[Workshop] MI-LXC (Mini-Internet testbed) for network security training and security tools demonstration
2022-07-05, 14:00–17:00 (Europe/Paris), Workshop Room

MI-LXC is a platform to simulate an internet-like environment (BGP routing, DNS hierarchy, several organizations, pre-configured services such as mail with graphical clients, ...), currently composed of 28 hosts distributed in 10 AS. It can be used for network security training and can also serve as a substrate to deploy and demonstrate network security tools. It is based on LXC using the infrastructure-as-code principle and runs as a VM on a standard laptop.

Organization note: registration to the workshop will be done directly on-site during the event. Nothing to do on-line.

During this workshop, we will explore the MI-LXC platform. First, we will see how to use it to illustrate MitM attacks such as BGP or DNS attacks, to deploy a global ACME Certification Authority (Smallstep), to simulate a phishing and intrusion scenario (reverse-shell, nmap, ...) or to deploy IDS sensors (Suricata, OSSEC, Prelude SIEM). Second, we will study how to extend this skeleton architecture to deploy, demonstrate and train in other network security tools by adding new hosts or AS or modifying existing ones.

MI-LXC is available at and this workshop will be more-or-less based on the tutorial :

Prerequisites for this workshop

The workshop will run on a pre-configured Virtual Machine of MI-LXC v1.4.2. Attendees thus need :

Maximum of 15 participants.

See also: slides

François Lesueur is an Associate Professor at Université Bretagne Sud (Vannes, France) where he teaches network and digital security. He is particularly interested in security of distributed/federated systems and fights for an empowering security rather than an enslaving one.