fran ois lesueur
play

Franois Lesueur francois.lesueur@insa-lyon.fr @FLesueur - PowerPoint PPT Presentation

Jan 15, 2024 •350 likes •637 views

Mini-Internet using LXC (MI-LXC) : A first step towards a free CyberRange ? Franois Lesueur francois.lesueur@insa-lyon.fr @FLesueur https://github.com/flesueur/mi-lxc Pass The SALT, July 2 2019 INSA Lyon, Dpartement Tlcommunications,

  1. Mini-Internet using LXC (MI-LXC) : A first step towards a free CyberRange ? François Lesueur francois.lesueur@insa-lyon.fr @FLesueur https://github.com/flesueur/mi-lxc Pass The SALT, July 2 2019 INSA Lyon, Département Télécommunications, Services et Usages, CITI, DynaMid group

  2. Cyberranges MI-LXC Demo What’s next ? #whoami Professional side Associate Prof at INSA Lyon Teacher and researcher on empowering infosec Personal side Long time Debian GNU/Linux user Long time self-hosted too Half craftsman, half plumber And on both sides. . . Fear an oligopoly on knowledge/data possession/security MI-LXC - François Lesueur 2 / 18 �

  3. Cyberranges MI-LXC Demo What’s next ? Cyberranges: Platforms to train people on realistic security scenarios MI-LXC - François Lesueur 3 / 18 �

  4. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges C y b e r C a r t First you need a cart with some fancy name MI-LXC - François Lesueur 4 / 18 �

  5. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges C y b e r C a r t Some dedicated hardware racked into it MI-LXC - François Lesueur 4 / 18 �

  6. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges Framework C y b e r C a r t A framework to populate VMs MI-LXC - François Lesueur 4 / 18 �

  7. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges Scenarios Framework C y b e r C a r t Some scenarios to play MI-LXC - François Lesueur 4 / 18 �

  8. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges Scenarios Framework C y AI b e AI r C a r t Of course you need AI to be taken seriously. . . MI-LXC - François Lesueur 4 / 18 �

  9. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges Scenarios Framework C y AI b e AI r C a r t Blockchain . . . and it is backed by some blockchain for securitay ! MI-LXC - François Lesueur 4 / 18 �

  10. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges Cyber-Bullshit Scenarios Framework C Cyber-Bullshit y AI b e AI r C a r t Blockchain And surrounded (well, sold) by some cyber-bullshit MI-LXC - François Lesueur 4 / 18 �

  11. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges Cyber-Bullshit Scenarios Framework C Cyber-Bullshit y AI b e AI r C a r t Blockchain We can run without dedicated hardware. . . MI-LXC - François Lesueur 4 / 18 �

  12. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges Cyber-Bullshit Scenarios Framework C Cyber-Bullshit y AI b e AI r C a r t Blockchain . . . and we don’t really need any bullshit MI-LXC - François Lesueur 4 / 18 �

  13. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges Cyber-Bullshit Scenarios Framework C Cyber-Bullshit y Python AI b e Python AI r C a r t Blockchain AI is just python scripts, right ? MI-LXC - François Lesueur 4 / 18 �

  14. Cyberranges MI-LXC Demo What’s next ? Some insights on cyberranges Cyber-Bullshit Scenarios M Framework I - L C X Cyber-Bullshit C y Python AI b e Python AI r C a r t Blockchain Finally, we need some framework to bootstrap scenarios MI-LXC - François Lesueur 4 / 18 �

  15. Cyberranges MI-LXC Demo What’s next ? MI-LXC: A Framework to build virtual infrastructures MI-LXC - François Lesueur 5 / 18 �

  16. Cyberranges MI-LXC Demo What’s next ? A Mini-Internet What ? An environment as close as possible to the real internet Information systems (with open services SMTP/HTTP, centralized authentication, file servers, backup, VPN, . . . ) Interconnection (AS BGP) Common services (DNS root, IANA numbering) How ? Versionable, versatile ⇒ Program the infrastructure SLOC-scalable ⇒ Mutualize lines Rapid to execute, easy to use. . . MI-LXC - François Lesueur 6 / 18 �

