Jump to content

CyberPEN ~ new community idea

Hyde

By Hyde
in Community Projects

 Share

CyperPEN Community project  

27 members have voted

  1. 1. Interested in the project?

    • Yes, I would love to get involved and help set things up
      19
    • Yes, once it is ready and going.
      4
    • Maybe, I will see when it is setup
      4
    • Nope...
      0

Recommended Posts

Hyde Newbie

Hyde

Posted
Posted

STATUS: ALPHA

CyberPEN is a community for people who want to assist others and improve their own network design, configuration, penetration testing, operation, administration, and security skills by being able to work on actual equipment.

More information to come. To see updates visit our website at www.cyberpen.org.

Groups, teams, or users will be able to remotely VPN into CyberPEN's network. At that point, the user will have full access to virtual machines running Linux, Windows Server 2003, Windows Xp and Vista, as well as Cisco switches, ASA appliance, and routers. You will be able to configure every single device and virtual machine to your specifications. Allowing you to improve your network and/or computer troubleshooting, administration, and designing skills.

You can improve your network security and penetration skills too.

Once you have setup your lovely network and attempted to secure it. It is time for it to be tested, not just by you but your community members. Your loving community will try to hack into your lovely network and try to obtain information from it.

All of our lovely volunteers will visit our website and then comment on that users/groups performance, such as what they did right and what they did wrong. Analyzing their configurations and administration.

Equipment:

One Server running multiple virtual machines with 8 different NIC cards

Two Cisco 2600 routers

ASA 5505

Cisco Catalyst 2950 Switch

Cisco Terminal server

Goals:

I really wanted to offer my resources and equipment to other people so we may all help each other improve our network and computer skills.

Help Wanted:

I need your support in building this community. I already have all of the equipment but I will need assistance in getting things started up.

In other words make suggestions! Constructive criticism is welcome!

post-13022-1235438848_thumb.jpg

Link to comment
Share on other sites
Hyde Newbie

Hyde

Posted
  • Author
Posted

Definitely not going to be pay. A Donation type of deal. Right now, I am deciding what OS I will be running the VM server and all that fun stuff.

I would like to get a few people involved to discuss the direction of this community project. Brainstorm and such for expanding, and what else we could do with the equipment.

Heck, we could even host hacking events with Hak5. See if anyone could hack the system if they win they get Hak5 stuff or something. The way it would work would be, we have teams, then they work together to secure the system as best as they can and then have people try to break in or steal data. Of course, we would have to setup a business/operations model of what network services, clients, and servers the small business will need to run their daily operations. This would make a challenge for the teams. You don't want the teams being like. "Oh!, we can just block all out going and in going traffic, we win." =P, Then we challenge community members to try and hack in.

Link to comment
Share on other sites
Hyde Newbie

Hyde

Posted
  • Author
Posted
Sounds interesting, a good on you for doing this.

What are you going to do to stop people from using the resources your making available to them for illegal/malicious use against other people/organizations?

Thanks for the compliment and thanks for bring that up because that is a major concern of mine. These issues will have to be hammered out as well but here is the basic idea behind preventing that situation.

The only way to access the network resources is to VPN into it. Beyond the VPN device nothing will be communicating with the outside world *non of the community users will have access to the community device*.

Suggestions on this subject are welcome. Let's discuss this.

Link to comment
Share on other sites
Hyde Newbie

Hyde

Posted
  • Author
Posted
How can I help?

As for right now, let's do some brainstorming.

Here are the tasks at hand.

Needs:

Website

Ideas

Policies

A Writer

Beta Testers (once the initial setup is done)

What I am doing:

Configuring VM server.

Setting up VMs

What I am doing next:

initial settings for Cisco switches, ASA, and routers.

Link to comment
Share on other sites
Necrosis Newbie

Necrosis

Posted
Posted

I am very interested. As of right now I am just starting out learning in the field of networking. I am studying for my networking+ exams and I would very much like a community to consult in case I need help or just need a project to work on. Thanks

Link to comment
Share on other sites
DingleBerries Newbie

DingleBerries

Posted
Posted

There should be a sign on page where you have to have valid emails, no 10min mail, that why if something happens(CP) then you know who and where it came from.

VPN is a good idea, darknet cough. I can beta test and write a few programs but i have no photo shop fu. Once you get it up and going we can find a domain and work from there.

Link to comment
Share on other sites
stingwray Newbie

stingwray

Posted
Posted
Thanks for the compliment and thanks for bring that up because that is a major concern of mine. These issues will have to be hammered out as well but here is the basic idea behind preventing that situation.

The only way to access the network resources is to VPN into it. Beyond the VPN device nothing will be communicating with the outside world *non of the community users will have access to the community device*.

Suggestions on this subject are welcome. Let's discuss this.

Sounds good, but your inviting people to attack this network (even if it is from internally), you may have to deal with the VPN server being attacked and compromised allowing them to talk to the internet.

Make sure you have a 1 click restore function on the network, people are going to hose it so often if its anything more than 1 click to return to a working normal state its going to be a chore to get it going again.

Link to comment
Share on other sites
Hyde Newbie

Hyde

Posted
  • Author
Posted
There should be a sign on page where you have to have valid emails, no 10min mail, that why if something happens(CP) then you know who and where it came from.

