Version 1.0 Scenario - This scenario uses the version 1.0 Administrative VM. It is not compatable with the new version 1.2 release. Download the previous Admin VM here.

Download

You can download the scenario from here (SHA1 bdeb04ed1c4a370b3719cf286d741da941517864). Warning: This is a 6GB download. It contains 7 VMs.

This scenario is based on the ReferenceVSN, with some additional content. For instance, the GameServer VM in this scenario also installs and uses Metasploit to simulate attacks.

Below is an example of the instructions generated for the player. Note that some of the details will change when you deploy the scenario because of the use of Generators. You can examine the netdef.xml contained in the download to see which values will change, or even to change some yourself (You should at least change the password for logging into the GameServer VM, which is at the top of the file).

    Congratulations! You are now responsible for rhinoribbons.org, here are your credentials: admin:Rhin0s

    Machines in the network:
      External:
        Web: www.rhinoribbons.org - 185.110.107.59
        Mail: mail.rhinoribbons.org - 185.110.107.131
      Internal:
        Database: db.rhinoribbons.org - 10.0.0.15
        File server: fileserver.rhinoribbons.org - 10.0.0.39
      Border:
        Firewall: fw.rhinoribbons.org - 185.110.106.2, 10.0.0.1, 185.110.107.1

    There is a backup of the website in root's home directory on www.rhinoribbons.org

    You should complete the following before the close of business today:
      1) Setup your email client and check it often. There may be important emails that you will need to attend to.
      2) Ensure the firewall is properly configured such that only absolutely required traffic can get from the DMZ to the LAN
      3) Ensure all external servers are safe from SSH brute force attacks. Policy change is at your discretion.
      4) Inspect your network for any additional flaws or poor security practices and take appropriate action or report your findings.

    Configuring your email client:
    1) Open Thunderbird and press "Skip this and use my existing email"
    2) Enter your name
       email: admin@rhinoribbons.org
       password: Rhin0s
       Press continue then manual config
    3) Use mail.rhinoribbons.org for both the incoming and and outgoing server hostname and choose re-test.
    4) Press Done. Confirm any security exception notices that pop up, we were too cheap to pay for a proper SSL certificate.

Using this scenario

  1. First follow the UserGuide to the point of "Installing a scenario".
  2. Download this scenario and place it either (1) in your import directory for VirtualBox, or (2) inside the AdminVM for VMware.
  3. Unpack the download using the tar -xf <downloadfilename>.tar command from inside the AdminVM.
  4. Run the command occpadmin --help inside the AdminVM to see what options are required for your hypervisor.
  5. Run the command occpadmin with the options for your hypervisor and the following options (you must run this from the scenario directory, or provide the full path to the config file):
    occpadmin --mode launch --config netdef.xml
    

    On the Host machine start Virtual Box web services if needed:

    vboxwebsrv -H 0.0.0.0 -A null
    

    Note: Check the VirtualBox documentation for how to use real authentication mechanisms.

    An example command would be:
    # The name of this folder will depend on what you called in when setting up the AdminVM's shared folder
    cd /media/sf_*/rhinoribbons
    # When running the entire scenario on one hypervisor use the following. The importdir is relative to the Host machine
    occpadmin --hvtype vbox --importdir /Users/myself/Desktop/occp --url http://192.0.2.1:18083/ --username '' --password '' --mode launch --config netdef.xml
    
    This example assumes that you have extracted the .tar file to the import directory given on the same host as the AdminVM is running.
  6. After the command has finished, all 7 VMs should be running and ready for use. Login to the gameserver as moderator (check the netdef.xml for the password, which you can change before you launch).
  7. Once logged in, you should be able to just hit 'up' and the command 'sudo occpgs -f instance.xml' should appear. Run that command to start the GameServer.
  8. The GameServer will present a menu allowing you to start, pause, or stop the automated events, and to check the current scores.
  9. Once you start the GameServer, you can login to the 'rhinoblue' machine and follow the instructions on the Desktop (similar to the above). You should be able to use 'ssh' on that machine to connect to all of the others given the information in the instructions.
  10. Defend your network!

Install for Virtual Box Model 2

  1. First follow the one time install guide for using Virutal Box distributed.
  2. Download this scenario file and place it in your import directory C:\OccpShared? .
  3. Launch the Administrative VM and log into the console using the default userid: occpadmin and password: 0ccpadmin
  4. Change to the shared directory
    cd /media/sf_*/
    
  5. Unpack the download using the tar command from inside the AdminVM.
    tar -xf <downloadfilename>.tar
    
  6. Change directories into the scenario directory
    cd rhinoribbons
    
  7. Copy your map file from the occpadmin home directory into the scenario
    cp /home/occpadmin/mapfile .
    
  8. Update your mapfile to distribute the following VMs accross your hypervisors
    # Be sure to include the word Router on the primaryVSN line and 
    # match the addresses configured during your original setup.
    
    primaryVSN/<address>,<gateway>: Router, gameserver, rhinomail, rhinowww, rhinofw, rhinodb, rhinofileserver
    
    # Deploy the Player VM to the remote host
    
    lab1: rhinoblue
    
  9. Run the command occpadmin --help inside the AdminVM to see what options are required or available for your hypervisor.

    On the Host and Remote machines be sure to start Virtual Box web services:

    C:\<VirtualBoxInstallDirectory>\vboxwebsrv -H 0.0.0.0 -A null
    

    Note: Check the VirtualBox documentation for how to use real authentication mechanisms.

  10. Run the command occpadmin with the options for your hypervisor and the following options (you must run this from the scenario directory, or provide the full path to the config file):
    occpadmin --mode launch --hvmap mapfile --config netdef.xml --username '' --password ''
    
  11. After the command has finished, all 7 VMs should be running and ready for use. Login to the gameserver as moderator (check the netdef.xml for the password, which you can change before you launch).
  12. Once logged in, you should be able to just hit 'up' and the command 'sudo occpgs -f instance.xml' should appear. Run that command to start the GameServer.
  13. The GameServer will present a menu allowing you to start, pause, or stop the automated events, and to check the current scores.
  14. Once you start the GameServer, you can login to the 'rhinoblue' machine and follow the instructions on the Desktop (similar to the above). You should be able to use 'ssh' on that machine to connect to all of the others given the information in the instructions.
  15. Defend your network!

TroubleShootingLabDeployments