Create Your Own Security Lab - Project AVATAR

Create Your Own Security Lab - Project AVATAR

Tony Robinson, a.k.a. da_667 has created a guide you can use to set up your own Security Lab. He guides you through the setup with several different hypervisors. This is another post Kurt (kph) put me onto.

da_667 covers deploying a pretty comprehensive lab environment in detail for five different hypervisors.

  • Microsoft Client Hyper-V
  • Oracle VirtualBox
  • VMware Fusion Pro
  • VMware Workstation Pro
  • VMware vSphere Hypervisor (ESXi)

Here's a screenshot of the Table of Contents for the VMware Workstation Pro setup:

VMWare Workstation Pro TOC screenshot

A free copy of the guide is available from da_667 here. According to his "blahg", the free book was only supposed to be available until 23 January, 2017, so there's no telling when it will be taken down.

da_667 blahg post screenshot

[Update] Sorry folks, the book is no longer free. I found this out on 7 June 2017. It is available for $35 on createspace, and I think is worth the money. It is also available on Amazon as an ebook (Kindle) or in print for the same price.

Avatar book screenshot

In the book, you'll be walked through the process of creating a virtual network using your hypervisor of choice that will contain the following network segments:

  • External Bridged Network
  • Management Network
  • IPS 1 Network
  • IPS 2 Network

Traffic between segments is primarily controlled with a PFSense Gateway Virtual Machine.

I have experience with PFSense and will be writing a future blog post about it. It's a full featured open source firewall worth looking into for home or work.

PFSense screenshot

Installation of a Kali Linux VM is also covered. Kali's the premier Pen Tester tool kit.

Kali Screenshot

Other key areas covered are:

  • Configuring traffic flow between segments
  • Configuring management systems
  • Security Intrusion Events Manager (SIEM) configuration (a.k.a. Security Information Event Manager)
  • Intrusion Prevention System (IPS) configuration
  • Metasploitable 2 configuration

da_667 has put a lot of effort into this. His goal is to have a book you could hand to a new team member or intern and say "Spin us up a lab." and she would be able to do it. Cool stuff.

I'm anxious to see the finished product available for purchase so I can get me a copy and contribute a few $ to his coffers for his efforts.

[Update] I did order my hard copy of the book from Amazon today (7 June 2017).

Book ordered on Amazon

/* Adding copy button to code snippet in Ghost https://forum.ghost.org/t/how-do-i-add-a-copy-button-to-a-code-snippet/34586 */