A Docker-based Cyber Lab Framework

Labtainers embody greater than 50 cyber lab workout routines and instruments to construct your individual. Import a single VM equipment or set up on a Linux system and your college students are carried out with provisioning and administrative setup, for these and future lab workout routines.

• Constant lab execution environments and automatic provisioning through Docker containers
• Multi-component community topologies on a modestly performing laptop computer laptop
• Automated evaluation of pupil lab exercise and progress
• Individualized lab workout routines to discourage sharing options

Labtainers present managed and constant execution environments during which college students carry out labs completely throughout the confines of their laptop, whatever the Linux distribution and packages put in on the coed’s laptop. Labtainers run on our [VM appliance][vm-appliancee], or on any Linux with Dockers put in. And Labtainers is offered as cloud-based VMs, e.g., on Azure as described within the Scholar Information.

See the Scholar Information for set up and use, and the Teacher Information for pupil evaluation. Growing and customizing lab workout routines is described within the Designer Information. See the Papers for added details about the framework. The Labtainers web site, and downloads (together with VM home equipment with Labtainers pre-installed) are at https://nps.edu/net/c3o/labtainers.

Distribution created: 03/25/2022 09:37
Revision: v1.3.7c
Commit: 626ea075
Department: grasp

Please see the licensing and distribution info within the docs/license.md file.

Information to directories

• scripts/labtainers-student — the work listing for working and testing pupil labs. You have to be in that listing to run pupil labs.

• scripts/labtainers-instructor — the work listing for working and testing automated evaluation and viewing pupil outcomes.

• labs — Recordsdata particular to every of the labs

• setup_scripts — scripts for putting in Labtainers and Docker and updating Labtainers

• docs — latex supply for the labdesigner.pdf, and different documentation.

• UI — Labtainers lab editor supply code (Java).

• headless-lite — scripts for managing Docker Workstation and cloud cases of Labtainers (programs that don’t have native X11 servers.)

• scripts/designer — Instruments for constructing new labs and managing base Docker photos.

• config — system-wide configuration settings (these usually are not the lab-specific configuration settings.

• distrib — distribution help scripts, e.g., for publishing labs to the Docker hub.

• testsets — Take a look at procedures and anticipated outcomes. (Per-lab drivers for SimLab usually are not distributed).

• pkg-mirrors — utility scripts for inside NPS package deal mirroring to scale back exterior package deal pulling throughout checks and distribution.

Help

Use the GitHub difficulty experiences, or electronic mail me at [email protected]

Additionally see https://my.nps.edu/net/c3o/support1

Launch notes

The usual Labtainers distribution doesn’t embody information required for improvement of latest labs. For these, run ./update-designer.sh from the labtainer/trunk/setup_scripts listing.

The set up script and the update-designer.sh script set setting variables, so you could wish to logout/login, or begin a brand new bash shell earlier than utilizing Labtainers the first time.

March 23, 2022

• Repair path to faucet lock listing; was inflicting failure of labs utilizing community faucets
• Replace plc-traffic netmon laptop to have openjfx wanted for brand spanking new grassmarlin in java setting
• Velocity up lab startup by avoiding chown -R, which may be very sluggish in docker.
• One other shot at avoiding deletion of the X11 hyperlink in container /tmp listing.
• Repair webtrack counting of web sites visited and take away live-headers objective, that software is now not obtainable. Clarified some lab handbook steps.

March 2, 2022

• Add new ssh-tunnel lab (thanks GWD!)
• Repair labedit failure to replicate X11 worth set by new_lab_setup
• Add choice to not parameterize a container

February 23, 2022

• labedit was corrupting begin.config after addition of latest containers
• Incorrect path to pupil information within the pupil README file; dynamically change for cloud configs
• Incorrect extension to update-labtainer.sh
• Msc information enahancements
• Replace the ghidra lab to incorporate model 10.1.2 of Ghidra

February 15, 2022

• Revert Azure cloud help to provision for every pupil. Azure discourages sharing assets.

January 24, 2022

• Azure cloud now makes use of picture saved in an Azure blob as an alternative of provisioning for every pupil.
• Added help for Google Cloud.

January 19, 2022

• Introduce Labtainers on the Azure cloud. See the Scholar Information for particulars on the right way to use this.

January 3, 2022

• Revise setuid-env lab so as to add higher evaluation; simlab testing and keep away from sighup within the printenv little one.
• Repair evaluation objective rely directive to exclude consequence tag values of false.
• Don’t require labname when utilizing gradelab -a with a grader began with the debug possibility.
• Revise capinout (stdin/stdout mirroring) to deal with orphaning of command course of youngsters, improved documentation and error dealing with.
• Added show of progress bars of docker photos being pulled when a lab is first run.
• Person suggestions on progress of container initialization.
• The pcap-lib lab was lacking a notify file wanted for automated evaluation; Take away extraneous step from Lab Handbook.

