Crossfire Demo Labs
Crossfire Demo Labs
Crossfire Demo Labs
Demo Labs
Contacts, Links, Process
Crossfire Overview
Helix Demo 1
Important Note:
Helix Demo 2
Helix login creds are completely
separate from Crossfire creds.
Please contact fireeye-se-helix-
Helix Demo 3 admin@fireeye.com for help with
enrolling in the Helix demo
instances.
Alliances:
Deprecated experimental lab, not used
publicly except in special circumstance.
The Crossfire Labs are maintained by Neil Roxburgh, Mostafa Altantawy, Kevin Burk, and Jeff Yeutter. The xfire-support@fireeye.com
distro list is the fastest way to contact the team for help with technical issues, workshop queries, or feature requests.
Demo Guides:
See “SE Bootcamp Materials” Teams channel or
https://fireeyeinc.sharepoint.com/:f:/s/SENewHireBootcampmaterials/EqqulMH2BVJItJEjCmFdqNIBC-Ze9_iFVCxCjZwU5Rnfsw?e=d48Rh9
Demo scenario guides are available in the SharePoint space listed above. For demo scenario/specialized product questions, please
contact the GPS product specialist team at fireeye-se-gps@fireeye.com.
Copyright
Copyright © 2017, FireEye, © 2017,
Inc. All rights FireEye,CONFIDENTIAL
reserved. Inc. All rights reserved. CONFIDENTIAL
Crossfire FAQ
1) Logging into systems
However there are scenarios where a custom user/pass may need to be used. In these
events, please check for any notes or a padlock icon next to the link
Crossfire is bound to Okta, however there are scenarios where users are
bound to a default account and not receiving the default SE Role in
Crossfire. This is almost always caused to your Okta account not being
added to the “XFIRE-SE” Okta group.
If you are having difficulty, please email xfire-support@fireeye.com. You
may be instructed to submit a ticket to Service Desk to request that they
add you to the appropriate Okta group.
These VMs will automatically power off after eight hours, and will
automatically be wiped after two weeks of inactivity.
If you’d like to have some persistent VMs of any operating system for
workshops or to build your own demo scenarios, please send an
email to xfire-support@fireeye.com and we can set you up.
8) Malware Barn
• Windows: CTRL-ALT-SHIFT
• Mac: Shift-Control-Command
Each lab provides you with individual storage space that can be shared
across all your Windows VMs. There are 2 ways to copy files in and out
of this shared space. For the first, bring up the proxy overlay by typing
Ctrl-Alt-Shift. Click the Shared Drive button below the clip board.
This will bring up a listing of the files in your storage area if any currently
exist.
To add files, click the "Upload Files" button, and select a file from your desktop. It will be added to the list. To download files from your lab storage
area, double click the file in the Shared Drive listing. This brings up a new overlay window in the lower right of your RDP session. Click the file in this
window and you will be prompted to download it.
This also highlights the second way to get files in and out. You can drag and drop a
file directly from your desktop into the Download folder on the G: drive. When
complete, the file will be moved up a level to appear under G:. Similarly, any file
dragged from within the VM to the Download folder will result in the File Transfer
box popping up which again allows you to download the file to your desktop.
File transfers into a Linux based VM are not currently supported. However VMs can
talk to each other so it is possible to transfer a file to a Windows VM and then to the
Linux VM using something like WinSCP.