox:
○ Open the downloaded .dmg file.
○ the installation prompts to install VirtualBox on the pc.

2. Download ISO Files for Virtual Machines:

● pfSense: Download pfSense Community Edition


● Security Onion: Download Security Onion
● Kali Linux: Download Kali Linux
● Windows Server 2019: Download Windows Server 2019 Evaluation
● Windows 10: Download Windows 10 Evaluation
3. Create and Configure Virtual Machines:

a. pfSense VM:

Create VM:

Open VirtualBox and click “New”.

Name: pfSense

Type: Linux, Version: Other Linux (64-bit)

Allocate 2 GB RAM and 20 GB disk space.

Mount the pfSense ISO file.

Configure Network Adapters:

Go to Settings > Network.

Adapter 1: Attached to: NAT (or Bridged Adapter for external network
access).

Adapter 2-4: Attached to: Internal Network (create networks for


communication between VMs).

Start pfSense and Configure:

Follow pfSense installation prompts.

Configure LAN and WAN interfaces based on the network setup.

Set up firewall rules and NAT as needed.


B. Security Onion VM:

Create VM:

Open VirtualBox and click “New”.

Name: Security Onion

Type: Linux, Version: Other Linux (64-bit)

Allocate 4-8 GB RAM and 200 GB disk space.

Mount the Security Onion ISO file.

Configure Network Adapters:

Go to Settings > Network.

Adapter 1: Attached to: Internal Network (for management).

Adapter 2: Attached to: Internal Network (for monitoring).

Start Security Onion and Configure:

Follow the Security Onion installation prompts.

Configure it for intrusion detection and monitoring.

Set up appropriate network interfaces and services (e.g., ELK stack).


c. Kali Linux VM:

Create VM:

Open VirtualBox and click “New”.

Name: Kali Linux

Type: Linux, Version: Debian (64-bit)

Allocate 4 GB RAM and 40 GB disk space.

Mount the Kali Linux ISO file.

Configure Network Adapter:

Go to Settings > Network.

Adapter 1: Attached to: Internal Network (to connect with pfSense).

Start Kali Linux and Configure:

Follow Kali Linux installation prompts.

Set up tools for penetration testing and cybersecurity assessments.


d. Windows Server 2019 VM:

Create VM:

Open VirtualBox and click “New”.

Name: Windows Server 2019

Type: Microsoft Windows, Version: Windows 2019 (64-bit)

Allocate 4 GB RAM and 60 GB disk space.

Mount the Windows Server 2019 ISO file.

Configure Network Adapter:

Go to Settings > Network.

Adapter 1: Attached to: Internal Network (to connect with pfSense).

Start Windows Server 2019 and Configure:

Follow the Windows Server installation prompts.

Configure as a Domain Controller.

Install Active Directory and Certificate Services


e. Windows 10 VM:

Create VM:

Open VirtualBox and click “New”.

Name: Windows 10

Type: Microsoft Windows, Version: Windows 10 (64-bit)

Allocate 4 GB RAM and 40 GB disk space.

Mount the Windows 10 ISO file.

Configure Network Adapter:

Go to Settings > Network.

Adapter 1: Attached to: Internal Network (to connect with pfSense).

Start Windows 10 and Configure:

Follow Windows 10 installation prompts.

Join the domain created by the Windows Server 2019 VM.

Set up necessary applications and tools.


4. Networking Setup:

● Configure VirtualBox Network Settings for Each VM:


○ Internal Network: Used to allow communication between VMs
without external internet access.
○ Host-Only Adapter: Allows VMs to communicate with the host
machine (your MacBook) but not with external networks.
○ NAT or Bridged Adapter: For VMs that require internet access
or need to be accessible from outside the VirtualBox
environment.
● Steps:
○ Open VirtualBox.
○ For each VM, navigate to Settings > Network.
○ Assign the appropriate network adapters:
■ Adapter 1: Typically set to NAT or Bridged Adapter for
external communication.
■ Adapter 2-4: Set to Internal Network or Host-Only
Adapter for internal communication between VMs.
● Testing Network Connectivity:
○ Ensure that each VM can ping other VMs on the same internal
network.
○ Verify internet connectivity if NAT or Bridged Adapter is used.
○ Check that each VM is on the correct subnet for your internal
networks.
5. Additional Software Configuration:

● Splunk Installation (Optional):


○ Purpose: To add a robust data analytics and SIEM (Security
Information and Event Management) solution to your homelab.
○ Download: Visit the Splunk website to download the latest
version of Splunk Enterprise or Splunk Free.
● Setup Splunk on Ubuntu Server VM:
○ Create a New VM:
■ Name: Splunk
■ Type: Linux, Version: Ubuntu (64-bit)
■ Allocate 4 GB RAM and 50 GB disk space.
■ Mount the Ubuntu Server ISO file.
○ Install Splunk:
■ Follow the installation guide provided by Splunk.
■ Once installed, start Splunk services and log in to the
Splunk web interface.
■ Configure data inputs, indexes, and create dashboards for
monitoring your network traffic.
● Integration:
○ Integrate Splunk with other VMs, especially Security Onion, to
centralize log analysis.
○ Configure forwarding of logs from pfSense, Windows Server, and
other devices to Splunk.
6. Access and Testing:

● Verify Connectivity:
○ Internal Communication: Test by pinging between VMs that
are on the same Internal Network.
○ External Communication: Test internet access on VMs with
NAT or Bridged Adapter configurations.
○ Domain Connectivity: Ensure that Windows 10 VM can join and
interact with the domain controlled by Windows Server 2019 VM.
● Functionality Testing:
○ Firewall (pfSense): Test firewall rules by attempting to access
blocked services or IPs.
○ IDS/IPS (Security Onion): Simulate attacks using Kali Linux
and ensure Security Onion detects and logs these events.
○ Active Directory (Windows Server): Test user account
creation, group policies, and domain authentication from
Windows 10.
● Scenario Testing:
○ Penetration Testing: Use Kali Linux to conduct vulnerability
scans or exploit tests on Windows 10 and Windows Server.
○ Log Analysis: Ensure that all critical logs from various systems
are being captured and analyzed in Splunk or Security Onion.

You might also like