This topic contains 1 reply, has 2 voices, and was last updated by Dranks 2 weeks, 4 days ago.
- April 23, 2021 at 7:14 am #386429
I have project to make. I want to present threats and mechanisms how to protect against threats. My job is to prepare the environment (simulation?) and simulate attack and show how to defend.
At first I wanted to do everyhing in virtualbox as simple network but my profesor wants me to make it as security project for small/medium size company. I have no idea where to start and I’m looking for advice.
- April 23, 2021 at 7:14 am #386430
Off the top of my head, id say first a router as the perimeter(opensense is good). Behind that, add some vlans. Two user/ endpoint vlans, maybe two or three windows client vms on each. A server vlan, and set up on that a windows domain controller, file server, sql server, and web server. Set up rules between each subnet on the opensense to only allow the actual sorts of traffic which would be needed between them. Also port forward/static nat the web server to your normal network. That would be a start, you could make plenty of other modifications like linux servers, additional endpoints like android, mac, and printers ( not sure how to virtualise them but…) and a DMZ network for the webserver
- April 23, 2021 at 7:14 am #386431
Provide the scope and quantity of devices that should exist within this fake company network. Consider signing up for AWS and using your free compute hours and resources to set up a test environment in the cloud.
- April 23, 2021 at 7:14 am #386432
This sounds very time consuming and expensive depending on your concept of “medium” sized. Honestly if you wanted that experience and had the money you could buy the lab time for OffSecs Proving Grounds which gives you two very elaborate corporate networks to attack with lots of avenues to learn and it will even set you up for your OSCP certification. If you’re gonna invest that much time and money into building one yourself it’s definitely worth looking into that first if you don’t already have your certification.
- April 23, 2021 at 7:14 am #386433
Do you need an entire network or just systems?
As in, do you need router, FW, and switches. Or just servers running things like a DC with AD and a file share?
You must be logged in to reply to this topic.