Lab – Set Up the IoT Security Lab Topology

Topology

Objectives
Part 1: Setup the Lab Environment
Part 2: Import the IoT Security Virtual Machines

Background / Scenario
Computing power and resources have increased tremendously over the last 10 years. A benefit of having
multicore processors and large amounts of RAM is the ability to use virtualization. With virtualization, one or
more virtual computers operate inside one physical computer. Virtual computers that run within physical
computers are called virtual machines (VMs). VMs are often called guests, and physical computers are often
called hosts. Anyone with a modern computer and operating system can run VMs.
In this lab, you will set up and explore the lab environment that will be used in this course. A VM is used for
many of the labs in this course. The VM is created with Oracle VirtualBox and an Oracle virtual appliance
(OVA) file. The OVA file contains a special version of Linux called Kali. Kali is a very popular Linux distribution
that contains many tools that are used for assessing network security. VirtualBox allows you to run this
version of Linux on a Mac or PC as a VM. You can use this VM to interact with other hosts on the lab network.
Note: Only use Kali tools on networks on which you are authorized to do so. Abuse of the Kali tools will be a
violation of your ethical hacking agreement.

 2018 - 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 5 www.netacad.com
Lab – Set Up the IoT Security Lab Topology

Required Resources
 Host computer with at least 4 GB of RAM and 15 GB of free disk space
 Oracle VirtualBox
 IoT Security Kali Linux OVA and Metasploitable OVA files
 Internet connection
 An Ethernet patch cable

Part 1: Setup the Lab Environment

Follow the directions of your instructor to build a lab topology similar to the one shown in the Topology section
of this lab. Your topology may differ slightly. For example, several PCs and Raspberry Pi devices may be
connected to the same switch. What is important is that you can identify your own target Raspberry Pi using
PL-App launcher.
Note: For now, do not connect Raspberry Pi devices to the network.

Step 1: Download and Install Oracle VirtualBox.

a. Navigate to the Oracle VirtualBox downloads page.
b. Choose and download the appropriate installation file for your operating system.
c. After you have downloaded the VirtualBox installation file, run the installer and accept the default
installation settings.
d. Download the IoT Security VM file from here: Kali OVA and Metasploitable OVA.

Step 2: Connect the Network Topology

a. Disconnect the PC from the school network and directly connect the PC to the Raspberry Pi with the
Ethernet patch cable.

Part 2: Import the IoT Security Virtual Machines

Step 1: Import the virtual machine appliance into VirtualBox.

You will open VirtualBox and import the IoT Security Kali VM .ova file to create a Kali virtual machine.
Note: The screen may look different depending on your version of VirtualBox.
a. Open VirtualBox. From the file menu, select: File > Import Appliance. Locate and select the
Kali_IoTSec.ova file that you downloaded and click Next.
b. A new window will appear presenting the settings suggested in the OVA archive. Check the "Reinitialize
the MAC address of all network cards" box at the bottom of the window. Leave all other settings as
default. Click Import.

 2018 - 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 5 www.netacad.com
Lab – Set Up the IoT Security Lab Topology

c. After the import is complete, VirtualBox will show the new Kali VM in its inventory. Your Kali Linux VM file
name might be different than the graphic shown below.

d. Repeat the import process for the Metasploitable VM.

Step 2: Verify Network Connectivity.

In this step, you will ensure that networking is configured between the VMs and the Raspberry Pi.
The host computer has been disconnected from the campus network and connected directly to the Raspberry
Pi. Because DHCP will no longer be available from the network DHCP service, we will need to run a Linux
shell script. The script will start a DHCP server on the Kali VM. This will provide the Raspberry Pi to with an IP
address. TCP/IP communication will then be established between the VMs and the Raspberry Pi.
a. Return to the VirtualBox VM player window. Highlight the Kali VM in the list.
b. Click the green Start arrow in the menu bar. After a brief delay, you should see a new window open that
displays a Username: field.
c. Enter the username of root and click Next to continue. Use toor for the password and click Sign in. If
you have typed the username incorrectly for the Kali VM, click Cancel to input the correct username.
d. After Kali starts, you should see the desktop as shown below.

e. Click the Terminal icon in the desktop applications bar as shown in the figure.

 2018 - 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 5 www.netacad.com
Lab – Set Up the IoT Security Lab Topology

f. Run the shell script that will configure IP addressing. To run the script, at the terminal prompt type the
following:
root@kali:~# ./lab_support_files/scripts/start_dhcp.sh
[ ok ] Starting isc-dhcp-server (via systemctl): isc-dhcp-server.service.
g. After the script executes, at the terminal prompt, type ifconfig.
root@kali:~# ifconfig
What IP address was assigned to the VM eth0 interface? ____________________________
h. Minimize the VirtualBox window and open PL-App. Select the Available Devices tab. You should see your
Raspberry Pi listed. Make note of the IP address of your Raspberry Pi.
IP address of the Raspberry Pi: ___________________________________
Note: If PL-App is not showing the IP address of the Raspberry Pi, use the command fping at the
terminal window to determine the IP address.
root@kali:~# fping -a -r 0 -g 203.0.113.0/24
Warning: The use of fping can be considered as an attack. Please do not use this command on a
production network.
i. Return to the VM. At a terminal prompt, ping the IP address of your Raspberry Pi. Use the -c 5 parameter
to limit your ping to five echo requests. If everything is working properly, you should see five successful
echo replies. You have now tested the connection between the Kali Linux virtual machine and the
Raspberry Pi.
j. Now open the Firefox ESR browser from the Kali desktop applications bar. Its icon is just above the
Terminal icon.
k. Type the IP address of the Raspberry Pi into the address bar and press Enter. You should see the
Jupyter notebooks home page appear.
Note: Because the VM shares the same network adapter as the physical computer, you can access the
Pi from either machine.
l. Start and log into the Metasploitable VM. Notice the displayed messages.
What is the login credential?
____________________________________________________________________________________
What is the IP address assigned to Metasploitable VM? What was the command used to determine the IP
address?
____________________________________________________________________________________
Note: To release the mouse from Metasploitable VM, press the right control key.

 2018 - 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 5 www.netacad.com
Lab – Set Up the IoT Security Lab Topology

m. To verify network connectivity, you should be able to ping all the VMs and the Raspberry Pi.

Step 3: Shut down the VMs.

a. In the VirtualBox menu in the Kali VM window, select File > Close.
b. Click the Save the machine state radio button and click OK. The next time you start the virtual machine,
you will be able to resume working in the operating system in its current state.
The other two options are:
 Send the shutdown signal: This option simulates safely shutting down a physical computer.
 Power off the machine: This option simulates an unsafe shutdown of a physical computer.
c. Repeat the shutdown process for the Metasploitable VM.

 2018 - 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 5 www.netacad.com