Franske CNT-2820 Labs-Homework: Difference between revisions
Jump to navigation
Jump to search
BenFranske (talk | contribs) (Created page with "For each chapter in the course you will need to complete some assignments which may include homework and/or labs. The specific type of assignment(s) varies depending on the chapt...") |
BenFranske (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
For | For most chapters in the course you will need to complete some assignments which may include homework and/or labs. The specific type of assignment(s) varies depending on the chapter. This page will list the labs and/or other assignments you need to complete, organized by chapter. If you have any questions about these assignments please contact the instructor for clarification or assistance. All assignments are due as indicated on the course schedule. | ||
=Chapter 1= | =Chapter 1= | ||
There is no homework or lab assignment for chapter 1. | |||
=Chapter 2= | =Chapter 2= | ||
==Prepare a Windows XP VM== | |||
Your first task is to prepare a Windows XP virtual machine which we will use throughout the course as a lab system. In the lab we will use the Oracle VirtualBox software and a pre-built Windows XP system which we will make a copy of specifically for this class. | |||
# Open the D: drive of your computer by clicking the Start Menu and typing "d:" in the search box, then pressing Enter. | |||
# Create a new folder on this drive titled "fa11-yourlogin" where you have replaced yourlogin with the username you use to log in to the system | |||
# Start the VirtualBox software Start -> All Programs -> Oracle VM VirtualBox -> Oracle VM VirtualBox | |||
# '''IMPORTANT!!!''' Change the default storage location for your VMs to your new "fa11-yourlogin" folder by clicking File -> Preferences and selecting "Other..." from the "Default Machine Folder" drop down list on the "General" page. Navigate to the Computer -> D: -> "fa11-yourlogin" folder and click OK. Verify the folder location is correct for the "Default Machine Folder" setting and click OK. | |||
# Import the base virtual machine. Click the File -> Import Appliance menu option then click the "Choose..." button. Navigate to Computer -> D: -> CNT Files -> VirtualBox XP and open the "CNT XP Base" file. Click the Next button and verify the "Virtual Disk Image" location is inside the "D:\fa11-yourlogin" folder then click the Import button. | |||
# Disable USB, shared folders and audio for the VM by clicking on the new virtual machine listed on the left side of the screen and then clicking on the word "USB" on the right side of the screen. Click OK on the warning message and then uncheck the "Enable USB Controller" box at the top of the window. Click the "Shared Folders" page on the left side of the window, click the "Desktop" shared folder and then press the Delete key. Finally, click the "Audio" page on the left side of the window and uncheck the "Enable Audio" box. Click the OK button to save your settings. | |||
# Start the VM by clicking on the new virtual machine listed on the left side of the screen and then clicking the green Start arrow at the top of the window. Read and then click OK on the message about keyboard capture. Read and then click OK on the message about mouse pointer integration. Wait as the mini-setup process completes, reading and then clicking OK on any VirtualBox messages that come up. You may choose to check the box not to see the message again on any of these if you like. | |||
# Once the system reboots once you can login to the Virtual Machine using the Administrator account and the password "College1". | |||
# Open a web browser in the VM. You will need to enter your IHCC login and password and install the SafeConnect client to access the Internet from your VM, do this now. | |||
# Congratulations! Your Windows XP Virtual Machine is now setup and configured for your use during this course. | |||
==Scan Your System for Rootkits== | |||
Follow the instructions on page 73 of your book to complete "Project 2-2: Scan for Rootkits". Note that all of this should be done inside your Windows XP Virtual Machine. | |||
==Use a Software Keylogger== | |||
Note that all of this should be done inside your Windows XP Virtual Machine. | |||
Follow the instructions at the bottom page 73 of your book to complete "Project 2-3: Use a Software Keylogger". '''IMPORTANT:''' Due to some corrupt system files in the XP Base image you will not be able to use the Wolfeye Keylogger noted in the book. Instead please download and use the free Pykeylogger software from [http://pykeylogger.sf.net/]. Instructions on that site explain how to use the keylogger. I suggest installing it with a shortcut to the desktop so you can easily start it. | |||
You will need to modify the settings of the keylogger to access it's control panel because the Right-Ctrl key which is normally used is already being used by VirtualBox for keyboard capture. To do this: | |||
# Open Wordpad by clicking Start -> All Programs -> Accessories -> Wordpad. | |||
# Open the file "C:\Program Files\PyKeylogger\pykeylogger.ini". You may need to switch to showing "All Documents" or enter the full location into the open dialog box to access the file. | |||
# Find the line ''Control Key = Control_L;Control_R;F12'' and change it to ''Control Key = Control_L;Alt_R;F12'' | |||
# Now when you start the keylogger you can access it's hidden control panel by pressing the Left Control, Right Alt and F12 keys at the same time. | |||
This keylogger is started either through the link in the start menu or on your desktop if you chose to create one. Your log files are stored in the "C:\Program Files\PyKeylogger\logs" folder. | |||
=Chapter 3= | =Chapter 3= | ||
Revision as of 17:12, 6 September 2011
For most chapters in the course you will need to complete some assignments which may include homework and/or labs. The specific type of assignment(s) varies depending on the chapter. This page will list the labs and/or other assignments you need to complete, organized by chapter. If you have any questions about these assignments please contact the instructor for clarification or assistance. All assignments are due as indicated on the course schedule.
