Tuesday 4 August 2020

Setting up eve-ng on Google Cloud for Virtualised Network testing

I've setup eve-ng on google cloud for the 0xCC training conference. Here are some walkthroughs on how to get started with your own lab for learning/testing networking configurations.

1. Initial Eve-ng Setup

Most of this is documented well in the following guide, there are just a few adjustments to the guide that I recommend when running something in a cloud environment.

Follow steps 1 - 4 in the google cloud install steps. https://www.eve-ng.net/index.php/documentation/installation/google-cloud-install/

After you've done step 4, that is you've created the virtual instance but eve-ng isn't installed yet, lock down access to your instance. Eve-ng installs itself with weak credentials.

Browse to the networking options in google cloud, select VPC network -> Firewall.


The rules that apply, apply just to this project, therefore, I removed the RDP rule and I locked down SSH and HTTP to just my IP address. Do this by clicking on the rule, selecting edit and entering your IP address in "IP ranges field" under "source filters".

From here continue on with the instructions 5 and 6 in the documentation. However, after rebooting the eve-ng install, change the root password.

By default the root password is root/eve - use commands similar to below to change it:

sudo -ipasswd (follow the prompts to change)
When you log into the web interface, also change the weak default password from admin/eve.

2. Setting up Images to deploy



3. To route from the simulation to the Internet

To allow the kali image and the routers to hit the Internet. I routed interface pnet9 through to pnet0 (the management interface). After doing the below - the Internet could be used by connecting to Cloud9 in the simulation.

Setting up pnet9 and the routing:


Make it persistent by:

Edit /etc/sysctl.conf and search for the following lines:
# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1
apt-get install iptables-persistent


/etc/network/interfaces:
iface pnet9 inet static
        address 192.168.255.1
        netmask 255.255.255.0
       

Configuring a DHCP server:




Running the command systemctl enable isc-dhcp-server will also ensure it starts on reboot.

4. Clone the VM

I created an instance for each student. The easiest way I found to clone a VM in Google Cloud was to first create a snapshot and then create an instance from the snapshot.

1. Create a snapshot from the VM to clone
2. Click on snapshot, select "create instance"

Saturday 15 February 2020

(Women-in-Tech)++

So many times I've been asked how do we increase the number of women in tech roles and for years I've had no idea what the answer was - I had no idea why I was the only female in my teams. However, I've more recently paid attention to the tech teams that are 100% male vs the tech teams that have a good diverse balance, and I think I know what is different.

Technical Female Leadership

So much focus goes into women in management leadership roles, however if your organisation has no senior female technical leads, then you will never be able to tip the balance.


  • You can't be what you can't see. This mantra has been repeated so many times it almost hurts to write, yet to be honest - it hasn't stuck for the technical fields. The simple fact is, a female is much more likely to sidestep into a non-technical role if there is no obvious pathway for her in her career. Or worse, not even join your organisation in the first place. And really, who'd blame her?
  • Female technical leaders are less likely to have unconscious bias and are more likely to mentor and drive both males and females equally. They will have high expectations of both genders. Therefore, your female techs will be given the same difficult projects and same training opportunities. A female tech isn't there to meet your quota, she wants the same work as the guys and if she's not given the same opportunities - she will leave.
  • Female technical leads have a vested interest in improving the gender diversity problem. She wants to tip the scales and see more women in tech. So she will actively grow a diverse team for you.
  • A female senior technical lead is likely part of multiple women in tech communities and groups. (I joined my first one in 1995 at ANU before starting engineering and have been in at least a dozen since). She's flying your banner just by being in those groups and showing that your organisation is diverse. She knows technical women and as a leader, she knows she can encourage them to apply for tech roles when they are advertised.
Can a senior male technical lead do a good job of mentoring and growing a diverse technical team? Possibly - though there is less evidence of this.

If you're reading this and already formulating excuses for why you don't have female tech leads, I've heard them all before.  "There is no pipeline, the women leave tech roles before reaching this level" or my (sic) favourite "We'd have to drop the standard to recruit female technical leads"

I want you to stop, pause, think about the attitude and biases you're projecting with these excuses. Consider whether you genuinely want change or you just want to look like you want change. If you seriously want change - then make change.