Isolated, Scalable, & Lightweight Environment for Training
Making IT training a smoother process...
ISLET is a container based system for teaching Gnu/Linux based software, which requires minimal effort for participation and configuration. ISLET supports running a variety different training environments concurrently, and has a plugin system for extending functionality. ISET is modular in design, which makes it easy to add different run times and is flexible to different needs. The participation barrier is set very low, so students will only need an SSH or similar remote access client to connect.
- Event and staff training
- Capture the flag competitions
- Development environments
Who Uses ISLET?
ISLET has been used in official training for two leading open source network security projects. These, in addition to other notable examples, are listed below.
- Bro Team
- Suricata Team
- University of Illinois at Urbana-Champaign Digital Forensics 2 Course
- ACM GNU/LUG at UIUC
If you would like commercial support for ISLET, including creating and deploying custom training environments, contact me through my company Draconyx.
These images are a little old, but they mostly represent the design.
The installation of ISLET is very simple. First, grab the dependencies and then install ISLET.
- Linux, Bash, Cron, OpenSSH, Make, SQLite, and Docker Engine
The configure script will check for dependencies (except Docker)
Typically, all you need is Make, SQLite and Docker Engine (for Debian/Ubuntu):
apt-get install make sqlite
See Docker's documentation for installation instructions.
After installing the dependencies, run:
make user-config && make install && make security-config
|install||Install ISLET: install-files + configuration|
|update||Downloads and install new code (custom changes to default files will be overwritten)|
|uninstall||Uninstall ISLET (Recommended to backup your stuff first)|
|mrproper||Removes files that did not come with the source|
|user-config||Configures a user account called demo w/ password demo|
|security-config||Configures sshd with islet relevant security in mind|
|iptables-config||Installs iptables ruleset|
make accepts arguments if you want a customized installation (not supported):
make user-config INSTALL_DIR=/usr/local/islet USER=training PASS=training make install INSTALL_DIR=/usr/local/islet USER=training make security-config INSTALL_DIR=/usr/local/islet USER=training make uninstall INSTALL_DIR=/usr/local/islet USER=training
|CONFIG_DIR||ISLET configuration directory (def: /etc/islet)|
|INSTALL_DIR||ISLET installation directory (def: /opt/islet)|
|USER||User account created with user-config target (def: demo)|
|PASS||User account password created with user-config target (def: demo)|
|IPTABLES||Iptables ruleset (def: /etc/network/if-pre-up.d/iptables-rules)|
Updating an existing ISLET installation is very simple:
tar zcf islet_config.tgz /etc/islet # Backup configs make update tar zxf islet_config.tgz -C / # Restore configs
Adding Training Environments
See Docker's image documentation
Build or pull in a new Docker image
Create an ISLET config file for that image (training environment). You can use
make templatefor an example.
Place it in /etc/islet/environments with a
It should now be available from the selection menu upon login.
More info: See the SECURITY file for more information on manually securing the system. See the ADMIN file for more information on administering the system. [Mailing List] (https://groups.google.com/d/forum/islet)