Master Pod Configuration¶
A master pod is setup on the management server. This master pod will contain the VMs deployed from the NDG VM Distribution System. This will later be cloned to template pods on each host.
NDG VMDIST Storage Connections¶
These storage connections should be set up and configured on your management server. Refer to Setup NDG VM Distribution System
PC Name |
VM OS |
VM ID |
VMDIST VM Name |
VMDIST Storage Connection |
|---|---|---|---|---|
Kali |
Linux |
4201001 |
NDG-EHv2.Kali (build) |
vmdist.ndg_genit |
OWASP-BWA |
Linux |
4201002 |
NDG-EHv2.OWASP-BWA (build) |
vmdist.ndg_genit |
OpenSUSE |
Linux |
4201003 |
NDG-EHv2.OpenSUSE (build) |
vmdist.ndg_genit |
Security Onion |
Linux |
4201004 |
NDG-EHv2.Security-Onion (build) |
vmdist.ndg_genit |
WinOS |
Windows Server 2019 Standard (64-bit) |
4201005 |
NDG-EHv2.WinOS (build) |
vmdist.ndg_genit.windows |
pfSense |
FreeBSD |
4201006 |
NDG-EHv2.pfSense (build) |
vmdist.ndg_genit |
Note
The WinOS VM should only be deployed if you plan on teaching the Ethical Hacking v2 (Series-2) labs.
Deploying from NDG VMDIST¶
Deploy on your management server the pod virtual machine files from the NDG VM Distribution System.
Navigate to your Proxmox VE Management Server using your management workstation in a web browser.
Using your navigation panels, navigate to Resource Tree > Datacenter > your_management_server > vmdist.ndg_genit.
In the Content Panel, select Backups.
In the Notes column, select the name NDG-EHv2.Kali.
Note
These build numbers may vary. Please refer to the Release Notes of the content to determine the latest version.
Click the Restore button.
In the Restore: VM popup window, select your Storage (i.e. NETLAB1).
Set the VM field to 4201001.
Click the Restore.
Proxmox VE will begin deploying the virtual machine. This may take some time, depending on the speed of your connection, HDDs, etc. Repeat the previous steps for each remaining virtual machine in the pod from the table above.
Modify Virtual Machines¶
Once the virtual machines are imported onto the management host, verify the configurations. The following steps will guide you through the process.
Navigate to your Proxmox VE cluster using your management workstation, and login.
Using your navigation panels, navigate to Resource Tree >
Datacenter > your_management_server. Expand its view to see the virtual machines you deployed.
Locate the NDG-EHv2.Kali virtual machine. In the Content Panel, select Hardware.
Select Network Device (net0) and click the Edit button.
Confirm the MAC address field matches the table below.
Virtual Machine |
NIC |
MAC |
|---|---|---|
Kali |
0 |
00:50:56:99:25:09 |
1 |
00:50:56:99:d5:96 |
|
OWASP-BWA |
0 |
00:50:56:9a:c0:10 |
OpenSUSE |
0 |
00:50:56:9a:de:74 |
Security Onion |
0 |
00:50:56:9a:ab:d3 |
1 |
00:50:56:9a:7a:4e |
|
WinOS |
0 |
00:50:56:99:98:d7 |
pfSense |
0 |
00:50:56:9a:47:6a |
1 |
00:50:56:9a:dc:58 |
|
2 |
00:50:56:9a:63:ac |
Repeat the previous steps for each network adapter of the remaining virtual machines you deployed.
Create a Snapshot¶
Locate the NDG-EHv2.Kali virtual machine. In the Content Panel, select Snapshots.
Click the Take Snapshot button.
In the Create Snapshot window, type GOLDEN. Click Take Snapshot to take a snapshot.
Repeat these steps for each virtual machine.
NETLAB+ Virtual Machine Inventory Setup¶
This section will guide you in adding your master virtual machines to the Virtual Machine Inventory of your NETLAB+ VE system.
Log in to your NETLAB+ VE system using the administrator account.
Select the Virtual Machine Infrastructure icon.
Click the Virtual Machine Inventory icon.
Click the Import Virtual Machines button located at the bottom of the list.
Select the appropriate datacenter from the list where your VMs reside.
Select the checkbox next to the virtual machines you have just deployed and click Import Selected Virtual Machines.
When the Configure VMs window loads, you can set your virtual machine parameters.
Note
It is advised to leave the Version and Build numbers for reference when requesting NDG support.
Check the dropdown box for the correct operating system for each imported virtual machine.
Change
RoletoMasterfor each VM.Add any comments for each virtual machine in the last column.
Verify your settings and click
Import (X) Virtual Machines(notice the number in parenthesis is dynamic, depending on the amount of VMs selected).Verify all
Import Statusesreport back withOKand then click on theDismissbutton.Verify that your virtual machines show up in the inventory.
For additional information, please refer to the NETLAB+ VE Administrator Guide.
Building the Master NDG Ethical Hacking v2 Pod¶
This section will assist you in adding the NDG Ethical Hacking v2 pod to your NETLAB+ system.
Enabling Labs in Course Manager¶
Please refer to the Course Manager section of the NETLAB+ VE Administrator Guide on how to enable content. Please install the NDG Ethical Hacking - v2 course.
Create the Master Pod¶
Log into NETLAB+ VE with the administrator account.
Select the Pods icon.
Create a new pod by scrolling to the bottom and clicking the Create New Pod button.
Then, click on the NDG Ethical Hacking v2 pod entry from the list of installed pod types.
On the New Pod window, input a value into the Pod ID and Pod Name fields. Click Next.
Note
The Pod ID determines the order in which the pods will appear in the scheduler. It is best practice to use a block of
sequential ID numbers for the Pod Id that allows for the number of pods you are going to install.
