Course information
This website contains additional materials for the PV280 Network Forensics course.
Time and place
Every Thursday 10:00 - 11:50 in S108 (a.k.a., KYPO lab).
Virtual Environment
Virtual environment is used for practice throughout the course. Each student is assigned a numbered sandbox with three machines:
- Router: A gateway to the sandbox network. External interface is connected to
main-network172.16.0.0/24, internal interface to the sandbox network192.168.0.0/24hasIP 192.168.0.1. - Linux: Linux server connected to the sandbox network and has IP
192.168.0.3. - Windows: Windows server connected to the sandbox network with IP
192.168.0.4.
This is how the network topology looks like:
Access
Linux and Windows machines are only accessible through the router. A private IP address routable in the
Masaryk University network is assigned to each router for access, see Sandbox assignments.
Use VPN or SSH ProxyJump through some host at FI.
Only SSH to the router and RDP to the windows machine is allowed by firewall policies. The router has forwarding rules for the RDP already configured.
For easier access to the Linux machines, SSH config can be as follows:
# file ./ssh_config
Host router-X
Hostname 10.16.X.X
User ubuntu
IdentityFile ~/.ssh/id_ed25519_pv280
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
ControlMaster no
Host linux-X
Hostname 192.168.0.3
User ubuntu
IdentityFile ~/.ssh/id_ed25519_pv280
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
ProxyJump router-X
ControlMaster no
And used like this:
ssh -F ./ssh_config router-X
Using SSH keys is not necessary, but can make life easier than typing passwords.
Sandbox assignments
| UCO | Sandbox | IP Address |
|---|---|---|
| 525319 | 1 | 10.16.177.211 |
| 514446 | 2 | 10.16.178.128 |
| 536456 | 3 | 10.16.178.11 |
| 525212 | 4 | 10.16.178.105 |
| 565299 | 5 | 10.16.177.242 |
| 568925 | 6 | 10.16.176.240 |
| 536697 | 7 | 10.16.178.228 |
| 550195 | 8 | 10.16.177.31 |
| 555763 | 9 | 10.16.177.246 |
| 567749 | 10 | 10.16.179.181 |
| 550168 | 11 | 10.16.179.3 |
| 547246 | 12 | 10.16.178.110 |
| 550600 | 13 | 10.16.178.195 |
| 536428 | 14 | 10.16.178.25 |
| 550371 | 15 | 10.16.179.80 |
| 550271 | 16 | 10.16.176.75 |
| 550158 | 17 | 10.16.177.13 |
| 514499 | 18 | 10.16.176.164 |
| 525235 | 19 | 10.16.176.140 |
| 536703 | 20 | 10.16.177.200 |
| 567758 | 21 | 10.16.178.204 |
| 568923 | 22 | 10.16.179.143 |
| 568924 | 23 | 10.16.178.15 |
| 536698 | 24 | 10.16.178.240 |