Logo Description automatically generated with low confidence NodeZero deployment page

Below are the five basic steps that will be taken in the environment to kick off an internal pentest for the POV (Proof of Value).  To launch NodeZero we require a host that supports docker.  If you already have a docker host/environment you can validate it by using the check environment script. If you don't have docker and/or prefer to deploy a virtual appliance,  we have pre built VMs (OVAs) for quick deployment on the popular hypervisors (DHCP assumed;  static can be assigned using n0 script, see step 2). For cloud based environments (AWS, Azure, GCP, etc) deploy a standard Linux VM with a minimum of 2 cores, 8gb of usable memory, 40gb of storage.  Usethe check environment script to validate the host deployment.

 

On the call we'll need resource(s) that have the system access to perform the following tasks. Note: Deploying the OVA ahead of time will greatly shorten our POV kick off call.  If you have any questions or run into any issues deploying the OVA just let us know.

 

1) Download, deploy, and boot the NodeZero Ubuntu OVA within your environment.

 

2) From the console, login as user "nodezero", password "nodezero"; after default password is changed, SSH will be enabled.

Note: Passwords require min 14 characters and must include at least 1 Digit, 1 Special, 1 Upper and 1 Lower Case

 

3) Set local time zone  by executing "n0" at the command prompt, then enter "6".

 

4) Perform a system update by executing "n0" at the command prompt, then enter "5".   (Note: Static IP address can be configured by entering "3").

 

 

5) After the update completes, log out of the OVA from the console, then reconnect to the VM using an SSH client via the IP address and verify a successful deployment by re-running "n0", then enter "1" .


If everything passes (green), congratulations, you are all set to kick off your first attack.

 

On the POV call we'll create your H3 login IDs (your company email address) and help you set up multi-factor authentication.  Once created, you'll receive two emails from H3, one inviting you to the POV and the other will contain your temporary password to login.  Please ensure that you have an MFA application (i.e. Google auth) installed on your phone, or alternately, you can install the MFA app in your browser which makes it much easier to type (copy and paste) the verification code.

 

Once logged in, we will walk through the platform and kick off your first attack!   If you'd like to jump ahead you can follow the posted video here.

We look forward to working with you and your team.

 

Additional reference resources

Docker Commands

Official Horizon3 website and NodeZero documentation

 

 

Uninterrupted outbound network access (NodeZero's deployed OVA to Internet) to the following endpoints is required during the entire operation.  Connectivity requirements

 

NodeZero Overview (8m): https://youtu.be/mWNW_loDvZY

NodeZero Deployment and Technical Deep Dive (30m): https://youtu.be/S66uwIOAnmU

Playlist of both videos (38m): https://www.youtube.com/playlist?list=PLsBaXS0DGq_qPKtz4A_1tQY9hDy9_dAPw