1 00:00:03,360 --> 00:00:11,880 OK, so in the West, make sure we set up our Windows 10 workstation or point, and then I suggested 2 00:00:11,880 --> 00:00:14,370 that you set up your second workstation before you move on. 3 00:00:14,760 --> 00:00:19,770 So you can see I actually did that here once and I've got up. 4 00:00:20,370 --> 00:00:26,100 And don't worry, if you're not clear on which VM is what and subsequent lessons, we're actually going 5 00:00:26,100 --> 00:00:33,060 to install B.G., which is this internal tool that will display the hostname IP is a bunch of other 6 00:00:33,120 --> 00:00:34,280 system details to you. 7 00:00:34,620 --> 00:00:37,590 We're going to push it out from our domain control, the vehicle policy. 8 00:00:37,600 --> 00:00:38,520 That's gonna be really fun. 9 00:00:39,030 --> 00:00:42,750 But at this point, I just want to make sure that you've got your PC setup, right. 10 00:00:42,760 --> 00:00:47,850 So all we did was we went ahead and, you know, we set the hostname, we set the power settings, we 11 00:00:47,850 --> 00:00:54,300 installed VMware tools, we update the systems and we installed the audit policy configuration, the 12 00:00:54,300 --> 00:00:57,390 Parachilna logging, Zisman and Splunk. 13 00:00:57,540 --> 00:00:57,960 Right. 14 00:00:58,290 --> 00:00:59,940 And that's where we're at right now. 15 00:01:00,600 --> 00:01:04,470 We didn't really follow through all the way with the universal forwarder because we don't have the IP 16 00:01:04,470 --> 00:01:06,270 set up yet, but we're taking baby steps. 17 00:01:06,510 --> 00:01:10,860 And one thing I did want to show you that I did is if you go to the power. 18 00:01:11,900 --> 00:01:12,410 Plan. 19 00:01:13,290 --> 00:01:16,110 One thing I did was I just turned off the display to never. 20 00:01:17,100 --> 00:01:21,540 The way the display never shows like the screensaver, it never turns off, it's always available. 21 00:01:22,110 --> 00:01:27,510 But now when you're at this point, when you're at this point, we're ready to install our windows there, 22 00:01:27,600 --> 00:01:28,910 20 domain controller. 23 00:01:29,340 --> 00:01:30,990 And this is going to be great because it's going to be running. 24 00:01:30,990 --> 00:01:34,920 DNS is going to be running DCPI and it's going to be amazing. 25 00:01:34,920 --> 00:01:37,720 It's going to be really realistic and we need to get this started. 26 00:01:37,740 --> 00:01:39,810 So let me show you where you can go to get it. 27 00:01:40,140 --> 00:01:42,120 And the press control ought to escape the VM. 28 00:01:43,440 --> 00:01:47,430 And I'm going to go to Microsoft dot com again and dash us. 29 00:01:47,430 --> 00:01:52,530 Since I'm in the U.S. and the eval center, I'm going to get started and I'm going to go to Windows 30 00:01:52,530 --> 00:01:53,880 Server 2013. 31 00:01:55,360 --> 00:01:58,690 All right, then, once you get here, it's the signal to be all right, just make sure you get the 32 00:01:58,690 --> 00:02:05,380 ISO click, continue, put in your information and then it's going to basically permit you to download 33 00:02:05,920 --> 00:02:06,460 the bits. 34 00:02:07,910 --> 00:02:10,270 So continue and I speak English. 35 00:02:10,290 --> 00:02:14,600 I'm going to click download, it's going to download the ICEL, so let's go do that and we'll come back 36 00:02:14,600 --> 00:02:16,090 once this ICEL finishes downloading. 37 00:02:16,190 --> 00:02:17,140 I'll see you guys in a little bit. 38 00:02:17,630 --> 00:02:17,910 Right. 39 00:02:17,930 --> 00:02:20,990 So we've got the ISO downloaded and now we're going to set up the VM. 40 00:02:21,620 --> 00:02:23,770 You just go to file your virtual machine. 41 00:02:24,650 --> 00:02:25,130 Typical. 42 00:02:26,100 --> 00:02:30,630 And you don't want to install the disk image, you want to just say, I will install the operating system 43 00:02:30,630 --> 00:02:34,950 later, this parts really important because if you try to install the disc image, you're going to run 44 00:02:34,950 --> 00:02:35,510 into errors. 