lab:fah_removal
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| lab:fah_removal [2023/05/01 15:17] – [Optional] user | lab:fah_removal [2023/05/06 23:02] (current) – replaced user | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== FAH Removal ====== | ||
| - | In our previous step we [[fah_installation|set up FAH]] on our [[Stack of NUCs]]. | ||
| - | |||
| - | Now we are going to disable the service and uninstall it. In the last step there was an optional step to " | ||
| - | |||
| - | Purpose: | ||
| - | * Demonstrate stopping and removing an installed service workload | ||
| - | |||
| - | ====== Step 1 - Connect to the Ansible Control Node ====== | ||
| - | From [[stack - nuc 1|NUC 1]], log in to the Ansible control node, [[stack - nuc 2|NUC 2]]. | ||
| - | |||
| - | ====== Step 2 - Create the Playbook ====== | ||
| - | Create the file / | ||
| - | |||
| - | <file yaml removefah.yml> | ||
| - | --- | ||
| - | - hosts: all | ||
| - | become: true | ||
| - | become_user: | ||
| - | tasks: | ||
| - | - name: Stop and disable FAHClient.service | ||
| - | ansible.builtin.service: | ||
| - | name: FAHClient.service | ||
| - | state: stopped | ||
| - | enabled: false | ||
| - | - name: Remove fahclient package | ||
| - | apt: | ||
| - | name: fahclient | ||
| - | state: absent | ||
| - | clean: true | ||
| - | purge: true | ||
| - | - name: Reboot | ||
| - | reboot: | ||
| - | </ | ||
| - | ====== Step 3 - Test the Playbook ====== | ||
| - | '' | ||
| - | |||
| - | ====== Next Step ====== | ||
| - | Now that we have removed the CPU-hungry FAH service, we go next to [[Install Kubernetes|installing Kubernetes]]. | ||
| - | |||
| - | ====== Optional ====== | ||
| - | Cyber security students may want to deploy hashtopolis in the Lab. This deploys a distributed hashcat cluster for brute forcing password hashes. | ||
| - | |||
| - | ===== Hashtopolis ===== | ||
| - | References: | ||
| - | * [[https:// | ||
| - | * [[https:// | ||
| - | |||
| - | There are two pieces to set up: | ||
| - | * server - central server distributes the keyspace of a task, aggregates jobs, and collects results in MySQL database | ||
| - | * communicates over HTTPS with client machines | ||
| - | * passes over files, binaries and task commands | ||
| - | * clients - acts on the commands, executes the hash cracking application, | ||
| - | |||
| - | ==== Start a folder for hashtopolis ==== | ||
| - | - Log in to the Ansible control node (NUC 2) | ||
| - | - Create directory ''/ | ||
| - | * '' | ||
| - | * '' | ||
| - | - Create the inventory, putting one of the worker nodes in the [server] section and the rest in the [clients] section | ||
| - | * ''/ | ||
| - | * <file yaml inventory> | ||
| - | [all:vars] | ||
| - | ansible_python_interpreter=/ | ||
| - | ansible_user=' | ||
| - | ansible_become=true | ||
| - | ansible_become_method=sudo | ||
| - | [server] | ||
| - | |||
| - | [clients] | ||
| - | </ | ||
| - | - Create the ansible.cfg file | ||
| - | * ''/ | ||
| - | * <file yaml ansible.cfg> | ||
| - | [defaults] | ||
| - | inventory = inventory | ||
| - | </ | ||
| - | exit | ||
| - | ==== Server Setup ==== | ||
| - | Server runs a LAMP stack | ||
| - | |||
| - | <code bash> | ||
| - | # installing core packages | ||
| - | sudo apt update && sudo apt upgrade -y | ||
| - | sudo apt install apache2 -y | ||
| - | sudo apt install libapache2-mod-php php-mysql php php-gd php-pear php-curl -y | ||
| - | sudo apt install git -y | ||
| - | sudo apt install phpmyadmin -y | ||
| - | |||
| - | # depending on your OS you may find the package listed as either one | ||
| - | sudo apt install mysql-server -y | ||
| - | sudo apt install mariadb -y | ||
| - | |||
| - | # secure the default mysql install | ||
| - | mysql_secure_installation | ||
| - | |||
| - | # clone down the repo | ||
| - | git clone https:// | ||
| - | sudo mkdir / | ||
| - | sudo cp -r hashtopolis/ | ||
| - | sudo chown -R www-data: | ||
| - | |||
| - | # create mysql database and set a password | ||
| - | sudo mysql -uroot -e " | ||
| - | sudo mysql -uroot -e "GRANT ALL ON hashtopolis.* TO ' | ||
| - | sudo mysql -uroot -e "flush privileges;" | ||
| - | </ | ||
| - | |||
| - | additional configuration required | ||
| - | |||
| - | ==== Agent Setup ==== | ||
| - | < | ||
| - | # ensure the machine is up to date and install python packages | ||
| - | sudo apt update | ||
| - | sudo apt -y full-upgrade -y | ||
| - | pip3 install requests | ||
| - | pip3 install psutil | ||
| - | |||
| - | # install nvidia and cuda drivers | ||
| - | sudo apt install -y nvidia-driver nvidia-cuda-toolkit | ||
| - | |||
| - | # verify install (should both show nvidia drivers) | ||
| - | nvidia-smi | ||
| - | lspci | grep -i vga | ||
| - | |||
| - | # verify with hashcat | ||
| - | hashcat -I | ||
| - | |||
| - | # fetch the agent file from the server | ||
| - | curl http:// | ||
| - | python3 agent.zip | ||
| - | </ | ||
| - | |||
lab/fah_removal.1682954225.txt.gz · Last modified: 2023/05/01 15:17 by user