Online Digital Forensics Courses and Labs
Building a Low-cost and State-of-the-art IoT Security Hands-on Laboratory

Funded by National Science Foundation (NSF)

RAS - Step by Step HTML

Introduction     Communication     Installation   Configuration   Features  
 

Authors Dr. Cliff Zou, 407-823-5015, czou@cs.ucf.edu and Mr. Benigno Rodriguez, jrodsoto@knights.ucf.edu

Remote Access Services

This document is divided in the following three main sections. Pre-Installation Configuration and Overview (Read first) Installations Section Configuration Section It is important to follow the instructions as describe in this document to ensure the virtual infrastructure is properly set up for this lab and future used. This lab will serve as the cornerstone for our labs virtual environment. Part I (this document) will consists of setting the environment and Part II (future document) will focus on both offensive and defensive security. We recommend reading information in this document entirely before proceeding with the installation and configuration for this lab. It is better to have an overall view and understanding of all steps that will required for successfully setting this virtual environments. Futures labs will be develop utilizing this environment and will demonstrate some aspects about cyber forensic and cyber security.

PRE-INSTALLATION CONFIGURATION

Oracle VirtualBox Configuration
One VirtualBox Network - Select the following Menu Options to create and NatNetwork and assign the following IP network (10.0.2.0/24)

Select: VirtualBox / Preferences / Network from Virtual Box Menu Options

a) Create a NatNetwork

10.0.2.0/24

Create or modify your existing Nat Networks based on the information provided above.

This NatNetwork will be assign to the following VMs

1) Endian Firewall/Router (bridged)

2) Windows 10 Remote Client (only when testing RAS server) - This windows 10 remote client will be configure in two different networks during the lab depending on the functions it will performed. (Administrator Client virtual machine when working on the internal network, and when accessing the network remotely using the windows VPN services.

b) Create Three Host Networks

1) vboxnet0 - this network is the internal network for our secure server infrastructure. (PDC) 192.168.56.0/24 dhcp option enabled

2) vboxnet1 - this network is the internal network for our DMZ perimeter. (RAS) 192.168.57.0/24 dhcp option disable

3) vboxnet2 - this network is the WAN network for our DMZ perimeter. (RAS) 192.100.1.0/24 dhcp option disable


Windows Server Primary Domain Controller
Create one NEW VM on VirtualBox for Windows Server 2016
Add ISO to New Windows Server 2016 Storage (download ISO file)
Follow the steps listed on this document (select Installation desktop experience)
Windows Remote Access Server - RAS (Gateway Server)
Create one NEW VM on VirtualBox for Windows Server 2016
Add ISO to New Windows Server 2016 Storage (download ISO file)
Follow the steps listed on this document (select Installation desktop experience)
Firewall - Endian Community 3.0 Firewall for Software Defined Network (SDN)

Endian Firewall installation is simple, thus it is required that the appropiate adapters are configured in the Virtial Box Environmenet. It's recommended to complete the instructions for Virtual Box from the instructions document provided above. The installaton steps consists of the following.

Language Selection
Hard Drive Partitioning
Network Interface for GREEN adapter

This adapter is the minimum adapter require for proceeding with the installation. Instructions are provided (guide doc) to reconfigired the firewall's adapters if Virtual Box congurations is done after. (The green interface is the local secure interface for internal resources. In our lab, it includes a primary domain controller and a windows 10 client virtual machine.)

Click Here - external resource. Endian Firewall on virtual box.

Windwos 10 Client
Create one NEW VM on VirtualBox for Windows 10 Client
Add ISO to New Windows 10 Storage VM (download ISO file)
Follow the steps listed on this document click here