Provide steps on how to prepare the virtual environment.
In this lab, you will perform an SQL injection to access the SQL database on the server. You will also
use the DNS service to facilitate data exfiltration.
a. Launch Oracle VirtualBox.
b. In the CyberOps Workstation window, verify that CyberOps Workstation has the
correct network settings. If necessary, select Machine > Settings > Network. Under
Attached To, select Internal Network. In the Name dropdown menu, select inside, then
click OK.
c. Start the CyberOps Workstation, Kali, Metasploitable, and Security Onion virtual
machines by selecting each one of them and clicking the Start button. The Start button
is located in VirtualBox’s toolbar.
d. Log into the CyberOps Workstation virtual machine, open a terminal and configure the
network by executing the configure_as_static.sh script.
Because the script requires super-user privileges, provide the password for the user
analyst.
```
analyst@secOps ~]$ sudo ./lab.support.files/scripts/configure_as_static.sh
[sudo] password for analyst:
Configuring the NIC as:
IP: 192.168.0.11/24
GW: 192.168.0.1
IP Configuration successful.
[analyst@secOps ~]$
```
e. Log into the Security Onion VM. Right-click the Desktop > Open Terminal Here.
Enter the sudo service nsm status command to verify that all the servers and sensors
are ready. This process could take a few moments. Repeat the command as necessary
until all the statuses for all the servers and sensors are OK before moving onto the next
part.
```
analyst@SecOnion:~/Desktop$ sudo service nsm status
Status: securityonion
* sguil server [ OK ]
Status: HIDS
* ossec_agent (sguil) [ OK ]
Status: Bro
Name Type Host Status Pid Started
manager manager localhost running 5577 26 Jun 10:04:27
proxy proxy localhost running 5772 26 Jun 10:04:29
seconion-eth0-1 worker localhost running 6245 26 Jun 10:04:33
seconion-eth1-1 worker localhost running 6247 26 Jun 10:04:33
seconion-eth2-1 worker localhost running 6246 26 Jun 10:04:33
Status: seconion-eth0
* netsniff-ng (full packet data) [ OK ]
* pcap_agent (sguil) [ OK ]
* snort_agent-1 (sguil) [ OK ]
* snort-1 (alert data) [ OK ]
* barnyard2-1 (spooler, unified2 format) [ OK ]
You might also like to view...
________ functions are useful when working with the complex logic in a database that contains dates
Fill in the blank(s) with correct word
Regardless of how storage devices are connected to a computer, ____ and/or names are typically assigned to each storage device.
A. letters of the alphabet B. vowels C. single-digit numbers D. special characters