  17. Cyberranges MI-LXC Demo What’s next ? Existing frameworks Networking frameworks but with no facilities for creating various hosts (Marionnet, Internet Simulator) Docker-based tools without init and thus no complete systems (Dockernet, Kathara) Labtainers, based on Docker, uses a deprecated image with systemd + high code complexity SecGen geared towards creating vulnerable VMs rather than large systems (Virtualization) And so... Let’s create a new one ;) MI-LXC - François Lesueur 7 / 18 �

  18. Cyberranges MI-LXC Demo What’s next ? Related tools "Virtualization" VM ? Too resource-expensive Containers ! LXC (no init in docker) Bootstrapping Vagrant is more VM-ish (LXC plugin unmaintened) LXC Python binding allows to create containers Provisionning Puppet/Ansible deal with mass/run problems we don’t have Bash scripts MI-LXC - François Lesueur 8 / 18 �

  19. Cyberranges MI-LXC Demo What’s next ? MI-LXC: the generation part A Python script Creates LXC containers Topology specified in a JSON file Customized provisionning for each container Templates (mail server, mail client, BGP router, . . . ) 410 SLOC in mi-lxc.py MI-LXC - François Lesueur 9 / 18 �

  20. Cyberranges MI-LXC Demo What’s next ? MI-LXC: the current infrastructure 1/2 At the global level A IANA-like authority, attributing ASN, IP space and TLDs An alternative DNS root, augmenting the real root with a .milxc Several AS (transit, ISP, organization), BGP routing An Open DNS resolver At some local levels DNS zones for target.milxc and isp-a.milxc SMTP servers for @target.milxc and @isp-a.milxc Graphical mail clients (configured) HTTP with a dokuwiki on www.target.milxc Suricata, OSSEC, Prelude, NSD, BIRD, Postfix, Dovecot, . . . MI-LXC - François Lesueur 10 / 18 �

  21. Cyberranges MI-LXC Demo What’s next ? MI-LXC: the current infrastructure 2/2 Initial mini-internet 20 containers, 8 internal bridges, 4GB HDD, 800MB RAM 698 lines in all provisionning scripts, 165 lines in the topology JSON And so Versionnable SLOC-scalable Quite small memory/HDD/CPU footprint MI-LXC - François Lesueur 11 / 18 �

  22. Cyberranges MI-LXC Demo What’s next ? What we can do ? Legit Send mails DNS query inside MI-LXC and outside (the real internet) Access remote webpages hosted on a container Monitor/Filter traffic Attacks DNS and BGP attacks Phishing Open (reverse-)shells Pivot inside a private network . . . MI-LXC - François Lesueur 12 / 18 �

  23. Cyberranges MI-LXC Demo What’s next ? Demo MI-LXC - François Lesueur 13 / 18 �

  24. Cyberranges MI-LXC Demo What’s next ? Topology MI-LXC - François Lesueur 14 / 18 �

  25. Cyberranges MI-LXC Demo What’s next ? How to use it ? GNU/Linux (Debian, Ubuntu, Arch, Kali) git clone https://github.com/flesueur/mi-lxc.git ./mi-lxc create (15-20 minutes) ./mi-lxc start ./mi-lxc attach dmz ; ./mi-lxc display hacker ./mi-lxc print Other systems git clone https://github.com/flesueur/mi-lxc.git cd vagrant && vagrant up (20-25 minutes) ./mi-lxc start (inside the VM) ./mi-lxc attach dmz ; ./mi-lxc display hacker ./mi-lxc print MI-LXC - François Lesueur 15 / 18 �

