GNS3 and Virtualbox for Certified Ethical Hacking

With the addition of Virtualbox support to GNS3, the possibilities are endless as to what can be achieved from it. The whole Internet can be simulated if your system has the horse power. Those who want to learn CEH and those who want to test certain requirements, it is best to not do it on a live network or live server because if anything goes wrong, the one who is responsible for giving 99.9% uptime will have unfortunately caused a downtime. There are many Pen Test tools which are so harmful that it could destroy the Kernel of an operating system and which is absolutely not something you want. In a less severe case, a test can cause a system to reboot causing downtime.

For some while now, Ethical hackers have been using Virtual Machines to do Pen-testing in an offline environment. The problem with this is that the actual network cannot be simulated i.e. how the server interacts in a routed network and behind a firewall could not be simulated. The vulnerabilities of end hosts could only be tested. The responsibility of an Ethical Hacker is not only to check vulnerabilities in a server but every element of the network which gives 99.9% uptime to the server. An example of this would be that you have absolutely secured your server but the hacker compromises your router and shuts your internet links down. This would cause the same effect as when your server were to go down.

With GNS3 Virtualbox edition, you can use simulate your whole network with servers, routers, firewalls, etc. so that you can see a bigger picture and thus will be able to better protect your network. One thing I will point out now is that the whole network might be impossible for a single person to simulate as it requires expertise in Networks, security, systems, applications, etc. If a person were able to simulate all these himself, then this blog might not be suited for him as his skill set is much beyond the average IT guy. In order to successfully deploy this simulation, you might require help from the network, security and even the system guys depending upon what you are not an expert in. There are resources on the Internet for configuring all of these like using a Virtual-machine on virtualbox, etc.

An example Topology

Image

In this topology, I have simulated a secure Enterprise network having multiple routers, Firewall and Server. The Server has been placed in the DMZ and a user has been placed in the Inside zone. The outside interface of the Firewall has been connected to the distribution router which leads towards the exit via the Juniper edge router. I am using different components in the network so that the vulnerability of each can be assessed. The Internet has been simulated via a single router behind which the Linux system meant for the Hacker is placed. You can try your own combination of Operating Systems and network topology. There are also several network components like IDS and IPS which a GNS3 can simulate but I don’t have an expertise in. If you can set it up or get it set up by someone, it will be good for simulating a diverse environment.

The Linux Web server can be assessed for the vulnerabilities in the Apache system and exploits used on it. You can also add DNS, SMTP and POP services to the Linux server if you want to assess the vulnerabilities of these services as well. In place of a Linux box, you can simulate a Windows server which can be called a Hackers favourite food. On this you can run a website with SQL and exploit its vulnerabilities.

Image

The user system is a Windows XP PC which can be used to assess the threats an internal host can pose.

Image

A Firewall has been used to see the effects of perimeter security on the Internal networks. The interaction between the untrusted outside network, the server-hosting DMZ zone and the end user hosts can be easily assessed. A Juniper Router and a Cisco Router has been used because the 2 devices can then be assessed for the various vulnerabilities associated with them.

Image

A graphical Linux Host has been used as a Hacker terminal so as to use the various graphical Pen test tools like Nessus, etc. Metasploit is one of the other very good tool for Pen Testing. Folks preparing for CEH or already are in the field would be knowing better tools then I have mentioned.

Image

Imagination

As I have already said, with GNS3 Virtualbox edition, the possibilities are endless and it is only limited by imagination. These are the few ways I could imagine utilising such a network for Ethical Hacking training or for testing.

1) Launch DOS attacks on the DMZ server via a flood of traffic or TCP open session attack.
2) Attacks based on spoofed source addresses.
3) Attacks on the various vulnerabilities present in Windows system.
4) Pen test can be done on a Cisco router to assess the various vulnerabilities
5) Pen test can be done on a Juniper router to assess the various vulnerabilities
6) DNS server can be attacked to modify the A and MX records and to redirect traffic for man in the middle attack.
7) SMTP server can be attacked to make it a potential Spam server.
8) End hosts can be compromised to launch a DDOS attack.
9) Effects of worm infection on the User PCs can be checked and its effects on the network and the networking equipments can be assessed.
10) The threat from Internal employee can be assessed who is launching attacks from the inside.

These are the few ways I can imagine how a simulated network like this can be used for training or testing. Those in the Ethical Hacking domain can get even more uses of such a network as they can imagine better than me.

I hope my post has been helpful in your life but the only guide which can help you in the hereafter is the Qur’an. You can download the English translation of the Qur’an here.

Advertisements

2 thoughts on “GNS3 and Virtualbox for Certified Ethical Hacking

  1. I downloaded asa.ios.rar and set up all required preferences in gns3 correctly — I hope. My host is Win7 and it has worked with many VirtualBox arrangements previously. When I try an ASA, the console comes up and it says “Uncompressing Linux ….. OK booting the kernel” and it stops there — no further output from the ASA console. Any ideas??

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s