45 00:02:35,910 --> 00:02:38,520 I know it's counterintuitive, but trust me, I've done this so many times. 46 00:02:38,530 --> 00:02:39,330 This is the way to go. 47 00:02:39,940 --> 00:02:40,800 So we click next. 48 00:02:41,370 --> 00:02:44,280 We make sure that Microsoft Windows and set the Windows 1719. 49 00:02:45,450 --> 00:02:46,050 From the list. 50 00:02:47,030 --> 00:02:53,450 But next, the DC four domain controller is my path, of course, make sure you have enough space in 51 00:02:53,450 --> 00:02:57,920 a location receiving your VM because this can take up a significant amount of space you might want to 52 00:02:57,920 --> 00:02:59,800 use like an external drive or something like that. 53 00:03:00,720 --> 00:03:03,390 And afterward, as a single file with 60 gigs of space. 54 00:03:05,240 --> 00:03:07,940 Everything else is good here, some sniglet fish. 55 00:03:09,270 --> 00:03:15,690 Then I'm going to drag the DC in to the private group here, and then I'm just going to say at a virtual 56 00:03:15,690 --> 00:03:16,170 machine. 57 00:03:18,030 --> 00:03:19,670 And then I pointed to the ISO. 58 00:03:20,490 --> 00:03:25,950 No, I know that's a little bit backwards, but that's the way you got to do it for some reason, I 59 00:03:26,130 --> 00:03:26,910 really don't know why. 60 00:03:27,850 --> 00:03:30,400 All right, so we should be good there, let's power this Veum up. 61 00:03:32,510 --> 00:03:33,590 Click in presenter. 62 00:03:34,710 --> 00:03:41,820 Due to the I so I'm going to press control ought to skip the B.M. to close this bottom bar, then I'm 63 00:03:41,820 --> 00:03:44,940 going to click back into the VM to get back into the installation. 64 00:03:46,530 --> 00:03:46,890 All right. 65 00:03:46,890 --> 00:03:47,110 Sweet. 66 00:03:47,130 --> 00:03:49,350 So this is pretty much the way we did it for Windows 10, right? 67 00:03:49,360 --> 00:03:51,780 We're just going to click next install. 68 00:03:52,750 --> 00:03:57,190 Now we're going to install a desktop experience, if this were a production environment, you probably 69 00:03:57,190 --> 00:04:03,700 want to use the standard of evaluation or the data center evaluation or you wouldn't use the evaluation, 70 00:04:03,790 --> 00:04:04,660 use the license copy. 71 00:04:04,660 --> 00:04:11,200 But the point here is that these non desktop experience versions have a smaller attack surface because 72 00:04:11,650 --> 00:04:15,910 you don't have as many components to patch and therefore there's less to maintain as less downtime, 73 00:04:15,910 --> 00:04:18,100 the less interruption an impact to business. 74 00:04:18,610 --> 00:04:21,770 And of course, there's less targets for an attacker to exploit. 75 00:04:22,240 --> 00:04:28,330 So, you know, obviously the best practice here is to make sure that you are installing a non GUI version 76 00:04:28,630 --> 00:04:29,710 in a production environment. 77 00:04:30,370 --> 00:04:31,470 At least that's my advice. 78 00:04:31,480 --> 00:04:35,710 But since we want to learn about, you know, hack and want to learn about, you know, all the techniques 79 00:04:35,710 --> 00:04:39,070 that attackers are using, it's going to make more sense for us in our learning environment to use a 80 00:04:39,070 --> 00:04:40,030 desktop experience. 81 00:04:41,320 --> 00:04:42,280 So next. 82 00:04:44,470 --> 00:04:46,370 All right, sweet license terms. 83 00:04:46,390 --> 00:04:52,180 Yep, yep, yep, custom and I'm going to quit next year, this drive right here, which is on our Veum, 84 00:04:52,180 --> 00:04:54,130 our guest, not our host. 85 00:04:55,480 --> 00:04:57,680 All right, very cool, so we're off to the races. 86 00:04:57,700 --> 00:05:03,100 Let's let this thing go and then once it finishes, we will come back and set up the local administrator 87 00:05:03,100 --> 00:05:05,200 account for the server. 88 00:05:05,680 --> 00:05:06,670 I'll see you guys in a little bit. 89 00:05:07,060 --> 00:05:07,570 All right. 