This page introduces computer forensics lab setup and network forensics lap setup. Notes are given for students interested in setting up their own lab environment at home.
The machines in Olsen 310 have three virtual machines on them in the folder called c:\virtualmachines. Use the free VMware Player program on each lab machine to start a vmware station. Do not install any vmware tools if not instructed.
Students can also use this setup to run related network forensics labs.
There are 6 virtual machines in our vmware cluster that have the Metasploitable2 vm on them - they are on an isolated network. The setup is illustrated in the following figure.
To get to the isolated network:
Step 1. Login the Linux server on our public network with an ip address of 18.104.22.168 via ssh program such as putty. Please contact Harry Lee (email@example.com) for username and password.
Step 2. Get to a team machine with IPs of 192.168.16.121-192.168.16.126
At this time, the user account, which is a pseudo account, on those machines is given below. Change the password immediately.
From the public server 22.214.171.124, you can login the team machine, for example, 192.168.16.121, using the following command: