cliffe
Configured wrong vboxnet number
I had issue where it configured wrong vboxnetX number so intranet and desktop were not pingable from webserver in the organization/team scenario. Then I configured correct ones manually.
Ok. Thanks for raising this. Yeah, I think the problem arises when your VM networks have been setup differently to what SecGen assumes about your host system config. I think we had a write up of how to get this working, @thomashaw? Maybe we need to automate something further?
But SecGen set those vboxnets as far as I know so that would be weird? Also why it would set different vmboxnet from the webserver?
The write-up @cliffe mentioned was in regards to an issue we had when exporting/importing sets of VMs through virtualbox as .ova files, where the host machine receiving the import has existing host-only networks using the same name (with different configurations).
I've tried to reproduce the issue by re-running your scenario file, removing all host-only networks from VirtualBox, and creating new ones with different configurations but have been unable to break it.
SecGen creates the new host-only networks in VirtualBox through Vagrant. Do you still happen to have the projects/SecGen_2017XXXX/Vagrantfile by any chance?
Just to clarify, that scenario is intended to have two separate networks, one representing the DMZ and one representing the Intranet. The DMZ has the web server and this is also the one you should attach your attacker VM, such as Kali. The second network, has the intranet server, and desktop. The Web server is attached two both networks. So any attacks on the Intranet have to pivoted through the Web server.
Yep that was clear to me, but the problem was nothing was pingable from inside the web server because it assigned diffrent vboxnet number for second adapter of web server and intranet server/desktop.