Perv

asiv

e C

ompu

ting

Lab

The Lightway Approach to Build Cloud CyberSecurity Exercise Platform

National Center for High-Performance Computing Yi-Lun Pan (Serena Pan) serenapan@nchc.narl.org.tw

Perv

asiv

e C

ompu

ting

Lab Who’s Serena Pan??

�  I am an associate researcher in NCHC, Taiwan.

� Our project is Free Software, and also Open Source

� Virtualization technology (OpenStack and OpenNebula) and Cybersecurity technology

Perv

asiv

e C

ompu

ting

Lab Outline

� What is Ezilla Project? � What is Cybersecurity?? � What does Ezilla do for Cybersecurity?? � The Core Tech. of Ezilla ◦ How to Install Ezilla ◦ Demo

Perv

asiv

e C

ompu

ting

Lab What is Ezilla

� Ezilla is designed to help users to build their own Private Cloud easily!

� Ezilla provides an user-friendly interface and an easy way to customize and configure based on users’ needs!

� Ezilla is consisted with three parts: ◦ DRBL (Diskless Remote Boot in Linux), ◦ Cloud Middleware - OpenNebula ◦ Web Interface

Perv

asiv

e C

ompu

ting

Lab

I NN I? ? ,IMN NDJI JA )TD(DMF MM P LMDJI

h cI NN I? ? ,IMN

)TD f ad k

)TD P

Virtual Machines

)TD

)TD MN L

(5 , DIB SMN H ,H Bm jlio be

Perv

asiv

e C

ompu

ting

Lab

(DMNLD ON ?D MSMN H

)TD MN L

)TD P

Virtual Machines

)TD ,IN LA

I NN I? ? ,IMN NDJI JA)TD (DMF AO P LMDJI

MN ( K JSH IN

Perv

asiv

e C

ompu

ting

Lab What is Cybersecurity in NCHC??

� NCHC Cloud Cybersecurity Exercise Platform

Ezilla provides both user-friendly and straightforward interface for Cloud users. With One Click, Cloud users can build their own on-demand virtual cluster. �

Based on Cloud Service Infrastructure, CDX provides security training service, Capture the Flags (CTF) competition service, and virtual networking service for enterprise.�

Perv

asiv

e C

ompu

ting

Lab

Real Classroom Environment Limited � Hands on in Conference ◦ Unify Environment �  Time Consuming �  Hard Work ◦  Lots of Computers for Audiences �  Not enough computers �  Not enough networks

Perv

asiv

e C

ompu

ting

Lab

DLNO MMLJJH

DLNO MMLJJH

DLNO MMLJJH

DLNO MMLJJH

DLNO MMLJJH

DLNO MMLJJH

DLNO MMLJJH

DLNO MMLJJH

CSMD CDI M

jlpgn - Ezilla

Build Virtual Classroom

Perv

asiv

e C

ompu

ting

Lab What is Cybersecurity??

�  International Organization ◦ The Honeynet Project Cloud Security

Alliance FIRST Shadowserver Foundation…

�  International Conference ◦ The Honeynet Project Annual Workshop

Cloud Security Alliance Congress RSABlackhat DEFCon AVAR

Perv

asiv

e C

ompu

ting

Lab

What does Ezilla do for Cybersecurity? � Simplify demos and evaluations � Reduce development and support costs � Extend applications to the cloud

Perv

asiv

e C

ompu

ting

Lab

What does Ezilla do for Cybersecurity? � System manager: ◦ One click install build private cloud -> Fast

Installation ◦ Easy to manage VMs ->Build Multiple

Template � Users: ◦ Fast and user-friendly virtual environment ◦ Could access VM with the browser which

support HTML 5 (Google chrome / firefox) ◦ Could use RDP and ssh to access VM

Perv

asiv

e C

ompu

ting

Lab Use Case

� Who use Ezilla so far.. ◦  NTU, NCTU, NCKU.. ◦  Virtual Classroom –NCTU, NCHC and Inventec �  System SDN-based Networks �  Software Ezilla �  Hardware Zion Servers are provided by Inventec

Zion SDN-

based Networks

Inventoc Server

+ +

= 1000+ Virtual CDX Classroom

Perv

asiv

e C

ompu

ting

Lab

Create50Ubuntu�Create50Windows�Create200Linux�

It can generate a lot virtual machines (different OS or with specific application)

Perv

asiv

e C

ompu

ting

Lab

Windows�

Ubuntu�

Linux�

Clusters

Perv

asiv

e C

ompu

ting

Lab NCTU&NCHC Ezilla

� https://www.youtube.com/watch?v=jsDMUbZjnjk

Perv

asiv

e C

ompu

ting

Lab

Educational Purpose for Information Security �  NQJLF ( A IM I? NN F NAJLH L DIDIB◦  JOLM W DNC ( K NAJLH MNO? IN I ADI?Q FI MM M LP L I? NC I NJ KL ND I? P LDAS QC NNC S LI ?