November 23, 2021

• Disable ubuntu popup errors on check VM.
• Repair dealing with of various DISPLAY variable codecs.

October 22, 2021

• Revise the tcpip lab information to notice a profitable syn-flood assault just isn’t doable. Repair its automated evaluation and add SimLab scripts.
• Change artifact file extension from zip to lab, and add a preamble to confuse GUI file managers. College students have been opening the zip and submitting its guts.
• Make the -r choice to gradelab the default, add a -c possibility for cumulative use of grader.
• Modify refresh_mirror to check with the native launch date to keep away from frequent queries of DockerHub. Every such question counts as a picture pull, and they’re now making an attempt to monetize these.

September 30, 2021

• Change bufoverflow lab information and grading to not anticipate success with ASLR turned on, assess whether or not it was run.
• Error dealing with for net grader for instances the place pupil lacks outcomes.
• Print warning when deprecated lab is run.
• Change formatstring grading to take away unused “_leaked_secret” description and make clear worth of leaked_no_scanf.
• Additionally change formatstring grading to permit any title for the susceptible executable.

September 29, 2021

• Gradelab error dealing with, cut back cases of crashes resulting from unhealthy zip information.
• Restrict stdout artifact information to 1MB

September 17, 2021

• Ghidra lab information had improper IP tackle, was not remade from supply.

September 14, 2021

• Instance labs for LDAP and Mariadb utilizing SSL. Meant as templates for brand spanking new labs.
• Deal with Mariadb log format
• Add per-container parameters to restrict CPU use or pin container to CPU set.
• Labpack creation now obtainable through a GUI (makepackui).
• Tab completion for the labtainer, labpack and gradelab instructions.
• New parallel computing lab “parallel” utilizing MPI.

August 3, 2021

• Add a “WAIT_FOR” configuration choice to trigger a container to delay parameterization till one other container completes its parameterization.
• Help for Mariadb log codecs in outcomes parsing
• Take away help for Mac and Home windows use of Docker Desktop. That product is simply too unstable for us to help.
• Supress stderr messages when person makes use of built-in bash instructions similar to “which”.
• Bug fixes to makepack/labpack applications.

July 19, 2021

• Add a DNS lab to introduce the DNS protocol and configuration.
• Revised VirtualBox equipment picture to start out with the proper replace script.
• Cut up resolv.conf nameserver parameter out of the lab_gw configuration area into its personal worth.
• IModule command failed if run earlier than any labs had been began.

July 5, 2021

• Errors in DISPLAY env variable administration broke GUI purposes on Docker Desktop.

July 1, 2021

• Help Mac package deal set up of headless Labtainers.
• The routing-basics lab automated evaluation failed resulting from lack of treataslocal information
• Appropriate typos and incorrect addresses in routing-basics lab, and repair automated evaluation.
• Evaluation of pcapanalysis was failing.

June 10, 2021

• All lab handbook PDFs at the moment are within the github repo
• Convert vpnlab and vpnlab2 directions to PDF lab manuals.

Might 25, 2021

• Add searchable key phrases to every lab. See “labtainer -h” for utilization.
• Develop routing-basics lab and lab handbook
• Take away routing-basics2 lab, it’s now redundant.
• sudo on some containers failed as a result of hostnames take away underscores, resulting in mismatch with the hosts file. Repair with further entry within the hosts file with container title sans underscore.
• New Labpack characteristic to package deal a group of labs, and makepack software to create Labpacks.
• Error examine for /sbin listing when utilizing ubuntu20 — can be silently deadly.
• New network-basics lab

Might 5, 2021

• Introduce a brand new customers lab to introduce person/group administration
• Surpress Apparmor host messages in centos container syslogs

April 28, 2021

• New base2 photos lacked man pages. Used unminimize to revive them within the base picture.
• Introduce a OSSEC host-based IDS lab.

April 13, 2021

• CyberCIEGE lab failed as a result of X11 socket was not relocated previous to beginning Wine through fixlocal.

April 9, 2021

• New gdb-cpp tutorial lab for utilizing GDB on a easy C++ program.
• Floating level exceptions have been revealing use of exec_wrap.sh for stdin/stdout mirroring.

April 7, 2021

• ldap lab failed when moved to Ubuntu 20. Downside traced to drawback with nscd cache of pwd. Transfer ldap to Ubuntu 20

March 23, 2021

• Parameterizing with RANDOM didn’t embody the higher certain.
• Add non-compulsory step parameter to RANDOM, e.g., to make sure phrase boundaries.
• db-access lab: add mysql-workbench to database laptop.
• New overrun lab for instance reminiscence references past bounds of c information constructions.
• New printf lab to introduce reminiscence references made by the printf perform.

March 19, 2021

• gradelab ignore makdirs error, drawback with Home windows rmtree on shared folders.
• gradelab deal with areas in pupil zip file names.
• gradelab deal with zip file names from Moodle, together with construct downloads.

March 12, 2021

• labedit UI: Take away outdated wireshark picture from listing of base photos.
• labedit UI: Enhance some font sizes.
• grader net interface did not show lab manuals if the handbook title doesn’t observe naming conventions.

March 11, 2021

• labedit UI add registry setting in new international lab configuration panel.

March 10, 2021

• labedit UI fixes to not construct if syntax error in lab
• labedit UI “Lab working” indicator repair to replicate present lab.

March 8, 2021

• Deprecate use of HOST_HOME_XFER, all labs use listing per the labtainer.config file.
• Add documentation remark to start out.config for REGISTRY and BASE_REGISTRY

March 5, 2021

• Error dealing with on gradelab net interface when lacking outcomes.
• labedit addition of precheck, msc bug fixes.

February 26, 2021

• The dmz-example lab had errors in routing and setup of dnsmasq on some parts.

February 18, 2021

• UI was rebuilding photos as a result of it was updating file occasions with out trigger
• Clear up UI code to take away some redundant information copies.

February 14, 2021

• Add native construct choice to UI
• Create empty faux_init for centos6 bases.

February 11, 2021

• Repair UI dealing with of modifying information. Revise structure and remove unused fields.
• Add ubuntu20 base2 base configuration together with ssh2, network2 and wireshark2
• The brand new wireshark solves the prolem of black/noise home windows.
• Map /tmp/.X11-unix to /var/tmp and create a hyperlink. Wanted for ubuntu20 (was deleting /tmp?) and will repair others.

February 4, 2021

• Add SIZE choice to outcomes artifacts
• Simplify wireshark-intro evaluation and parameterization and add PDF lab handbook.
• Present parameter listing values to pregrade.sh script as setting variables
• allow X11 on the grader
• put update-designer.sh into customers path.

January 19, 2021

• Change administration of README date/rev to replace file in supply repo.
• Introduce GUI for creating/modifying labs — see labedit command.

December 21, 2020

• The gradelab perform failed when zip information have been copied from a VirtualBox shared folder.
• Replace Teacher Information to explain administration of pupil zip information on host computer systems.

December 4, 2020

• Transition distribution of tar to GitHub releaese artifacts
• Remove seperate designer tar file, use git repo tarball.
• Testing of grader net capabilities for evaluation of pupil lab artifacts
• Clear logs from full smoketest and delete grader container in removelab command.

December 1, 2020

• The iptables2 lab evaluation relied on random ports being “unknown” to nmap.
• Use a sync diretory to delay smoketests from beginning previous to lab startup.
• Start integrating Lab designer UI parts.

October 13, 2020

• Headless configuraions for working on Docker Desktop on Macs & Home windows
• Headless server help, cloud-config file for cloud deployments
• Testing help for headless configurations
• Power mynotify to attend till rc.native runs on boot
• Enhance mynotify service skill to merge output into single timestamp
• Python3 for stopgrade script
• SimLab now makes use of docker high somewhat than system ps

September 26, 2020

• Clear up the stoplab scripts to disregard non-lab containers
• Add db-access database entry management lab for controlles sharing of a mysql db.

September 17, 2020

• The macs-hash lab was unable to run Leafpad as a result of X11 setting.
• Grader logging was being redirected to the improper log file, now captures errors from teacher.py
• Copy teacher.log from grader to the host logs listing if there’s an error.

August 28, 2020

• Repair set up script to make use of python3-pip and repair damaged scripts: getinfo.py and pull-all.py
• Registry logic was damaged, check programs weren’t utilizing the check registry, add improvement documentation.
• Add juiceshop and owasp base information for OWASP-based net safety labs
• Take away pointless sudos from check_nets
• Add CHECK_OK documentation directive for automated evaluation
• Change check_nets to repair iptables and routing points if that’s the case directed.

August 12, 2020

• Add timeout to prestop scripts
• Add quiz and checkwork to dmz-lab
• Restarting the dmz-lab with out -r possibility broke routing out of the ISP.
• Enable a number of information for time_delim outcomes.

August 6, 2020

• Bug in error dealing with when X11 socket is lacking
• Commas in quiz questions led to parse errors
• Add quiz and checkwork to iptables2 lab

July 28, 2020

• Add quiz help — these are steering quizzes, not evaluation quizzes. See the designer information.
• Add current-state evaluation to be used with the checkwork command.

July 21, 2020

• Add testsets/bin to designer’s path
• Designer information corrections and explainations for IModule steps.
• Add RANGE_REGEX consequence sort for outlining time ranges utilizing common expressions on log entries.
• Examine that X11 socket exists whether it is wanted when beginning a lab.
• Add base picture for mysql
• Deal with mysql log timestamp codecs in outcomes parsing.

June 15, 2020

• New base picture contianing the Fowl open supply router
• Add bird-bgp Border Gateway Protocol lab.
• Add bird-ospf Open Shortest Path First routing protocol.
• Enhance dealing with of DNS modifications, exterior entry from some containers was blocked in some websites.
• Add part to Teacher Information on utilizing Labtainers in environments missing Web entry.

Might 21, 2020

• Transfer all repositories to the Docker Hub labtainers registry
• Help mounts outlined within the begin.config to permit persistent software program installs
• Change ida lab to make use of persistent set up of IDA — new title is ida2
• Add cgc lab for exploration of over 200 susceptible companies from the DARPA Cyber Grand Problem
• Add type_string command to SimLab
• Add netflow lab to be used of NetFlow community site visitors evaluation
• Add 64-bit variations of the bufoverflow and the formatstring labs

April 9, 2020

• Grader failed evaluation of CONTAINS and FILE_REGX circumstances when wildcards have been used for file choice.
• Embody hints for utilizing hexedit within the symlab lab.
• Add hash_equal operator and hash-goals.py to automated evaluation to keep away from publishing anticipated solutions in configuration information.
• Automated evaluation for the pcap-lib lab.

April 7, 2020

• Logs have been moved to $LABTAINER_DIR/logs
• Different cleanup to allow rebuilds and checks utilizing Jenkins, together with use of distinctive momentary directories for builds
• Transfer construct help capabilities out of labutils into construct.py
• Add pcap-lib lab for PCAP library based mostly improvement of site visitors evaluation applications

March 13, 2020

• Add plc-traffic lab to be used of GrassMarlin with site visitors generated through the lab.
• Introduce skill so as to add “faucet” containers to gather PCAPs from chosen networks.
• Replace GNS3 documentation for exterior entry to containers, and use of dummy_hcd to simulate USB drives.
• Change kali template to make use of faux_init somewhat than trying to make use of systemd.
• Shifting distributions (tar information) to field.com
• Change SimLab use of netstat to not do a dns lookup.

February 26, 2020

• If labtainer command doesn’t discover lab, recommend that person run update-labtainer.sh
• Add help preliminary help for a community faucet element to view all community site visitors.
• Script to fetch lab photos to prep VMs that might be used with out web.
• Present username and password for nmap-discovery lab.

February 18, 2020

• Inherit the DISPLAY setting variable from the host (e.g., VM) as an alternative of assuming :0

February 14, 2020

February 11, 2020

• Replace guides to explain distant entry to containers withing GNS3 environments
• Cover chosen parts and hyperlinks inside GNS3.
• Figures within the webtrack lab information weren’t seen; typos on this and nmap-ssh

February 6, 2020

• Introduce perform to remotely handle containers, e.g., push information.
• Add GNS3 setting perform to simulate insertion of a USB drive.
• Enhance dealing with of Docker construct errors.

February 3, 2020

• On the metasploit lab, the postgresql service was not working on the sufferer.
• Merge the IModule handbook content material into the Lab Designer information.
• Extra IModule help.

January 27, 2020

• Introduce preliminary help for IModules (instructor-developed labs). See docs/imodules.pdf.
• Repair damaged LABTAINER_DIR env variable inside update-labtainer
• Repair entry mode on accounting.txt file in ACL lab (had turn into rw-r-r). Use express chmod in fixlocal.sh.

