2 VPN Configuration for BackTrack 5R3 32-Bit with Gnome . .... An ethical
hacking toolset such as BackTrack is required to participate. Some participants
may ...
Symantec Cyber Readiness Challenge Player’s Manual
Version 1.0 March 5, 2013
Table of Contents 1 Symantec Cyber Readiness Challenge Preparation ................................................................ 2 1.1
Resources ......................................................................................................................................................... 2
2 VPN Configuration for BackTrack 5R3 32-Bit with Gnome ..................................................... 3 Please note that these instructions should also apply to most versions of Linux. ........................................................ 3 2.1 Launch BackTrack ............................................................................................................................................ 3 2.2 Certificate Settings............................................................................................................................................ 3 2.3 Client Install ...................................................................................................................................................... 6 2.4 Client Test ......................................................................................................................................................... 9 2.5 Client Disconnect ............................................................................................................................................ 10
3 VPN Configuration for Windows ............................................................................................. 11 3.1 3.2
Client Installation ............................................................................................................................................ 11 Client Test ....................................................................................................................................................... 14
4 VPN Configuration for Mac OS X ............................................................................................ 16 4.1 4.2
Client Installation ............................................................................................................................................ 16 Client Test ....................................................................................................................................................... 20
Appendices..................................................................................................................................... 23 Appendix A:
Resources .......................................................................................................................................... 24
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 2
1 Symantec Cyber Readiness Challenge Preparation 1.1 Resources Participants will need to provide their own system for the Cyber Readiness Challenge, such as a laptop or notebook computer. Devices such as an iPad or Android tablet cannot be used. An ethical hacking toolset such as BackTrack is required to participate. Some participants may already have these resources at their disposal, including a preferred ethical hacking environment and tools. You are encouraged to use what you have or may be familiar with. If you currently do not have an ethical hacking environment, or a “toolset,” we recommend starting with BackTrack. It is free to download and use. The 32-bit version is recommended to be able to support the Cisco VPN client that might be used for the Cyber Readiness Challenge. Virtualization software, such as the free VMware Player or VirtualBox, is an easy way to get started with BackTrack using the virtual appliance version or a full installation from the distribution. Wired and/or wireless networking will be available for the event. The Cyber Readiness Challenge will be accessed via a Virtual Private Network, or VPN. The software necessary to access it will be provided as part of the setup for the event. Details for installing the software are included next.
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 3
2 VPN Configuration for BackTrack 5R3 32-Bit with Gnome Please note that these instructions should also apply to most versions of Linux.
2.1 Launch BackTrack Step 1 – Start BackTrack, either native or a virtual machine (VM). If you are using a VM, bridged mode is recommended. a. Log in with your credentials (the default username is root, password is toor). b. Make sure you have a valid IP address and can access the Internet (see your network admin for help). c. Start the Gnome or KDE desktop by typing startx and pressing Enter.
2.2 Certificate Settings Step 2 – Check the Firefox Certificates.
a. Start Firefox by clicking the dragon icon in the top left hand corner. Browser
Copyright © 2013 Symantec Corporation. All rights reserved.
Select Internet -> Firefox Web
Page 4
b. Navigate to Encryption by clicking on Edit -> Preferences -> Advanced -> Encryption.
c.
Click on View Certificates and then click on the Authorities Tab and scroll down to the VeriSign Class 3 Public Primary Certification Authority – G5
d. Click on Edit Trust
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 5
e. Check all three boxes and press OK
f.
Scroll down to the VeriSign Class 3 Secure Server CA – G3
g. Click on Edit Trust
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 6
h. Check all three boxes and press OK until you are at the Firefox Preferences Screen
i.
Click the X at the Firefox Preferences
j.
Click the X to exit Firefox
k.
Launch Firefox again
2.3 Client Install Step 3 – Install AnyConnect Client. a. Start Firefox and navigate to the following URL: https://emea.cyberreadinesschallenge.com
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 7
b. If you get the following blocked script message click the scripts icon and then Allow cyberreadinesschallenge.com
c.
Log in with your Cyber Readiness Challenge user name and password
d. Wait until the Sun Java applet install times out and then click on the Linux i386 link
e. Transfer the vpnsetup.sh file to the /root folder of the Linux OS f.
Start the Terminal application and change directory to /root (cd /root)
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 8
g. Execute the ls command and you should see the vpnsetup.sh file
h. Change the permissions on the file by performing chmod +x vpnsetup.sh i.
Execute the ls command again to ensure that the file is now executable. If the file is green, then it can be executed.
j.
Execute the vpnsetup.sh script by executing ./vpnsetup.sh
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 9
k.
If the script asks you to accept the terms in the license agreement, press Y and Enter
l.
Start the VPN client GUI by clicking on the menu icon in the upper left corner, navigating to “Internet,” and selecting the Cisco VPN GUI m. Enter the hostname emea.cyberreadinesschallenge.com and click Connect
n. When prompted, enter your username and password from registration o. The VPN client should now connect
2.4 Client Test Step 4 – Test AnyConnect Client. Note: This step may or may not be available prior to the event, and is optional but recommended. registration or event emails to see if it is offered.
