SEED:

Developing Instructional Laboratories for Computer SEcurity EDucation

Lab Environment

The SEED lab environment includes VMware, Minix, and Linux. This environment is used for all the projects in this course, and getting familiar with them is critical.
  • Virtual Machine Software:
    • Install VMware workstation. If you are a student at Syracuse University, you can get a copy of the software for free. This free copy is provided by VMware via its academic program (VMAP). If you are an instructor from another university, you can get free licenses of most of VMware products for the students in your class. All you need to do is to register into the VMAP program (this used to be free, now each institute needs to pay $250 annual subscription fee). You can install the software on your personal computers (Windows, Linux, and Mac), as long as you comply with VMAP's license agreement.
    • If your institute does not want to pay the $250 subscription fee, you can ask students to install VMware Player, which can be downloaded free.

  • Operating System for Linux-based Labs: Install Ubuntu Linux (any recent version) as a guest operating system on VMware virtual machine. You can download this OS from the Internet. For the web-base labs (including Cross-Site Scripting, Cross-Site Request Forgery, SQL-Injection, and Web Browser Access Control Labs), you need to use our pre-built Ubuntu virtual machine image, because these labs depends on some specific web applications that have been modified by us. We have also installed all the necessary tools, software, and libraries in our pre-built VM image. You can get this VM image from our web server (if you have a trouble downloading the image, feel free to send an email to wedu@syr.edu, and we will help you download the VM image):

    • SEEDUbuntu9_August_2010.tar.gz: You can also try our mirror sites if you are closer to them. If none of the links work, let me know, and I will find a way. This image, built in August 2010, is based on Ubuntu 9.11. Here is the user manual, which includes the account and password information, list of software and servers installed, and configuration. To use this image, do the following:
      1. Download the image (a gzipped file).
      2. Unzip it using the command "tar xzvf SEEDUbuntu9_August_2010.tar.gz".
      3. Load the image into VMware Workstation 6.5.0 (or newer), VMware Player, or VMware server.
    • Mirror sites
      • SEEDUbuntu9_August_2010.tar.gz at Koç University (Turkey), hosted by Prof. Alptekin Küpçü.
      • We welcome volunteers who are willing to host this big VM image (1.1 GB) on their servers.
    • Note: If you want to run this VM image from a USB flash drive, you may want to read the document by Adam Eisenstadt, titled "USB Flash Drive Speed and Usability Tests for SEEDUbuntu9", which indicates that not all USB Flash Drives are suitable for running the SEEDUbuntu9 image. Please contact Adam for further questions (his email is in the document).

  • For Minix-based labs: if your course needs to use a Minix-based lab, you need to install Minix 3 as a guest operating system on VMware virtual machine. You can go through the installation of Minix 3, or directly use a pre-built minix3 virtual machine. You can get both from the minix3 web site.

  • Netwox Tools Most of the network attack labs (including DNS attack, TCP/IP attack) need some special tools, so you can construct arbitrary packets. We have been using Netwox. Install the netwox tools. Here are the manuals of netwox, netwib, and netwag. Netwox is already installed in our pre-built Ubuntu VM image.

Installation Documents

The following documents are for older version of VMware (4.5); there might be differences in recent version of VMware. Therefore, they are put here only for reference purposes.

Reference Links