Tuesday, 4 August 2020

Setting up eve-ng on Google Cloud for Virtualised Network testing

I've setup eve-ng on google cloud for the 0xCC training conference. Here are some walkthroughs on how to get started with your own lab for learning/testing networking configurations.

1. Initial Eve-ng Setup

Most of this is documented well in the following guide, there are just a few adjustments to the guide that I recommend when running something in a cloud environment.

Follow steps 1 - 4 in the google cloud install steps. https://www.eve-ng.net/index.php/documentation/installation/google-cloud-install/

After you've done step 4, that is you've created the virtual instance but eve-ng isn't installed yet, lock down access to your instance. Eve-ng installs itself with weak credentials.

Browse to the networking options in google cloud, select VPC network -> Firewall.


The rules that apply, apply just to this project, therefore, I removed the RDP rule and I locked down SSH and HTTP to just my IP address. Do this by clicking on the rule, selecting edit and entering your IP address in "IP ranges field" under "source filters".

From here continue on with the instructions 5 and 6 in the documentation. However, after rebooting the eve-ng install, change the root password.

By default the root password is root/eve - use commands similar to below to change it:

sudo -ipasswd (follow the prompts to change)
When you log into the web interface, also change the weak default password from admin/eve.

2. Setting up Images to deploy



3. To route from the simulation to the Internet

To allow the kali image and the routers to hit the Internet. I routed interface pnet9 through to pnet0 (the management interface). After doing the below - the Internet could be used by connecting to Cloud9 in the simulation.

Setting up pnet9 and the routing:


Make it persistent by:

Edit /etc/sysctl.conf and search for the following lines:
# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1
apt-get install iptables-persistent


/etc/network/interfaces:
iface pnet9 inet static
        address 192.168.255.1
        netmask 255.255.255.0
       

Configuring a DHCP server:




Running the command systemctl enable isc-dhcp-server will also ensure it starts on reboot.

4. Clone the VM

I created an instance for each student. The easiest way I found to clone a VM in Google Cloud was to first create a snapshot and then create an instance from the snapshot.

1. Create a snapshot from the VM to clone
2. Click on snapshot, select "create instance"