◦  JHK NDNDJI W DNC ( K NAJLH N C LM IKLJPD? IS FDI? JA M I LDJ JHK NDNDJI

�  ,IAJLH NDJI OLDNS O I L D DND M L DIDIB◦  L DI CJQ NJ ADI? PO I L M LP L

◦  ,IAJLH NDJI M OLDNS ? N I SMDM PD + ?JJK OMN L

Perv

asiv

e C

ompu

ting

Lab

Educational Purpose for Information Security

Perv

asiv

e C

ompu

ting

Lab

Educational Purpose for Information Security

Perv

asiv

e C

ompu

ting

Lab

The Benefit of Cloud Virtual Classroom � No time and space limited, students can

enjoy seamless education.

20

After School

In Class

•  LF NK LPD–  J N ,IAJLH NDJI OLDNS K I JOL JJ FDN

•  MN OD ? )IPDLJIH IN

Marketplace

PRAGMACloud�

CDX Marketplace�INeedCloud�

Perv

asiv

e C

ompu

ting

Lab The Core Tech. of Ezilla

�  I NN I? ? ,IMN NDJI◦  FD FMN LNUKL M ?

�  JO? D?? Q L�  . , )U 5 ?DL N U DLN, U.

�  D PDLN�  K I O

�  V

�  A!M LPD ,IN LA◦  OD ? M L!ALD I? S )IPDLJIH IN

�  E R

�  +�  V

�  - O LS

Perv

asiv

e C

ompu

ting

Lab

The Core Tech. of Ezilla DRBL

�  Diskless Remote Boot in Linux ◦  NCHC Free Software Lab. ◦  Ezilla slave no need Hard Disk and Software ◦  Clonezilla is embedded, so you can copy and

reinstall computers at the same time ◦  Via PXE, you can install OS easily.

�  How does Ezilla Slave use DRBL? ◦  Ezilla Diskless Version �  Using Single System Image (SSI) mode �  After network booting, OS is executed in memory �  (SI HD RN IMDJI JHKONDIB L MJOL M�  RD H I B H IN

◦  Ezilla Disk Full Version �  Via PXE network booting, and then execute network

installation

Perv

asiv

e C

ompu

ting

Lab How to install Ezilla

� Ezilla Master

Perv

asiv

e C

ompu

ting

Lab ¨  ,NXM ?JI V C N J MS

¨  MDIB ) NJ L JJN )TD M P

Perv

asiv

e C

ompu

ting

Lab ¨  AN L (5 JJNDIBV

Perv

asiv

e C

ompu

ting

Lab The Demo – CDX Website

https://cdx.nchc.org.tw

Perv

asiv

e C

ompu

ting

Lab The Demo – CDX Website

https://cdx.nchc.org.tw

Perv

asiv

e C

ompu

ting

Lab The Demo – Create VM

Perv

asiv

e C

ompu

ting

Lab The Demo – Select Template

Perv

asiv

e C

ompu

ting

Lab The Demo – Network Interface

Perv

asiv

e C

ompu

ting

Lab The Demo – WebVNC

Perv

asiv

e C

ompu

ting

Lab What is SPARTA

� SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase.

� http://sparta.secforce.com

Perv

asiv

e C

ompu

ting

Lab The Demo – Use SPARTA

Perv

asiv

e C

ompu

ting

Lab The Demo – Use SPARTA

Perv

asiv

e C

ompu

ting

Lab The Demo – Armitage: Scan

machine

Perv

asiv

e C

ompu

ting

Lab The Demo – Armitage: Find Attacks

Perv

asiv

e C

ompu

ting

Lab The Demo – Armitage: Verify

Pattern

Perv

asiv

e C

ompu

ting

Lab The Demo – Armitage: Get into

Server

Perv

asiv

e C

ompu

ting

Lab

Thank You!