  26. Cyberranges MI-LXC Demo What’s next ? What’s next ? MI-LXC - François Lesueur 16 / 18 �

  27. Cyberranges MI-LXC Demo What’s next ? And now ? ? Cyber-Bullshit S c e n a r i o s MI-LXC F r a m C e Cyber-Bullshit w o r k y Python AI b e Python AI r C a r t Blockchain More scenarios Python activity inside the infrastructure Infrastructure / Security tools to support various situations MI-LXC - François Lesueur 17 / 18 �

  28. Mini-Internet using LXC (MI-LXC) : A first step towards a free CyberRange ? François Lesueur francois.lesueur@insa-lyon.fr @FLesueur https://github.com/flesueur/mi-lxc Pass The SALT, July 2 2019 INSA Lyon, Département Télécommunications, Services et Usages, CITI, DynaMid group

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Entering the Quantum Griffiths Phase of a Disordered Superconductor Jrme Lesueur Physics and

Entering the Quantum Griffiths Phase of a Disordered Superconductor Jrme Lesueur Physics and

Entering the Quantum Griffiths Phase of a Disordered Superconductor Jrme Lesueur Physics and Materials Laboratory (LPEM) ESPCI CNRS UPMC Paris SIT 2018 Villars de Lans People PhD & PDF : A. Jouan G. Singh - J. Biscaras

902 views • 43 slides
IoTMap: a modelling system for heterogeneous IoT networks Jonathan Tournier Franois Lesueur,

IoTMap: a modelling system for heterogeneous IoT networks Jonathan Tournier Franois Lesueur,

IoTMap: a modelling system for heterogeneous IoT networks Jonathan Tournier Franois Lesueur, Frdric Le-Moul (CITI-INSA Lyon) Laurent Guyon, Hicham Ben-Hassine (Algosecure) first.last@insa-lyon.fr first.last@algosecure.fr :

379 views • 16 slides
ASIC Implementations of the Block Cipher SEA for Constrained Applications e , Fran

ASIC Implementations of the Block Cipher SEA for Constrained Applications e , Fran

ASIC Implementations of the Block Cipher SEA for Constrained Applications e , Fran cois-Xavier Standaert , Jean-Jacques Quisquater Fran cois Mac UCL Crypto Group, Universit e Catholique de Louvain. e-mails:

289 views • 12 slides
Laying the Groundwork for Success in the Information Age Dr. Fran Berman Vice President for

Laying the Groundwork for Success in the Information Age Dr. Fran Berman Vice President for

Laying the Groundwork for Success in the Information Age Dr. Fran Berman Vice President for Research Professor of Computer Science Rensselaer Polytechnic Institute Fran Berman Ken Kennedy Pioneer, Colleague, Inspiration, Friend Ken

566 views • 25 slides
Public hearings Public hearings Fran ois ois Hou Hou ez ez, 21 March 2012 , 21

Public hearings Public hearings Fran ois ois Hou Hou ez ez, 21 March 2012 , 21

Public hearings Public hearings Fran ois ois Hou Hou ez ez, 21 March 2012 , 21 March 2012 Fran Patients interest for PUBLI C HEARI NGS ON MEDI CI NES I N EUROPE 2 Our expectations Participation in decision making by

292 views • 14 slides
EE-559 Deep learning 8. Under the hood Fran cois Fleuret https://fleuret.org/dlc/

EE-559 Deep learning 8. Under the hood Fran cois Fleuret https://fleuret.org/dlc/

EE-559 Deep learning 8. Under the hood Fran cois Fleuret https://fleuret.org/dlc/ [version of: June 5, 2018] COLE POLYTECHNIQUE FDRALE DE LAUSANNE Understanding a networks behavior Fran cois Fleuret EE-559 Deep

2.38k views • 197 slides
R meets JEdit ... yet another R editor ? Romain Fran cois Independent R Consultant

R meets JEdit ... yet another R editor ? Romain Fran cois Independent R Consultant

R meets JEdit ... yet another R editor ? Romain Fran cois Independent R Consultant francoisromain@free.fr R meets Jedit About me Romain Fran cois Experience with R Background features tour Tree Display of code Error/Warning list

