Skip to content

Exercise Environment Catalog

Overview

This catalog describes exercise environments currently available in the exercise area. Each environment description includes a list of exercises that are available in the Virginia Cyber Range courseware repository that cover a range of beginner to intermediate topics including reconnaissance and scanning, web application penetration testing, cryptography, password auditing, buffer overflow attacks, forensics, server hardening, incident response, and more. To access these exercise documents, be sure to request an instructor account on our Sign Up Page (available only to faculty at Virginia high schools, community colleges, and universities). With an instructor account in the exercise area, faculty can test these exercises and deploy them to students in their courses.

The Virginia Cyber Range routinely updates and creates new exercise environments, some catered toward specific courseware and others providing an open sandbox environment. Instructors should keep in mind that virtual environments for each exercise can be used for homeworks and labs other than the courseware provided by us. For example, the Cyber Basics environment includes resources necessary for all of the Cyber Basics exercises listed, but instructors can create new hands-on exercises based on the tools available in this environment. We encourage instructors to customize environments to fit their specific needs. If you would like to learn more about this, please see our guide on Customizing Exercise Environment Images.


Cyber Basics

This virtual environment is intended to be used for introductory to intermediate cybersecurity exercises and includes student access to a Kali Linux virtual machine that is in a subnet with a three other discoverable systems (described below). The environment can be used for network scans, web application vulnerability exploitation, basic penetration testing, as well as a variety of exercises that can be completed using a standalone Kali Linux system.

The Kali Linux VM has access to the Internet through a proxy that allows connections to standard web ports (HTTP and HTTPS). This allows students to access web pages from the virtual machine, as well as install packages on the virtual machine using the apt utility. Students can use sudo to execute commands as the root user.

The credentials for the Kali Linux virtual machine are (username/password): student/student.

Virtual Machine Descriptions

  1. Kali Linux Virtual Machine – This Linux distribution includes several tools for cybersecurity research and penetration testing. Users of this environment will have desktop access to this VM. User credentials (username/password) for his virtual machine are student/student.

  2. Vulnerable Web Server – This LAMP-based web server stack runs a vulnerable web service called DVWA and is intended to teach introductory web application penetration testing and web app security. To access this server from the Kali Linux computer, open a web browser in the Kali VM and enter this into the URL bar: http://dvwa. Credentials (username/password) for the vulnerable web application are admin/password.

  3. Samba Server – This Linux virtual machine is running Samba version 4.6.0, which is an outdated and vulnerable version of this service that can be exploited.

  4. File Server – This virtual machine is running vsftpd FTP service. While the service itself is not (intentionally) vulnerable, it allows anonymous login, some directory traversal by anonymous users, and there are accounts with weak passwords that can be exploited.

Corresponding Exercises

Click the links below to access exercise documents:

Additional Information

To the user, the Kali VM appears to exist in an x.x.x.x/20 network. To discover other systems in the environment, and the services running on each, the student can use the ipconfig command to determine their own IP address, then use nmap with their own IP with /20 appended to scan the subnet. An example is shown in the below image.

In the image, the terminal is open, which shows other systems in the enviroment, and what is running.


Introduction to Forensics (2020)

This virtual environment is intended to be used for introductory to intermediate hands-on digital forensics exercises. The environment is a stand-alone Ubuntu Linux virtual machine with a set of pre-installed tools for digital forensic investigations. Installed tools include Autopsy, Sleuthkit, Volatility, Regripper, Wireshark, and others. The login credentials for this virtual machine are student/student.

The only network access it has is to the Internet through a proxy that allows connections to standard web ports (HTTP and HTTPS). This allows students to access web pages from the virtual machine, as well as install packages on the virtual machine using the apt utility. Students can use sudo to execute commands as the root user.

This image shows the homepage of the Introduction to Forensics virtual enviroment.

Corresponding Exercises

This virtual machine includes digital forensic artifacts required to complete the following exercises from the Courseware Repository (click links to access exercise documents):


Windows Virtual Machine

This environment is a standalone windows virtual machine in its own virtual subnet. The only network access it has is to the Internet through a proxy that allows connections to standard web ports (HTTP and HTTPS). This allows students to access web pages from the virtual machine, as well as download and install software on the virtual machine. Students have administrator access when logged in.

The Windows Virtual Machine homepage is shown in the image.

Virtual Machine Description

Windows Server 2016 with Windows 10 experience – This Windows virtual machine feels and acts like a Windows 10 system so it will be familiar to students and faculty. User credentials (username/password) for this virtual machine are student/student.


Debian 10.9 XFCE (2021.05)

This environment is a standalone Debian virtual machine in its own virtual subnet. The only network access it has is to the Internet through a proxy that allows connections to standard web ports (HTTP and HTTPS). This allows students to access web pages from the virtual machine, as well as install packages on the virtual machine using the apt utility. Students can use sudo to execute commands as the root user.

This environment is special in the fact that it has a screen reader built-in to the virtual machine. The screen reader can be activated and deactivated by executing the following keyboard shortcut: CTRL+SHIFT+|. More information related to screen reader accessibility can be found here.

The Debian 10.9 XFCE (2021.05) homepage is shown in the image.

Virtual Machine Description

This virtual environment is a stand-alone Debian 10 (aka stable/buster) XFCE virtual machine. The login credentials for this virtual machine are student/student.


Ubuntu Linux Virtual Machine

This environment is a standalone Ubuntu Linux virtual machine in its own virtual subnet. The only network access it has is to the Internet through a proxy that allows connections to standard web ports (HTTP and HTTPS). This allows students to access web pages from the virtual machine, as well as install packages on the virtual machine using the apt utility. Students can use sudo to execute commands as the root user.