January 14, 2020

• Port framework and gradelab to Python3 (current Python2 labs won’t change)
  • Use backward appropriate random.seed choices
  • Hack non-compatable randint to return outdated values
  • Proceed to help python2 for platforms that lack python3 (or these such because the older VM equipment that embody python 3.5.2, which breaks random.seed compatability).
  • Add rebuild alias for rebuild.py that may choose python2 if wanted.
• Centos-based labs manpages have been failing; use mandb inside base docker file
• dmz-lab netmask for DMZ community was improper (caught by python3); as was IP tackle of interior gateway in lab handbook
• ghex faraway from centos labs — now not simply supported by centos 7
• file-deletion lab have to be accomplished with out rebooting the VM, be aware this within the Lab Handbook.
• Add NO_GW change to start out.config to disable default gateways on containers.
• Metasploit lab, crashes host VM if runs as privileged; lengthy delays on su if systemd enabled; so run with out systemd. Take away use of database from lab handbook, configure to make use of new no_gw change
• Replace file headers for licensing/phrases; add consolidated license file.
• Modify publish.py to default to make use of of check registry, use -d to drive use of default_registry
• Revise supply management procedures to make use of totally different check registry for every department, and use a premaster department for closing testing of a launch.

October 9, 2019

• Take away dnsmasq from dns element within the dmz-lab. Was inflicting bind to fail on some installations.

October 8, 2019

• Syntax error in check registry setup; lab designer data on massive information; fetch bigexternal.txt information

September 30, 2019

• DockerHub registry retrieval once more failing for some customers. Ignore html prefix to json.

September 20, 2019

• Evaluation of onewayhash ought to permit hmac operations on file of pupil’s selecting.

September 5, 2019

• Rebuild metasploit lab, metasploit-framework exhibited a bug. And the labs “treataslocal” file was not noted of the transfer from svn. Repair sort in metasploit lab handbook.

August 30, 2019

• Revert check for existence of container directories, they don’t at all times exist.

August 29, 2019

• Lab picture pulls from docker hub failed resulting from change in github or curl? Catch rediret to cloudflare. Addition of GNS3 help. Repair to dmz-lab dnssec.

July 11, 2019

• Automated evaluation for CentOS6 containers, repair for firefox reminiscence difficulty, help arbitrary docker create arguments within the begin.config file.

June 6, 2019

• Introduce a Centos6 base, however not help for automated evaluation but

Might 23, 2019

• Automated evaluation of setuid-env failed resulting from typos in area seperators.

Might 8, 2019

• Corrections to Capabilities lab handbook

Might 2, 2019

• Acl lab repair to bobstuff.txt permissions. Use express chmod in fixlocal.sh
• Revise pupil information to make clear use of cease and -r possibility in physique of the handbook.

March 9, 2019

• The checkwork perform was reusing containers, thereby stopping college students from eliminating artifacts from earlier lab work.
• Add appendix to the symkey lab to explain the BMP picture format.

February 22, 2019

• The http server failed to start out within the vpn and vpn2 labs. Automated evaluation faraway from these labs till reworked.

January 7, 2019

• Repair gdblesson automated evaluation to no less than be operational.

January 27, 2019

• Repair lab handbook for routing-basics2 and repair routing to allow exterior entry to inside net server.

December 29, 2018

• Repair routing-basics2, identical points as routing-basics, plus an incorret ip tackle within the gateway resolv.conf

December 5, 2018

• Repair routing-basics lab, dns decision at isp and gatway parts was damaged.

November 14, 2018

• Take away /run/nologin from archive machine in backups2 — want common resolution for this nologin difficulty

November, 5, 2018

• Change file-integrity lab default help.conf to trace metadata modifications somewhat than file modification occasions

October 22, 2018

• macs-hash lab decision verydodgy.com failed on lab restart
• Notify perform failed if notify_cb.sh is lacking

October 12, 2018

• Set ulimit on file measurement, restrict to 1G

October 10, 2018

• Power assortment of parameterized information
• Explicitly embody leafpad and ghex in centos-xtra baseline and rebuild dependent photos.

September 28, 2018

• Repair entry modes of shared file in ACL lab
• Make clear query in pass-crack
• Modify artifact assortment to disregard information older than begin of lab.
• Add quantum computing algorithms lab

September 12, 2018

• Repair setuid-env grading syntax errors
• Repair syntax error in iptables2 instance firewall guidelines
• Rebuild centos labs, transfer lamp derivatives to make use of lamp.xtr for waitparam and drive httpd to attend for that to complete.

September 7, 2018

• Add CyberCIEGE as a lab
• read_pre.txt info show prior to tug of photos, and likelihood to bail.

September 5, 2018

• Restore sakai bulk obtain processing to gradelab perform.
• Take away unused teacher scripts.

September 4, 2018

• Enable a number of IP addresses per community interface
• Add base picture for Wine
• Add GRFICS digital ICS simulation

August 23, 2018

• Add GrassMarlin lab (ICS community discovery)

August 23, 2018

• Add GrassMarlin lab (ICS community discovery)

August 21, 2018

• One other repair round AWS authentication points (DockerHub makes use of AWS).
• Repair new_lab_setup.py to make use of git as an alternative of svn.
• Cut up plc-forensics lab right into a fundamental lab and and superior lab (plc-forensics-adv)

August 17, 2018

• Transition to git & GitHub as authoritative repo.