VPN is a good idea, darknet cough. I can beta test and write a few programs but i have no photo shop fu. Once you get it up and going we can find a domain and work from there.

I agree, there should be a sign on page requiring valid email. That would be a great way to track things.

I really appreciate the help DingleBerries. I am going to try and get a beta version of the equipment setup in the next few days.

Sounds good, but your inviting people to attack this network (even if it is from internally), you may have to deal with the VPN server being attacked and compromised allowing them to talk to the internet.

Make sure you have a 1 click restore function on the network, people are going to hose it so often if its anything more than 1 click to return to a working normal state its going to be a chore to get it going again.

Yes, inviting people into attack the network is the plan but it needs to be controlled. The VPN server needs to be locked down and protected. Also we should come up with a solution to 1 click restore.

I really appreciate the help. We will make this project work!

Link to comment
Share on other sites
Deathdefyer2002 Newbie

Deathdefyer2002

Posted
Posted

The 1 click restore should be pretty simple on the Cisco equipment as you just save the running-config file. Hell you might even be able to write a batch script to automatically do it.

I just graduated with a degree in Telecommunications so any help I can be.... Please let me know!!!

Also, I would love to be one of the Beta Testers :)

Link to comment
Share on other sites
Hyde Newbie

Hyde

Posted
  • Author
Posted

I am going to make a push to get VPN up and running, cable the cisco equipment, and configure the terminal server (device that consoles into the cisco equipment so you can configure all the cisco equipment from one device) this weekend. I will be using OpenVPN.

DingleBerries, stingwray, and VaKo, I'd like for you three to be the first beta testers. If you don't mind.

I'd like to get a dialogue going between us, via a chat system of some sort. Brain storm some ideas on how to harden the VM Server (protect it from being used for evil, attack outside the network), events, contests, scenarios, programs we can use to improve the lab, and website.

Deathdefyer2002 and Necrosis, I haven't forgot about you two. I will get you involved as well later.

Wish me luck!!

Hyde

Link to comment
Share on other sites
DingleBerries Newbie

DingleBerries

Posted
Posted

I was thinking about this and I have a few questions. Are you setting up vpns for individual VMs or to the main os? I cant do diagrams but by having a vpn to the core of the machine the person now has access to the main OS and can root it very easily. There is a RH exploit for escalation of privileges. But by having a team to verify people individually you can "almost" eliminate this threat.

What is the main OS going to be? Think of using some sort of steady state for that and saving the VMs and configs for users on a different partition. My idea looks a bit like

Partition 1 = Main OS

Partition 2 = Swap(if linux, better yet just use a swap file... unless we have access to the main os)

Partition 3 = VMs

Partition 4 = User configs, VPN stuff

Then if possible have Partition 4 mirrored or set to back up at certain intervals, that way if something happens you can restore it. On another note, this isnt going to be using you ip from your ISP is it? If so then be careful what you have on your network because you may get a few unsavoury persons attacking you directly. Other than that great idea!

Link to comment
Share on other sites
Hyde Newbie

Hyde

Posted
  • Author
Posted
I was thinking about this and I have a few questions. Are you setting up vpns for individual VMs or to the main os? I cant do diagrams but by having a vpn to the core of the machine the person now has access to the main OS and can root it very easily. There is a RH exploit for escalation of privileges. But by having a team to verify people individually you can "almost" eliminate this threat.

What is the main OS going to be? Think of using some sort of steady state for that and saving the VMs and configs for users on a different partition. My idea looks a bit like

Partition 1 = Main OS

Partition 2 = Swap(if linux, better yet just use a swap file... unless we have access to the main os)

Partition 3 = VMs

Partition 4 = User configs, VPN stuff

Then if possible have Partition 4 mirrored or set to back up at certain intervals, that way if something happens you can restore it. On another note, this isnt going to be using you ip from your ISP is it? If so then be careful what you have on your network because you may get a few unsavoury persons attacking you directly. Other than that great idea!

Are you setting up vpns for individual VMs or to the main os?

You will connect to the VPN device remotely, then you will be apart of the management LAN, from there you can connect to the VMserver, which is a Ubuntu machine. The only way they can interface with the VMserver will be via a browser, https to be specific. No ssh, no console or any other type of access, just a web Gui. If there is an exploit I am unaware of inform me thanks. They won't be able to access the main OS. They can screw up the VMs all they want though.

This is how I was going to do the VMs and VPN. I will try and do I diagram.

VPN is going to be it's own little device seperate to the VMserver.

Internet

Devices:

VPN device =
OpenVPN

VMserver (Ubuntu server 8.10[i might use ESXi later) =

Partition 1 = hda = Main OS, / (root)

Partition 2 = hdb = Swap

Partition 3 = hdb = /home

Partition 4 = hdc = /usr, VMs storage

Cisco equipment will be only accessible through one of the Virtual machines. The VM is connected to a console port with a terminal server to configure all the cisco equipment

I will actually draw a network layout this weekend and post it on my site and here.

I will be using an IP from my ISP. Yes, I know it has some dangers but it is fine for now. I will get my own dedicated connection eventually.

Does this make sense?

Link to comment
Share on other sites
  • 7 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...