- Download and extract the metasploitable 2 iso from the below website.
LINK : http://downloads.metasploit.com/data/metasploitable/metasploitable-linux-2.0.0.zip
- After extracting double click the .vmx file to open it in VMWare . Now go to edit virtual machine settings and configure the settings as highlighted below.
- Finally power on the virtual machine and select “ I Copied it “ option when prompted. Let the setup run and you will be taken to the metasploitable login screen. The ID and Password are “msfadmin”.
- Once logged in run the “ip a” command to check whether the ip address is in same range as kali linux machine and try pinging metasploitable machine from kali linux. It should work fine.
- Note if there is an IP address problem in kali linux , just release and renew the ip address running the below commands in kali.
COMMANDS :
- sudo dhclient -r ( this is for ip release )
- sudo dhclient ( this is for ip renewal )
- But if the above method not working for kali linux , then manually set static IP for kali linux as shown below.
- Also if any IP address is not reachable , just go to the PFSENSE firewall → Status Tab → DHCP leases and check whether all the appliance IP addresses are captured in it. It should show.
- Now run the below mentioned nmap scan on metasploitable machine and check whether we are getting alerts in security onion siem as shown below.
COMMAND : sudo nmap -vvv -Pn -sCV -p0-65535 —reason 10.10.10.11
- So from the above screenshot we not only see the kali hostname captured but also the namp scan is being detect in security onion.
- Now we can click on the event and select drilldown option to dig deeper for analysis as shown below.
- Click on the arrow icon on the events to expand it and view all the details eloborately.
- You can also click on the event to perform many more actions as shown below.