Copyright © 2013 Symantec Corporation. All rights reserved.
Refer to your
Page 10
a. Open Firefox and navigate to the URL http://10.1.2.11
b. If you receive confirmation that the page loads, then you are now ready for the event.
2.5 Client Disconnect Step 5 – Install AnyConnect Client. a. Disconnect from the VPN by right clicking on the AnyConnect icon in the menu bar and select Disconnect or Quit.
b. Start the VPN client GUI in the future by clicking on the menu icon in the upper left corner, navigating to “Internet,” and selecting the Cisco AnyConnect Secure Mobility Client.
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 11
3 VPN Configuration for Windows 3.1 Client Installation Step 1 – Start Windows, either native or a virtual machine (VM); if you are using a VM, bridged mode is recommended. a. Log in with your credentials. b. Make sure you have a valid IP address and can access the Internet (see your network admin for help). Step 2 – Open Internet Explorer a. Launch Internet Explorer b. Navigate Internet Explorer to the URL https://emea.cyberreadinesschallenge.com
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 12
c.
Login to the Cisco SSL VPN Service Portal with your Cyber Readiness Challenge user name and password
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 13
d. Click on the yellow banner to allow the AnyConnect add-on to be installed
e. If the following Java warning appears, click “Run”:
f.
If the User Account Control pops up, click the Yes button
g. The web page might show an error that VPN connection establishment failed. However, if you click on the Cisco AnyConnect Icon in the notifications area you will see that in fact the VPN is connected. Copyright © 2013 Symantec Corporation. All rights reserved.
Page 14
m. The VPN should now start;
3.2 Client Test Step 2 – Test AnyConnect Client. Note: This step may or may not be available prior to the event, and is optional but recommended. registration or event emails to see if it is offered.
Refer to your
a. Open Internet Explorer and navigate to the URL http://10.1.2.11
b. If you receive confirmation that the page loads, then you are now ready for the event c. Terminate the VPN client by clicking on the AnyConnect icon in the notification area and then click “Disconnect”
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 15
d. To open the VPN client in the future, navigate to Start Menu -> Cisco -> Cisco AnyConnect Secure Mobility Client -> Cisco AnyConnect Secure Mobility Client
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 16
4 VPN Configuration for Mac OS X 4.1 Client Installation Pre-requisite: Make sure Java is installed. Use http://java.com to download and install it if needed. a. Log in with your credentials b. Make sure you have a valid IP address and can access the Internet (see your network admin for help) Step 1 – The following instructions are for Mac OS X, tested on the Intel 64-bit platform. Note: OS X in virtual machine environment is not supported. a. Navigate Safari to the URL https://emea.cyberreadinesschallenge.com
b. Login to the Cisco SSL VPN Service Portal with your Cyber Readiness Challenge user name and password
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 17
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 18
c.
If the following screen appears, you may not have Java installed. Obtain Java from java.com, install it, and retry the previous step of logging into the SSL VPN Service Portal.
d. Click on “Yes” if the following security warning screen pops up
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 19
e. Click on Run when the following screen pops up:
f.
At this point, the Client Downloader should appear:
g. If prompted for system credentials, enter them and click OK:
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 20
h. If the installation was successful, the VPN connection should establish:
i.
Once connected, the following icon should appear as a Menu Bar Extra:
e. The VPN should now start.
4.2 Client Test Step 2 – Test AnyConnect Client. Note: This step may or may not be available prior to the event, and is optional but recommended. registration or event emails to see if it is offered.
Refer to your
a. Open Safari and navigate to the URL http://10.1.2.11
b. If you receive confirmation that the page loads, then you are now ready for the event c.
To quit or disconnect the VPN, click on the menu bar extra icon and select “Disconnect” or “Quit Cisco AnyConnect”
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 21
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 22
d. After installation, the VPN client can be accessed in the future by opening Cisco AnyConnect Secure Mobility Client from the Applications folder:
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 23
Appendices Appendix A:
Resources ............................................................................................................ 24
Copyright © 2013 Symantec Corporation. All rights reserved.
Page 24
Appendix A: Resources The following resources may be useful: BackTrack Linux BackTrack Linux is a penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. Based on open-source tools it has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester. The 32-bit version is recommended, and VMware and ISO images using the KDE or Gnome window managers are available. A pre-built virtual appliance is also available. BackTrack Linux: http://www.backtrack-linux.org/ Tutorial: http://www.backtrack-linux.org/tutorials/ Wiki: http://www.backtrack-linux.org/wiki/index.php/Main_Page VMware The VMware virtualization software, including the free VMware Player for Windows and VMware Fusion for Mac OS X, is available at: http://www.vmware.com/ VirtualBox The free VirtualBox virtualization software for Windows and Mac OS X is available at: http://www.virtualbox.org/
Copyright © 2013 Symantec Corporation. All rights reserved.
About Symantec Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored.
Symantec Corporation World Headquarters 350 Ellis Street Mountain View, CA 94043 USA +1 (650) 527 8000 www.symantec.com
For specific country offices and contact numbers, please visit our website. For Enterprise Sales in the U.S., call toll-free 1 (800) 721 3934.
Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.