Security Basics mailing list archives

Re: Lab setup for security learning

From: davestout () hotmail com
Date: 15 Jan 2007 13:07:28 -0000

Hi Ankur,

I would suggest you start with the following based on the fact this is a learning enviroment.

I would designate one machine as an attacker, one machine as a target and one host as an IDS to monitor what is
happening.

Host machine - Being able to use something like VMware to allow different operating systems to run would be an
advantage here but is not necessary. Set this host up to provide a web server, a database, an FTP server and possibly
something like a DNS server. You could try to exploit these services by using outdated versions and comparing them to
the latest versions. This would help to show historical issues with a service that may be still out in the wild. You
may also want to investigate the use of a Honeypot on this host depending on what you want to see.

Intrusion Detection Host - Set it up with an easy to use IDS like Snort to begin with. You should also install a simple
to use network sniffer like Ethereal and use it to capture all network traffic for analysis.

Attacker - Load this up with some simple tools to start with. Nessus, X-Scan, NMAP etc. Start off by using recon tools
to learn information about your target before trying to exploit any services as would theoretically happen in a
targeted attack in the wild.

If there are a few you you involved a good challenge would be for one person to setup the host machine how they want it
and then let the others scan, fingerprint and exploit it. At the end compare notes and see if you manage to "capture a
flag" or were way off.

Hopefully after you have run through these simple steps you would have a much better idea on what to look for and what
you want next. Remember that if you are looking at this from a network security standpoint, then please do not focus
all your time trying to hack the host machine .... spend some quality time reading the IDS logs and network captures as
these will teach you more than just sitting at the attacking host.

Hope that helps to get you started.

Dave

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

Current thread:

Re: Lab setup for security learning, (continued)
- Re: Lab setup for security learning Matt Coffman (Jan 15)
  - Re: Lab setup for security learning gjgowey (Jan 15)
- Re: Lab setup for security learning Francois Yang (Jan 15)
  - Re: Lab setup for security learning Ankur Jindal (Jan 15)
    - Re: Lab setup for security learning Francois Yang (Jan 15)
    - Re: Lab setup for security learning Morgan Reed (Jan 16)
- Re: Lab setup for security learning Johnny Wong (Jan 15)
- Re: Lab setup for security learning Kamchybek Jusupov (Jan 15)
- Re: Lab setup for security learning Robert Larsen (Jan 15)
- Re: Lab setup for security learning kenneth . buckler (Jan 15)
- Re: Lab setup for security learning davestout (Jan 15)
- Re: Lab setup for security learning bardotherevolting (Jan 16)
  - Re: Lab setup for security learning Ankur Jindal (Jan 17)