Published on International Journal of Informatics, Technology & Computers
Publication Date: December, 2019
Muhamad Idham Tsalasa and Emy Haryatmi
Electrical Engineering, Gunadarma University
Journal Full Text PDF: Understanding Vulnerability and Penetration Testing in a Virtualized Environment.
In recent years, hacking activities that occurs in the internet is very worrying. This is mostly due to users is not knowledgeable regarding the cause of hacking itself. Even though the needs for cyber security is very important considering the rapid development of technology, this problem is increasing continuously. Hence many users strive to know more regarding ethical hacking and network security for understanding vulnerabilities in a computer system. However, using live equipment for computer/network research is not very efficient especially for universities student. In attempt to overcome the aforementioned issue, this paper will use GNS3 as virtual environment solution and using Nexpose with Metasploit to know more about ethical hacking. This paper is applicable for user community which find itself wish to research more regarding ethical hacking and also using virtual equipment which will use less cost.
Keywords: Virtualization; gns3; vmware; vulnerability assessment; penetration testing; metasploit; nexpose; security.
In recent years, the rampant hacking that occurs on the internet is very worrying, this is mostly due to users not knowing what factors can cause the hacking itself. Although when traced, there are many vulnerabilities that can be exploited by hackers to enter, destroy, or steal the victim’s data. This problem still cannot be overcome, even though the need for cyber security is very important considering the rapid development of computer networks.
In this case, information security management system is very important to understand and implemented so that information can be managed properly, companies or agencies can focus more on achieving the vision that has been set, or do other things for business development, or more focused on providing the best service for end users.
Vulnerability can be reduced or even be prevented, however we need to understand the vulnerability which is happening nowadays. The problem is that there are many unknown vulnerabilities, until someone has discovered them. Unfortunately, someone who discovered it could be someone who would abuse it. And the person will continue to abuse for these vulnerabilities before the organization finds out.
In a vulnerability assessment scan and penetration test, users identify weaknesses in the system. However instead of taking advantage of existing weaknesses, these results is being classified and forwarded to the system owner so that later they can fix problems and make the system more secured. Vulnerability assessment scans and penetration tests use tools similar to those used by hackers, but the process is previously known by the system owner and the results are not a threat to the system, but rather to find out the loopholes in their systems.
In other hands, interest for including hands-on lab exercises on offensive techniques often used by hackers has grown significantly. As the need for users to practice offensive and defensive techniques without the needs of high cost equipment, this paper attempts to explore a practical learning approach that aims at taking advantages of the benefits of virtualization technologies for setting up affordable environment and allowing users to practice ethical hacking in more secure environment .
2.1 Network Virtualization Workstation
Network virtualization is a combination of a hardware appliances and software networks to connect between virtual machines. Using GNS3 as network simulator and VMware workstation for virtual machine software proved to be effective. GNS3 is a graphical network simulator program that can simulate more complex network topologies compared to other simulators . This program can be run on various operating systems, such as Windows, Linux, or Mac OS X . Meanwhile, VMware workstation gives it users the experience to experience a virtual version of hardware even without its physical form . Or more simply, users can create a virtual version of a computer on another computer, and run more than one operating system on the same computer.
2.2 Vulnerability Assessment
Vulnerability assessment is the process of defining, identifying, and classifying system vulnerabilities within an individual or company. The aim of vulnerability assessment itself is the information about the current running system, computer programs, network infrastructure, and providing the company with the necessary knowledge about security awareness, the threats, and also understanding what should be done when facing an attacks .
Vulnerability assessment is intended for the process of identifying threats and risks that arise which usually involve the use of automated testing tools, such as network security scanners, the results of which are listed in the vulnerability assessment report. Rapid7 Nexpose Community Edition is a free vulnerability scanner & security risk intelligence solution designed for organizations with large networks, prioritizing and managing risk effectively . It proactively supports the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation.
2.3 Penetration Test
Penetration Test is a method for evaluating the security of a computer system and network. Evaluation is done by conducting a simulation of an attack. The results of penetration test are very important as feedback for the system owners to improve the security level of their computer system. Penetration test report will provide input on the condition of system vulnerability making it easier to conduct an evaluation of the current computer security system. Penetration test activity is sometimes also referred to as ethical hacking. Metasploit is a security software that is often used to test the resilience of a system by exploiting the weaknesses of a systems software . this software also helps system security to strengthen its network defenses from attackers from outside .