90 00:05:07,570 --> 00:05:08,200 Very cool. 91 00:05:08,230 --> 00:05:10,630 So we went ahead and complete the installation process. 92 00:05:10,630 --> 00:05:11,800 It took about five minutes. 93 00:05:11,890 --> 00:05:19,270 My IBM, that's going to go ahead and type in an intentionally weak administrator, local administrator 94 00:05:19,270 --> 00:05:20,700 password for this account. 95 00:05:21,100 --> 00:05:21,540 Why? 96 00:05:22,000 --> 00:05:23,310 Because we're learning, right? 97 00:05:23,350 --> 00:05:25,600 We want to make it easy for us to exploit these systems. 98 00:05:25,850 --> 00:05:32,620 And if you want to make it more realistic, you could Google RockYou text, OK, just Google RockYou 99 00:05:32,620 --> 00:05:38,920 that text and a GitHub and you can just select a password from inside that list and out of here and 100 00:05:38,920 --> 00:05:41,400 then you can later try to crack it open into all that later. 101 00:05:41,410 --> 00:05:43,560 So don't let's not dig into that. 102 00:05:43,600 --> 00:05:45,580 Let's not go that route too early. 103 00:05:45,610 --> 00:05:50,290 OK, we still have a lot to go and we want to make sure that you guys have a solid cyber range setup 104 00:05:50,560 --> 00:05:52,360 before we start hacking and breaking things. 105 00:05:52,990 --> 00:05:53,370 All right. 106 00:05:53,380 --> 00:05:55,200 So I got my password in here. 107 00:05:55,240 --> 00:05:56,590 I'm going to click finish. 108 00:05:58,110 --> 00:06:02,580 Finalize my settings, all right, sweet, so since press control delete to unlock, but since we're 109 00:06:02,580 --> 00:06:06,420 in a van, that's not going to work because it will lock my post-box. 110 00:06:06,420 --> 00:06:08,190 I need to press control alt insert. 111 00:06:09,490 --> 00:06:11,770 And then I can log in with the passive I just created. 112 00:06:13,250 --> 00:06:17,150 All right, doing what I love my piece to be discovered by other pieces. 113 00:06:17,180 --> 00:06:17,930 Sure, we can do that. 114 00:06:18,350 --> 00:06:21,890 You know, once we get this thing set up and we have it updated, we're actually going to change it 115 00:06:21,890 --> 00:06:24,470 over from being using that. 116 00:06:25,190 --> 00:06:29,570 See, look, if I go here and I saw this from using the network adapter, not to using a host on the 117 00:06:30,380 --> 00:06:35,620 network, which means that the connection will be restricted to my host, the Internet will be severed. 118 00:06:36,110 --> 00:06:39,560 And don't worry, it's going to make sense a little bit later because we're actually going to set up 119 00:06:39,560 --> 00:06:43,550 our open sense firewall to basically function as a gateway. 120 00:06:43,580 --> 00:06:46,580 Are we going to send all of our outbound traffic through it on the way out? 121 00:06:47,180 --> 00:06:48,320 So don't worry. 122 00:06:48,350 --> 00:06:49,340 I know I'm talking ahead. 123 00:06:49,780 --> 00:06:53,300 There's a lot that we have in store, but let's just leave this video right here for now. 124 00:06:53,660 --> 00:06:56,810 I'm going I'm just going to click on local server and we're going to leave it here. 125 00:06:56,810 --> 00:06:58,730 And then in the next lecture, we're just going to set it up. 126 00:06:58,730 --> 00:06:59,930 So we're going to change the hostname. 127 00:07:00,290 --> 00:07:02,660 We're going to, you know, install the updates. 128 00:07:02,670 --> 00:07:06,560 We'll do everything we did for PC one and hopefully that you already different PC to. 129 00:07:06,950 --> 00:07:09,680 And then from there, we can continue our configuration. 130 00:07:10,010 --> 00:07:16,250 We want to set this machine up as a domain controller, as a DNS server, and also as a server for all 131 00:07:16,250 --> 00:07:19,220 of our lab machines and a bunch of other stuff. 132 00:07:19,220 --> 00:07:25,610 So I'll see you guys in the next lecture and dig into one configuration for our windows 1719 to make 133 00:07:25,880 --> 00:07:27,350 it seem a bit like.