August 15, 2018

• Modify plc-forensics lab evaluation to be extra common; revise lab handbook to replicate wireshark on the Labtainer.

August 15, 2018

• Add “checkwork” command permitting college students to view automated evaluation outcomes for his or her lab work.
• Embody logging of iptables packet drops within the iptables2 and the iptables-ics lab.
• Take away out of date cases of is_true and is_false from objective.config
• Repair boolean analysis to deal with “NOT foo”, it had anticipated extra operands.

August 9, 2018

• Help parameter substitute in outcomes.config information
• Add TIME_DELIM consequence sort for outcomes.config
• Rework the iptables lab, take away hidden nmap instructions, introduce customized service

August 7, 2018

• Add hyperlink to pupil information in labtainer-student listing
• Add hyperlink to pupil information on VM desktops
• Fixes to iptables-ics to keep away from lengthy delay on shutdown; and fixes to regression checks
• Add be aware to guides suggesting pupil use of VM browser to switch artifact zip file to teacher.

August 1, 2018

• Use a generic Docker picture for automated evaluation; cease creating “teacher” photos per lab.

July 30, 2018

• Doc must unblock the waitparam.service (by creating flag listing) if a fixlocal.sh script is to start out a service for which waitparam is a prerequisite.
• Add plc-app lab for PLC software firewall and whitelisting train.

July 25, 2018

• Add string_contains operator to objectives processing
• Modify evaluation of formatstring lab to account for leaked secret not at all times being on the finish of the displayed string.

July 24, 2018

• Add SSH Agent lab (ssh-agent)

July 20, 2018

• Help offline constructing, optionally skip all picture pulling
• Restore apt/yum repo restoration to Dockerfile templates.
• Deal with redirect URL’s from Docker registry blob retrieval to keep away from authentication errors (Don’t depend on curl –location).

July 12, 2018

• Add prestop characteristic to permit execution of designer-specified scripts on chosen parts previous to lab shutdown.
• Appropriate host naming within the ssl lab, it was breaking automated evaluation.
• Repair dmz-lab preliminary state to allow DNS resolutions from interior community.
• FILEREGEX processing was not correctly dealing with multiline searches.
• Framework model derived from newly rebuilt photos had incorrect default worth.

July 10, 2018

• Add an LDAP lab
• Full transition to systemd based mostly Ubuntu photos, take away unused information
• Transfer lab_sys tar file to per-container tmp listing for concurrency.

July 6, 2018

• All Ubuntu base photos changed with variations based mostly on systemd
• Labtainer container photos in registry now tagged with base picture ID & have labels reflecting the bottom picture.
• A given set up will pull and use photos which might be per the bottom photos it possesses.
• In case you are utilizing a VM picture, you could wish to change that with a more moderen VM picture from our web site.
• New labs won’t run with out downloading newer base photos; which may result in your VM storing a number of variations of huge base photos (> 500 MB every).
• Was shedding artifacts from processes that have been working when lab was stopped — was not correctly killing capinout processes.

June 27, 2018

• Add help for Ubuntu systemd photos
• Take away outdated copy of SimLab.py from labtainer-student/bin
• Transfer apt and yum sources to /var/tmp
• Make clear variations between use of “boolean” and “count_greater” in assessments
• Prolong Add-HOST in begin.config to incorporate all parts on a community.
• Add choice to new_lab_setup.py so as to add a container based mostly on a duplicate of an current container.

June 21, 2018

• Set DISPLAY env for root
• Repair to construct dependency dealing with of svn standing output
• Add radius lab
• Bug in SimLab append corrected
• Use svn, the place acceptable, to vary file names with new_lab_setup.py

June 19, 2018

• Retain order of containers outlined in begin.conf when creating terminal with a number of tabs
• Make clear designer handbook to establish path to evaluation configuration information.
• Take away immediate for teacher to offer electronic mail
• Botched error checking when testing for model quantity
• Embody timestamps of lab begins and redos within the evaluation json
• Add an SSL lab that features bi-directional authentication and creation of certificates.

June 14, 2018

• Add diagnostics to parameterizing, observe down why some set up appear to fail on that.
• If a container is already created, be sure it’s parameterized, in any other case bail to keep away from corrupt or half-baked containers.
• Repair program model quantity to make use of svn HEAD

June 15, 2018

• Convert plain textual content directions that appeared in xterms into pdf file.
• Repair bug in model dealing with of photos that haven’t but been pulled.
• Detect occurance of a container that was created, however not parameterized, and immediate the person to restart the lab with the “-r” possibility.
• Add designer utility: rm_svn.py in order that eliminated information set off a picture rebuild.