The Ubuntu Linux Virtual Machine homepage is shown in the image.

Virtual Machine Description

Ubuntu Linux 16.04 – This Ubuntu virtual machine uses the lightweight xfce windowing interface instead of Gnome, but is otherwise a basic Ubuntu desktop instance. User credentials (username/password) for this virtual machine are student/student.


Kali Linux Virtual Machine

This environment is a standalone Kali Linux virtual machine in its own virtual subnet. The only network access it has is to the Internet through a proxy that allows connections to standard web ports (HTTP and HTTPS). This allows students to access web pages from the virtual machine, as well as install packages on the virtual machine using the apt utility. Students can use sudo to execute commands as the root user.

The Kali Linux Virtual Machine homepage is shown in the image.

Virtual Machine Description

Kali Linux – This virtual machine uses the lightweight xfce windowing interface instead of Gnome, but is otherwise a basic Debian-based Kali desktop instance. User credentials (username/password) for this virtual machine are student/student.


Ubuntu with Snort and Other Tools (2019.1)

This virtual environment is a stand-alone Ubuntu Linux virtual machine in its own subnet. It includes software and artifacts to conduct exercises on password auditing, buffer overflow, firewall configuration, intrusion detection, and basic cryptography.

The user credentials (username/password) for this virtual machine are student/student.

Desktop View of Ubuntu


Corresponding Exercises

This virtual machine includes software and artifacts required to complete the following exercises from the Courseware Repository:


K12 Cyber Security Concepts Using Kali Linux

This virtual environment is intended to be used with the Introduction to Cybersecurity for High School Students and K12 Educators course. Using a Kali Linux virtual machine in this environment, students learn about various cyber security concepts through analysis of network traffic (PCAP files), CTF (Capture the Flag) style challenges, basic cryptography, web/HTML client side scripting and SQL injection exercises and more.

The homepage of K-12 Cyber Security Concepts using Kali Linux is shown in the image.

Virtual Environment Description

The Kali Linux Desktop VM has access to the Internet through a proxy that allows connections to standard web ports (HTTP and HTTPS). This allows students to access web pages from the virtual machine, as well as install packages on the virtual machine using the apt utility. Students can use sudo to execute commands as the root user.

This VM has been "seeded" with several flags and required files to complete assignments. A flag is usually a name of a file or data that students need to find as part of the assignment/assessment. Most of the homework assignments and assessments provide a "hands on" experience and are usually in the form of capture the flag.

User credentials (username/password) for this virtual machine are student/student.


Brigante

Brigante is a self-paced, hands-on exercise with multiple levels designed to familiarize beginners with the Linux user interface and terminal commands. It is based on OverTheWire.org's Bandit wargame. The game is presented as a series of increasingly difficult levels. Solving one level gives the user access to the next, and students will have to apply problem-solving skills as they make their way through the series of challenges. The game assumes the student can open a Linux terminal window to get to the command-line interface, but assumes little experience with Linux beyond that.

Students should log in to the Brigante environment with the credentials student/student. They should then open a web browser and browse to http://brigante.example.com for further instructions.

The Brigante game lists all available levels along the left side of the screen. Instructions for each level are present in the center of the screen.


CYBER.ORG Environment: Cybersecurity Environment

This dual virtual machine environment is for use with CYBER.ORG courseware content; curricula for this environment is available on the Cyber.org website.

These VMs support proxied web access but cannot directly send any packets outside its own network "bubble", i.e., no external ping/ICMP, traceroute, or even external DNS server queries can be used to get "out of the Range"

Virtual Machine Description

The version of Windows in this environment is older, more vulnerable, and unpatched by design; the Windows VM is only for educational use in cybersecurity education against a vulnerable target. For other use cases, modern licensed Windows VMs should be used. The login username/password on each VM is student/student. For root or admin access, use "sudo su -" on Kali and provide student password, and use "Run As Administrator" on Windows.


Laboratory Exercise: Host Based Network Security Basics

Multi-VM exercise environment used for a Beginner Plus level introduction to Linux-based host network security.

Virtual Environment Description

The environment for this exercise includes two VMs, an Ubuntu Linux VM and a CentOS Linux VM. The students harden one of the servers using instructions provided and use the other VM to externally test security configurations.

Lab Exercise Part 1

This first of two labs describes the process by which students harden Linux servers using the iptables firewall and how to use the Linux apparmor utility to impose mandatory access control (MAC) rules to restrict user access to resources on the system. It also introduces students to the Linux netstat utility to get information about ports and protocols open on their systems. Finally, students test their various security settings using a second virtual machine in the same network subnet.

Lab Exercise Part 2

This second of two labs has students continue host hardening by locking down local services and daemons, and securely configuring operating system and filesystem access. Students will learn more about host-based firewall configuration, learn how to install and manage packages, and use the fail2ban utility to identify and ban external hosts demonstrating malicious behavior such as brute-force password-guessing attacks. Students will also securely configure smpt, ssh, and apache daemons.


Laboratory Exercise: Compromised Server Security and Lockdown

This Beginner Plus level, real world lab has students log into a worm-infected CentOS Linux server (ssh terminal only) and follow prescribed steps to secure, clean up and lock down the infected server. Students will use utilities such as chkconfig, service, ps, and kill to examine running services and shut down potentially malicious ones; netstat and nmap to identify rogue network services; iptables to properly configure the firewall; and, package management software such as rpm and yum to verify and repair system packages.

Virtual Environment Description

  • The environment for this exercise includes two CentOS VMs. The students harden one of the servers using instructions provided and use the other VM to externally test security configurations.

Have a Question? Contact Support

We're here to help you. If you are still experiencing issues after trying the steps above, please feel free to submit a ticket with our support team and we'll get back to you as soon as possible.