282 views • 13 slides
EE-559 Deep learning 6. Going deeper Fran cois Fleuret https://fleuret.org/dlc/ [version

EE-559 Deep learning 6. Going deeper Fran cois Fleuret https://fleuret.org/dlc/ [version

EE-559 Deep learning 6. Going deeper Fran cois Fleuret https://fleuret.org/dlc/ [version of: June 11, 2018] COLE POLYTECHNIQUE FDRALE DE LAUSANNE Benefits and challenges of greater depth Fran cois Fleuret EE-559 Deep

2.02k views • 177 slides
EE-559 Deep learning 7. Networks for computer vision Fran cois Fleuret

EE-559 Deep learning 7. Networks for computer vision Fran cois Fleuret

EE-559 Deep learning 7. Networks for computer vision Fran cois Fleuret https://fleuret.org/dlc/ [version of: June 8, 2018] COLE POLYTECHNIQUE FDRALE DE LAUSANNE Tasks and data-sets Fran cois Fleuret EE-559 Deep learning

1.93k views • 170 slides
HTTPS Traffic Classification Wazen M. Shbair, Thibault Cholez, J er ome Fran cois,

HTTPS Traffic Classification Wazen M. Shbair, Thibault Cholez, J er ome Fran cois,

HTTPS Traffic Classification Wazen M. Shbair, Thibault Cholez, J er ome Fran cois, Isabelle Chrisment J er ome Fran cois Inria Nancy Grand Est, France jerome.francois@inria.fr NMLRG - IETF95 April 7th, 2016 1 / 26 The HTTPS

292 views • 28 slides
EE-559 Deep learning 11. Recurrent Neural Networks and Natural Language Processing Fran

EE-559 Deep learning 11. Recurrent Neural Networks and Natural Language Processing Fran

EE-559 Deep learning 11. Recurrent Neural Networks and Natural Language Processing Fran cois Fleuret https://fleuret.org/dlc/ June 16, 2018 COLE POLYTECHNIQUE FDRALE DE LAUSANNE Inference from sequences Fran cois Fleuret

1.3k views • 104 slides
AMMI Introduction to Deep Learning 1.3. What is really happening? Fran cois Fleuret

AMMI Introduction to Deep Learning 1.3. What is really happening? Fran cois Fleuret

AMMI Introduction to Deep Learning 1.3. What is really happening? Fran cois Fleuret https://fleuret.org/ammi-2018/ Wed Aug 29 16:56:56 CAT 2018 COLE POLYTECHNIQUE FDRALE DE LAUSANNE (Zeiler and Fergus, 2014) Fran cois Fleuret

615 views • 16 slides
AMMI Introduction to Deep Learning 8.3. Visualizing the processing in the input Fran cois

AMMI Introduction to Deep Learning 8.3. Visualizing the processing in the input Fran cois

AMMI Introduction to Deep Learning 8.3. Visualizing the processing in the input Fran cois Fleuret https://fleuret.org/ammi-2018/ Thu Sep 6 15:58:38 CAT 2018 COLE POLYTECHNIQUE FDRALE DE LAUSANNE Occlusion sensitivity Fran

687 views • 46 slides
AMMI Introduction to Deep Learning 8.2. Looking at activations Fran cois Fleuret

AMMI Introduction to Deep Learning 8.2. Looking at activations Fran cois Fleuret

AMMI Introduction to Deep Learning 8.2. Looking at activations Fran cois Fleuret https://fleuret.org/ammi-2018/ Fri Nov 9 22:39:02 UTC 2018 COLE POLYTECHNIQUE FDRALE DE LAUSANNE Convnet internal layer activations Fran cois

748 views • 50 slides
Linearized internal functionals for anisotropic conductivities Chenxi Guo Chenxi Guo Chenxi Guo

Linearized internal functionals for anisotropic conductivities Chenxi Guo Chenxi Guo Chenxi Guo

