Professional Documents
Culture Documents
Scenario: Encrypted Attack Mitigation: Description
Scenario: Encrypted Attack Mitigation: Description
Lab 7
Scenario: encrypted attack mitigation
Overview
Description
This lab introduces you to Hardware Security Module (HSM) and SSL
decryption capabilities of Pravail APS that can be used to mitigate DDoS
attacks delivered inside encrypted tunnels.
Objectives
After completing this lab, you will be able to do the following:
• Configure HSM and SSL decryption;
• Analyze attacks mitigated using decryption capabilities of Pravail APS.
Equipment/Tools
The following equipment is required to complete this lab:
• web browser (Chrome or Firefox)
When accessing training labs, you will be prompted for Training Portal
Authentication. Use following credentials:
• Login: student54
• Password: 43xXBAJD89
Student 54 L7-1
Encrypted attack mitigation
Lab 7
https://victim-pod54.training.arbor.net/
3. Connect to your Pravail APS with web ssh client (use your student54
login to access web ssh).
Port: 22
Login: admin
Password: 43xXBAJD89
5. Initialize HSM module. Choose any officer and user usernames and
passwords. Allow decryption of non-FIPS ciphers and make credentials
persistent for Pravail APS use:
7. Import transferred key. Use any name for the key you like
1. Log back into web UI of your Pravail APS device. Note that HSM
Credential Status alert is now cleared
https://pod54.training.arbor.net/
2. Navigate to Administration -> General
4. After a minute, verify that the victim web server is available once again
https://victim-pod54.training.arbor.net/
This completes the lab exercise. Please let instructor know that you’ve finished the
lab and the attack should be now stopped
Student 54 L2-3