3.1 Establishing Virtual Environment
In this environment, there are three servers used. All servers run on a virtual platform using GNS3 as network simulator and VMware Workstation as virtualization media. Each servers is connected to each other and have different specification. Refer to Fig. 1.
Figure 1. Virtualization using GNS3
Details for each server:
1. Target server, which have commonly used application installed on the server. Which later used as a target for vulnerability scan and penetration test.
2. Vulnerability assessment server (VAS), this server conduct vulnerability assessment scanning using Nexpose.
3. Penetration server, this server function as a server to carry out the penetration test. Installed with Metasploit and Nmap for port scanning.
3.2 Vulnerability Assessment Scan
Vulnerability assessment will be carried out on the target server, after the scan has finished, Nexpose will lists the vulnerabilities of the target server in PDF format. Aside from the existing vulnerabilities, Nexpose will also provide solutions to its vulnerability. Refer to Fig. 2 for examples of existing vulnerabilities.
Figure 2. Example of detected vulnerabilities
The hardening process is generally a change of password which previously used a easily guessed password into a more complicated password. In addition to changing passwords, firewalls are also implemented on ports that generally do not need to be opened to the public network. Other solution that can be considered is implementing Intrusion Detection/Prevention system (IDS/IPS) .
3.4 Penetration Test
Penetration tests are carried out on the target server using the penetration server that has Metasploit installed. Metasploit carried the penetration to the target server by using the exploit brute force module. This penetration test serves to carry out attempted attacks on the target server and inform the system owner in the form of reports. Refer to Fig. 3 and Fig. 4 for the penetration result.
Figure 3. Penetration result pre hardening
Figure 4. Penetration result post hardening
The main objective of this paper was to provide solution to reduce cost as well as help others research more regarding ethical hacking. Creating virtual server and simulate the network using GNS3 and VMware workstation will helps greatly in term of overcoming limited hardware and accessibility, hence will also serve as a test environment before applying on live environment. Vulnerability scanning and penetration test is essential for understanding how hackers discover the weakness in a targeted host. By using Nexpose and Metasploit, users will find themselves familiar with how the security works inside computer system, thus understand how to prepare themselves before an attack occurs.
 Shamma Al Kaabi, Nouf Al Kindi, Shaikha Al Fazari and Zouheir Trabelsi. “Virtualization based Ethical Educational Platform for Hands-on Lab Activities on DoS Attacks,” IEEE Global Engineering Education Conference (EDUCON), pp. 273-279, 2016.
 R. Mohtasin, P.W.C. Prasad, Abeer Alsadoon, G. Zajko, A. Elchouemi, Ashutosh Kumar Singh. “Development of a Virtualized Networking Lab using GNS3 and VMware Workstation,” IEEE WiSPNET, pp. 603-608, 2016.
 Yien Wang, Jianhua Yang. “Ethical Hacking and Network Defense: Choose Your Best Network Vulnerability Scanning Tool,” 31st International Conference on Advanced Information Networking and Applications Workshops, pp. 110-113, 2017.
 Filip Holik, Josef Horalek, Ondrej Marik, Sona Neradova, Stanislav Zitta. “Effective penetration testing with Metasploit framework and methodologies,” IEEE International Symposium on Computational Intelligence and Informatics, pp. 237-242, 2014.
 Zouheir Trabelsi, Walid Ibrahim. “Teaching Ethical Hacking in Information Security Curriculum: A Case Study,” IEEE Global Engineering Education Conference (EDUCON), pp. 130-136, 2013.
 David Bombal. “Why Use the GNS3 Virtual Network Simulator?,” https://business.udemy.com/blog/why-use-the-gns3-virtual-network-simulator/ [Accessed 9-Nov-2019].
 Nexpose, https://www.rapid7.com/products/nexpose/
 Metasploit, https://www.metasploit.com/
 GNS3, https://www.gns3.com/
 VMware Workstation, https://www.vmware.com/id/products/workstation-player