Chapter 1
There is no homework or lab assignment for chapter 1.
Chapter 2
Prepare a Windows XP VM
Your first task is to prepare a Windows XP virtual machine which we will use throughout the course as a lab system. In the lab we will use the Oracle VirtualBox software and a pre-built Windows XP system which we will make a copy of specifically for this class.
- Open the D: drive of your computer by clicking the Start Menu and typing "d:" in the search box, then pressing Enter.
- Create a new folder on this drive titled "fa11-yourlogin" where you have replaced yourlogin with the username you use to log in to the system
- Start the VirtualBox software Start -> All Programs -> Oracle VM VirtualBox -> Oracle VM VirtualBox
- IMPORTANT!!! Change the default storage location for your VMs to your new "fa11-yourlogin" folder by clicking File -> Preferences and selecting "Other..." from the "Default Machine Folder" drop down list on the "General" page. Navigate to the Computer -> D: -> "fa11-yourlogin" folder and click OK. Verify the folder location is correct for the "Default Machine Folder" setting and click OK.
- Import the base virtual machine. Click the File -> Import Appliance menu option then click the "Choose..." button. Navigate to Computer -> D: -> CNT Files -> VirtualBox XP and open the "CNT XP Base" file. Click the Next button and verify the "Virtual Disk Image" location is inside the "D:\fa11-yourlogin" folder then click the Import button.
- Disable USB, shared folders and audio for the VM by clicking on the new virtual machine listed on the left side of the screen and then clicking on the word "USB" on the right side of the screen. Click OK on the warning message and then uncheck the "Enable USB Controller" box at the top of the window. Click the "Shared Folders" page on the left side of the window, click the "Desktop" shared folder and then press the Delete key. Finally, click the "Audio" page on the left side of the window and uncheck the "Enable Audio" box. Click the OK button to save your settings.
- Start the VM by clicking on the new virtual machine listed on the left side of the screen and then clicking the green Start arrow at the top of the window. Read and then click OK on the message about keyboard capture. Read and then click OK on the message about mouse pointer integration. Wait as the mini-setup process completes, reading and then clicking OK on any VirtualBox messages that come up. You may choose to check the box not to see the message again on any of these if you like.
- Once the system reboots once you can login to the Virtual Machine using the Administrator account and the password "College1".
- Open a web browser in the VM. You will need to enter your IHCC login and password and install the SafeConnect client to access the Internet from your VM, do this now.
- Congratulations! Your Windows XP Virtual Machine is now setup and configured for your use during this course.
Scan Your System for Rootkits
Follow the instructions on page 73 of your book to complete "Project 2-2: Scan for Rootkits". Note that all of this should be done inside your Windows XP Virtual Machine.
Use a Software Keylogger
Note that all of this should be done inside your Windows XP Virtual Machine.
Follow the instructions at the bottom page 73 of your book to complete "Project 2-3: Use a Software Keylogger". IMPORTANT: Due to some corrupt system files in the XP Base image you will not be able to use the Wolfeye Keylogger noted in the book. Instead please download and use the free Pykeylogger software from [1]. Instructions on that site explain how to use the keylogger. I suggest installing it with a shortcut to the desktop so you can easily start it.
You will need to modify the settings of the keylogger to access it's control panel because the Right-Ctrl key which is normally used is already being used by VirtualBox for keyboard capture. To do this:
- Open Wordpad by clicking Start -> All Programs -> Accessories -> Wordpad.
- Open the file "C:\Program Files\PyKeylogger\pykeylogger.ini". You may need to switch to showing "All Documents" or enter the full location into the open dialog box to access the file.
- Find the line Control Key = Control_L;Control_R;F12 and change it to Control Key = Control_L;Alt_R;F12
- Now when you start the keylogger you can access it's hidden control panel by pressing the Left Control, Right Alt and F12 keys at the same time.
This keylogger is started either through the link in the start menu or on your desktop if you chose to create one. Your log files are stored in the "C:\Program Files\PyKeylogger\logs" folder.