The Pod Name identifies the pod and is unique per pod. Here we used the name of the lab set or course in a shortened form.
To finalize the wizard, click OK.
For additional information, please refer to the NETLAB+ VE Administrator Guide.
Attach Virtual Machines to the Master Pod¶
Update the master pod to associate the virtual machines with the newly created pod.
Select the NDG Ethical Hacking v2 master pod from the pod list.
Click on the Action dropdown next to the virtual machine you are about to assign and select Attach VM.
Select the corresponding virtual machine from the inventory list.
Click OK to confirm the VM attachment and repeat the previous steps for the remaining virtual machines.
Note
If you do not plan on teaching the Ethical Hacking (Series-2) labs, then leave the WinOS slot to ABSENT since this VM is not used in the Series-1 labs.
Set the Revert to Snapshot¶
Make sure to view the NDG Ethical Hacking v2 master pod you just created snapshots for. In the pod view,
click on the dropdown menu option underneath the Action column and select Settings.
In the virtual machine’s Settings window, click on the Revert to Snapshot dropdown and select GOLDEN and then click the Submit button.
Note
This sets the snapshot on the virtual machine that will get reverted to each time the pod is scheduled.
Click OK to confirm.
Return to the pod view page and repeat the previous steps for the remaining virtual machines.
Make changes to the Master Pod¶
Some pods have software that needs to be altered on the host machine before it can be used properly. This normally happens when software requires licenses to function.
If there are changes that need to be made to the master pod prior to template cloning, you will need to follow this set of instructions to ready your master pod.
For the NDG Ethical Hacking v2 master pod, you will need to license all the Microsoft Windows machines. This process consists of:
Scheduling the master pod
Providing temporary internet access to the WinOS
Licensing/Activating the WinOS
Shutting down the WinOS
If necessary, resetting the network interface cards to SAFETY_NET
Taking a new GOLDEN snapshot for the WinOS
Ending the reservation
Virtual Machine Credentials¶
For your reference, the following table provides a list of the credentials for the systems in the pod:
Machine |
Username |
Password |
|---|---|---|
Kali |
root |
toor |
OWASP-BWA |
root |
owaspbwa |
OpenSUSE |
osboxes |
osboxes.org |
Security Onion |
ndg |
password123 |
WinOS |
Administrator |
Train1ng$ |
pfSense |
admin |
pfsense |
Bring the Master Pod online¶
In the pod view, click the drop arrow under State and select Online.
Create Class and Schedule the Master Pod¶
Create a class as identified in the Add Classes section of the NETLAB+ VE Instructor Guide then schedule the Master Pod to license the WinOS virtual machine(s) (choose the Series-2 lab design and select No Lab: Launch Cyber Range from the list of labs as this selection will boot up all VMs available in the pod).
Warning
When scheduling the Master Pod, it is important to schedule the pod for enough time to complete the following steps. Failure to complete the steps prior to taking the final snapshot could mean redeploying the necessary virtual machines.
Provide Temporary Internet Access to WinOS¶
Navigate to your Proxmox VE management server using your management workstation, and login.
Using your navigation panels, navigate to Resource Tree > Datacenter > your_management_server.
Expand its view to see the virtual machines you previously deployed.
Locate the WinOS virtual machine. In the Content Panel, select Hardware.
Select Network Device (net0) and click the Edit button.
In the Edit: Network Device window, set the Bridge field to an internet-accessible bridge.
Note
Alternatively, you can add a new Network Device to the VM and use it to link to a virtual machine port group that is linked to an internet accessible physical adapter.
Click OK to confirm the changes.
License and Activate WinOS¶
Log on to the WinOS virtual machine in the pod. If necessary, click the dropdown arrow for the VM’s tab
and select Send CTRL+ALT+DEL.
Log in as Administrator with Train1ng$ as the password.
Once logged in, make sure the TCP/IP settings are temporarily configured correctly so that the internet is reachable. This can vary depending on how your environment is set up.
Note
If you added a new temporary Network Device from the previous section, make sure to configure the TCP/IP settings for the newly added network adapter and use it to connect out to the internet.
Right-click on the Start icon in the lower-left and select System.
Scroll down and click Change product key or upgrade your edition of Windows in
the Windows activation section.
Click Change product key in the Activate Windows Now section.
Enter the product key and follow the on-screen instructions.
Windows should now be activated. If you received an error, make sure that the key entered is valid and
click the Troubleshoot link from the Activation Settings to troubleshoot the problem.
Shut Down WinOS¶
While on the WinOS machine, click the Start menu followed by clicking
the Shut Down button.
Reset the NIC to SAFETY_NET¶
Navigate to your Proxmox VE management server using your management workstation, and login.
Using your navigation panels, navigate to Resource Tree > Datacenter > your_management_server.
Expand its view to see the virtual machines you previously deployed.
Locate the WinOS virtual machine. In the Content Panel, select Hardware.
Select Network Device (net0) and click the Edit button.
In the Edit: Network Device window, set the Bridge field to SAFETY_NET.
Note
If you added a new temporary Network Device from the previous section, make sure to remove the Network Device.
Click OK to confirm settings.
Take New Snapshots for the Changed Master Virtual Machines¶
Locate the WinOS virtual machine. In the Content Panel, select Snapshots.
Select the current GOLDEN snapshot and click Remove.
Remember the name of this snapshot, as the new snapshot will need to have the exact same name.
Click Yes on the Confirm window.
Click the Take Snapshot button.
In the Create Snapshot window, type GOLDEN or whatever prior snapshot name the virtual machine had.
Click Take Snapshot to take a snapshot.
Repeat these steps for each virtual machine.
End Reservation¶
You may now end the reservation of the master pod.