June 13, 2018

• Set up xterm on Ubuntu 18 programs
• Work round breakage in new variations of gnome-terminal tab dealing with

June 11, 2018

• Add model checking to match photos to the framework.
• Make clear varied lab manuals

June 2, 2018

• When putting in on Ubuntu 18, use docker.io as an alternative of docker-ce
• The capinout induced a crash when a “sudo su” monitored command is adopted by a non-elevated person command.
• Transfer routing and resolv.conf settings into /and so on/rc.native as an alternative of fixlocal.sh so that they persist throughout begin/cease of the containers.

Might 31, 2018

• Work round Docker bug that induced textual content to wrap in a terminal with no line feed.
• Prolong COMMAND_COUNT to account for pipes
• Create new model of backups lab that features backups to a distant server and backs up a whole partition.
• Alter sshlab directions to make use of ssh-copy-id utility
• Delte /run/nologin file from parameterize.sh to allow ssh login on CentOS

Might 30, 2018

• Prolonged new_lab_setup.py to allow identification of the bottom picture to make use of
• Create new model of centos-log that features centralized logging.
• Evaluation validation was not accepting “time_not_during” possibility.
• Start to combine Labtainer Grasp for managing Labtainers from a Docker container.

Might 25, 2018

• Take away 10 second sleeps from varied companies. Was delaying xinetd responses, breaking automated checks.
• Repair snort lab grading to solely require “CONFIDENTIAL” within the alarm. Take away unused information from lab.
• Program end occasions weren’t recorded if this system was working when the lab was stopped.

Might 21, 2018

• Repair retlibc grading to take away duplicate objective, was failing automated evaluation
• Take away copies of mynotify.py from particular person labs and lab template, it’s has been a part of lab_sys/sbin, however had not been up to date to replicate fixes made for acl lab.

Might 18, 2018

• Masks sign message from exec_wrap in order that segv error message seems to be proper.
• The capinout was generally shedding stdout, examine command stdout on loss of life of cmd.
• Repair grading of formatstring to catch segmentation fault message.
• Add type_function characteristic to SimLab to sort stdout of a script (see formatstring simlab).
• Take away SimLab limitation on combining single/double quotes.
• Add window_wait directive to SimLab to pause till window with given title could be discovered.
• Modify plc lab to change titles on bodily world terminal to replicate standing, this additionally makes testing simpler.
• Repair bufoverflow lab handbook hyperlink.

Might 15, 2018

• Add appendix on use of the SimLab software to simulate person efficiency of labs for regression testing and lab improvement.
• Add wait_net perform to SimLab to pause till chosen community connections terminate.
• Change acl automated evaluation to make use of FILE_REGEX for multiline matching.
• SimLab check for xsite lab.

Might 11, 2018

• Add “noskip” file to drive assortment of information in any other case present in dwelling.tar, wanted for retrieving Firefox locations.sqlite.
• Merge sqlite database with write forward buffer earlier than extracting.
• Corrections to lab handbook for the symkeylab
• Grading additions for symkeylab and pubkey
• Enhancements to simlab software: help embody, repair window naming.

Might 9, 2018

• Repair parameterization of the file-deletion lab. Appropriate error its lab handbook.
• Change use of shell=True in python scripts to scale back processes and permit monitoring PIDs
• Clear up manuals for backups, pass-crack and macs-hash.

Might 8, 2018

• Deal with race situation to stop gnome-terminal from executing its docker command earlier than an xterm instruction terminal runs its command.
• Do not show errors when instuctor stops a lab began with “-d”.
• Change grading of nmap-ssh to raised replicate intent of the lab.
• A number of doc and script fixes urged by olberger on github.

Might 7, 2018

• Use C-based capinout program as an alternative of the outdated capinout.sh to seize stdin and stdout. See trunk/src-tool/capinout. Removes limitations related to use ctrl-C to interrupt monitored applications and the show of passwords in telnet and ssh.
• Embody help for saki bulk_download zip processing to extract seperatly submitted experiences, and summarizes lacking submits.
• Add checks to user-provided electronic mail to make sure they’re printable characters.
• Whereas grading, if user-supplied electronic mail doesn’t match zip file title, proceed to grade the outcomes, however embody be aware within the desk reflecting dishonest. Require to recuperate from instances the place pupil enters rubbish for an electronic mail tackle.
• Change telnetlab grading to not take a look at tcpdump output for passwords — capinout repair results in appropriate character-at-a-time transmission to server.
• Repair typo in install-docker.sh and use sudo to change docker dns setting in that script.

