CYSE,VMware, Raspberry Pi

CYSE 450 Lab 1 High level overview of steps: 1. Install VMware 2. Install and configure Raspberry Pi 3. Install ssh 4. Secure the device 5. Test and submit report NOTE: If user ‘pi’ does not exist in your Raspberry Pi installation, you can skip the steps that involve user ‘pi’. Steps: 1. Install WMWare Download and install VMWare on your laptop or desktop. Pick the most current version. Make sure to pick the correct version for your device and OS.  For Windows, you can follow the link in this article: https://www.pcworld.com/article/2388668/vmware-workstation-pro-how-toinstall-the-free-professional-tool.html  For Mac, download VMware Fusion for macOS: https://www.techspot.com/downloads/2755-vmware-fusion-mac.html Note: You may need to register to Broadcom Support before downloading the software: https://support.broadcom.com/. 1 2. Install Raspberry Pi a. Download and install Raspberry Pi machine on your VM: https://www.raspberrypi.com/software/raspberry-pi-desktop/ . You can follow the installation steps in: https://singleboardbytes.com/1010/install-raspberry-pi-desktop-windows-vmware.htm Requirements:  Name your Pi machine “Pi ”. For example: “Pi qnguyeng”.  During installation, make sure to create the superuser with “super””super”. Example: “superqnguyeng”. b. Configure two network adapters: one using NAT, and the other one “Host Adapter”. 3. Install SSH a. Install and start the SSH. (Go to “Remote Access” section of the Pi documentation.) https://www.raspberrypi.com/documentation/computers/configuration.html#securingyour-raspberry-pi 4. Secure the device a. Use the instructions in the Raspberry Pi reference below to secure your Pi:  Make sudo require a password  Update the OS and packages.  Improve SSH security.  Create users “alice”, “bob”, “jane” and “john”  Allow “alice” and “bob” to SSH to your Pi  Deny “jane” and “john” to SSH to your Pi  Restart SSH (skip key-based authentication)  Install and configure the firewall. You should enable the firewall and add the following firewall rules:  Only allow port 22 over tcp  Limit login attempts on ssh port using tcp b. Add user . Note that this will be a regular user, without prefix “super”. c. Add this user to the same groups as the superuser:  $ groups 2  $ sudo usermod -G (the command with parameters is on Raspberry website)  Modify the ssh config file so that the new user can use SSH. d. Install fail2ban and set max retry to 3. e. Install a telnet client  $ sudo apt install telnet 5. Test and submit the report (15 pts) Submit the screenshot(s) of the tests below to BlackBoard, CYSE 450, Lab1 a. [1 pts] Show VMWare with your Raspberry Pi machine. b. [1 pts] Show the two network adapters being configured. c. [1 pts] Login to your Pi and show the version of the OS  $ uname –a (checks version of the OS)  $ cat /etc/os-release d. [1 pts] Connect to your network  Show the IP and MAC address network interface:  $ ifconfig  The MAC address is the 6 bytes after “ether” e. [1 pts] Do ssh to the Pi from a client  ssh @ f. [2 pts] Default userid security  $ su (replace with the one you created in Lab 1).  Show failed su command with passwords: , pi, raspberry (passwords will not show on screen)  $ su root  Should not be able to login as user root with default, no, or weak password  Show failed su command with passwords: , root, toor, raspberry (passwords will not show on screen) g. [2 pts] $ su  Show failed su command with no password (passwords will not show on screen)  Show successful su command with correct password (password will not display) h. [2 pts] $ sudo ufw status  Firewall should block all but port 22 i. [2 pts] Test SSH secure configuration from an SSH client  Show that “alice” and “bob” can ssh to your Pi machine  Show that “jane” and “john” cannot ssh to your Pi machine 3 j. [2 pts] Test fail2ban  Show that “alice” SSH login will be blocked after 3 unsuccessful attempts with incorrect passwords. 6. References a. VMWare:  https://www.pcworld.com/article/2388668/vmware-workstation-pro-how-toinstall-the-free-professional-tool.html  https://www.techspot.com/downloads/2755-vmware-fusion-mac.html b. Raspberry Pi  https://www.raspberrypi.com/software/raspberry-pi-desktop/  https://singleboardbytes.com/1010/install-raspberry-pi-desktop-windowsvmware.htm  https://www.raspberrypi.com/documentation/computers/ configuration.html#securing-your-raspberry-pi 4

 

attachment_1