MDT Range Design

[marissaeinhorn]

Reqs from Capt Kimball

• [ ] MDT PC Operating System: Windows 10 Hardware Requirements:

• Processor: Dual core, 1.5 GHz+

• RAM: 4GB+

• Storage: 60GB+

• NIC: 1GB – MDT Switch

Applications:

• Nmap 7+ w/ Zenmap

• PuTTY

• Terminal Services

• Google Chrome

• Adobe Acrobat Classic

• [ ] MDT Sensor

Operating System: Redhat 7.7

Hardware Requirements:

• Processor: Quad core, 1.5 GHz+
• RAM: 8GB+
• Storage: 200GB+
• NIC
• 1GB – MDT Switch
• 1GB – Internal Switch SPAN (Promisc)

Applications:

• tcpdump

• Snort 2.9

• Zeek (bro) 3.0+

• Filebeat 7.6

• sshd

• [ ] MDT Server

Operating System: Redhat 7.7

Hardware Requirements:

• Processor: Quad core, 1.5 GHz+
• RAM: 8GB+
• Storage: 200GB+
• NIC: 1GB – MDT Switch

Applications:

• Elasticsearch 7.6

• Logstash 7.6

• Kibana 7.6

• sshd

• Arkime (Moloch)

• [ ] Blue PC

Operating System: Windows 10, Air Force SDC

Hardware Requirements:

• Processor: Dual core, 1.5 GHz+
• RAM: 4GB+
• Storage: 60GB+
• NIC: 1GB – Internal Switch

Applications:

• Terminal Services
• Sysmon 10+
• Winlogbeat 7.6

Blue DC

Operating System: Windows Server 2016

Hardware Requirements:

• Processor: Quad core, 1.5 GHz+
• RAM: 8GB+
• Storage: 200GB+
• NIC: 1GB – Internal Switch

Applications:

• Active Directory Domain Services
• Windows DHCP Server
• Windows DNS Server
• Terminal Services
• Sysmon 10+
• Winlogbeat 7.6

Blue Server

Operating System: Windows Server 2016

Hardware Requirements:

• Processor: Quad core, 1.5 GHz+
• RAM: 8GB+
• Storage: 200GB+
• NIC: 1GB – Internal Switch

Applications:

• Windows Web Server (IIS)

• Windows File and Storage Services

• Terminal Services

• Sysmon 10+

• Winlogbeat 7.6

• [ ] Internal Switch

Operating System: Cisco IOS 15.0

Hardware Requirements: Cisco 3750 (or comparable L2/L3 switch) NIC:

• 1GB – Blue Server
• 1GB – Blue DC
• 1GB – Blue PC
• 1 GB – Internal Network (for traffic gen/attack)
• 1GB – Firewall/router
• 1 GB – MDT Sensor (SPAN)

Capability Requirements:

• L2 switching

• L3 routing

• Access Control Lists

• SPAN/Port Mirroring

• [ ] Firewall/Router

Hardware Requirements:

• NIC:
• 1GB – Internal Switch
• 1 GB – External Network (for traffic gen/attack)
• 1 GB – MDT Switch

Capability Requirements:

• L3 routing
• Network Address Translation
• Access Control Lists

Software Requirements:

• Current version:

• pfSense 2.4.4-p3 (FreeBSD 11.2-RELEASE-p10

• [ ] Firewall/Router

Hardware Requirements: NIC:

• 1GB – MDT PC
• 1GB – MDT Server
• 1GB – MDT Sensor
• 1 GB – External Network (for traffic gen/attack)
• 1 GB – Firewall/router