April 26, 2018

• Transition to make use of of “labtainer” to start out lab, and “stoplab” to cease it.
• Add –version choice to labtainer command.
• Add log_ts and log_range consequence varieties, and time_not_during objective operators. Revamp the centos-log and sys-log grading to make use of these options.
• Put labsys.tar into /var/tmp as an alternative of /tmp, generally would get deleted earlier than expanded
• Working X purposes as root fails after reboot of VM.
• Add “Person Command” man pages to CentOS based mostly labs
• Repair current bug that prevented assortment of docs information from college students
• Modify smoke-tests to solely examine student-specific consequence line, void of whitespace

April 20, 2018

• The denyhosts service fails to start out the primary time, moved begin to student_startup.sh.
• Transfer all faux_init companies till after parameterization — rsyslog was failing to start out on second boot of container. April 19, 2018
• The acl lab did not correctly assess efficiency of the computer virus step.
• Gather pupil paperwork by default.
• The denyhost lab modified to replicate that denyhosts (or tcp wrappers?) now modifies iptables. Additionally, the denyhosts service was failing to start out on some events.
• When updating Labtainers, don’t overwrite information which might be newer than these within the archive — protect pupil lab experiences.

April 12, 2018

• Add documentation for the aim of lab objectives, and show this for the teacher when the teacher begins a lab.
• Appropriate use of the precheck perform when this system is in treataslocal, cross capintout.sh the total program path.
• Copy instr_config information at run time somewhat than throughout picture construct.
• Add Designer Information part on debugging automated evaluation.
• Incorrect case in lab report file names.
• Unncessary chown perform induced teacher.py to generally crash.
• Help for automated testing of labs (see SimLab and smoketest).
• Transfer testsets and distrib beneath trunk

April 5, 2018

• Revise Firefox profile to take away “you’ve got not use firefox shortly…” message.
• Take away unnessary pulls from registry — get picture dates through docker hub API as an alternative.

March 28, 2018

• Use express tar as an alternative of “docker cp” for system information (Docker does not observe hyperlinks.)
• Repair backups lab use separate file system and replace the handbook.

March 26, 2018

• Help for multi-user modes (see Lab Designer Person Information).
• Eliminated construct dependency on the lab_bin and lab_sys information. These at the moment are copied throughout parameterization of the lab.
• Transfer capinout.sh to /sbin so it may be discovered when working as root.

March 21, 2018

• Add CLONE to allow a number of cases of the identical container, e.g., for labs shared by a number of concurrent college students.
• Adapt kali-test lab to offer instance of macvlan and CLONE
• Copy the capinout.sh script to /sbin so root can discover it after a sudo su.

March 15, 2018

• Help macvlan networks for communications with exterior hosts
• Add a Kali linux base, and a Metasploitable 2 picture (see kali-test)

March 8, 2018

• Don’t require labname when utilizing cease.py
• Catch errors attributable to stray networks and advise person on a repair
• Add help to be used of native apt & yum repos at NPS

February 21, 2018

• Add dmz-lab
• Change “checklocal” to “precheck”, reflecting it runs previous to the command.
• Decouple inotify occasion reporting from use of precheck.sh, permit inotify occasion lists to incorporate non-compulsory outputfile title.
• Prolong bash hook to root operations, flush that bash_history.
• Enable parameterization of begin.config fields, e.g., for random IP addresses
• Help monitoring of companies began through systemctl or /and so on/init.d
• Introduce time delimeter qualifiers to prepare a timestamped log file into ranges delimited by some configuration change of curiosity (see dmz-lab)

February 5, 2018

• Boolean values from outcomes.config information at the moment are handled as objective values
• Add common expression help for figuring out artifact outcomes.
• Help for alternate Docker registries, together with an area check registry for testing
• Msc fixes to labs and lab manuals
• The capinout monitoring hook was not killing little one processes on exit.
• Kill monitored processes earlier than gathering artifacts
• Add labtainer.wireshark as a baseline container, clear up dockerfiles

January 30, 2018

• Add snort lab
• Combine log file timestamps, e.g., from syslogs, into timestamped outcomes.
• Take away undefined consequence values from intermediate timestamped json consequence information.
• Alter the time_during objective evaluation operation to affiliate timestamps with the ensuing objective worth.

January 24, 2018

• Use of tabbed home windows induced teacher facet to fail, use of double quotes.
• Ignore information in _tar directories (apart from .tar) when figuring out construct dependencies.