Linearized internal functionals for anisotropic conductivities Chenxi Guo Chenxi Guo Chenxi Guo Chenxi Guo joint work with Guillaume Bal Guillaume Bal Guillaume Bal and Fran Guillaume Bal Fran Fran Fran ois Monard ois Monard

359 views • 17 slides
Rare metabolic diseases: the miglustat experience Fran Platt Fran Platt Department of

Rare metabolic diseases: the miglustat experience Fran Platt Fran Platt Department of

Rare metabolic diseases: the miglustat experience Fran Platt Fran Platt Department of Pharmacology Department of Pharmacology University of Oxford University of Oxford The lysosome lysosome is an organelle involved in The is an organelle

550 views • 25 slides
A Day Has Only 241 Hours Miroslav ediv eumiro 1 / 71 A Day Has Only 241 Hours

A Day Has Only 241 Hours Miroslav ediv eumiro 1 / 71 A Day Has Only 241 Hours

A Day Has Only 241 Hours Miroslav ediv eumiro 1 / 71 A Day Has Only 241 Hours eumiro soluteTech 2 / 71 A Day Has Only 241 Hours check the time eumiro soluteTech 3 / 71 A Day Has Only 241 Hours check the time

896 views • 71 slides
Networking 192.168.1. 101 By: Vince Disclaimer I am NOT a Networking expert you might ask

Networking 192.168.1. 101 By: Vince Disclaimer I am NOT a Networking expert you might ask

Networking 192.168.1. 101 By: Vince Disclaimer I am NOT a Networking expert you might ask questions that I dont know the answer to Networking is hard to teach but I know how to do your homeworks so that counts for something,

780 views • 52 slides
Such a Rich Set of Affordances! Mike Amundsen @mamund http://g.mamund.com/great-apis "I

Such a Rich Set of Affordances! Mike Amundsen @mamund http://g.mamund.com/great-apis "I

Such a Rich Set of Affordances! Mike Amundsen @mamund http://g.mamund.com/great-apis "I wish I had this book 20 years ago." "A great classroom text or web guide." "Useful in a way that doesn't tie it to specific

967 views • 73 slides
Design Rationale for the <chrono> Library Howard Hinnant Ripple Meeting C++ 2019

Design Rationale for the <chrono> Library Howard Hinnant Ripple Meeting C++ 2019

Design Rationale for the <chrono> Library Howard Hinnant Ripple Meeting C++ 2019 Structure of <chrono> Durations: Introduced in C++11 These six durations represent the hours convenient high- minutes level access.

1.25k views • 98 slides
tough choices Ulle Endriss Institute for Logic, Language and Computation Universiteit van

tough choices Ulle Endriss Institute for Logic, Language and Computation Universiteit van

KIEZEN van Fermis Gold Boys tough choices Ulle Endriss Institute for Logic, Language and Computation Universiteit van Amsterdam outlook: making choices in a group theres more than one voting rule the

504 views • 19 slides
Learning: from CP to SAT and back again Ian Gent University of St Andrews Topics in this Series

Learning: from CP to SAT and back again Ian Gent University of St Andrews Topics in this Series

Learning: from CP to SAT and back again Ian Gent University of St Andrews Topics in this Series Why SAT & Constraints? SAT basics Constraints basics Encodings between SAT and Constraints Watched Literals in SAT and

851 views • 67 slides
Law and regulatory issues Markus Peuhkuri 2005-04-26 Lecture topics Legal issues Main focus on

Law and regulatory issues Markus Peuhkuri 2005-04-26 Lecture topics Legal issues Main focus on

Law and regulatory issues Markus Peuhkuri 2005-04-26 Lecture topics Legal issues Main focus on Finland (EU) IANAL, law is not a set of axioms however, law must be understood by common

265 views • 9 slides
Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL

Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL

Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL TIEMPO S.A.S. December 3, 2019 1 Outline Connected Objects Securing IoT with a hardware Secure Element Introduction Securing Treats

537 views • 10 slides

More recommend