Re: Ideas for studentes

[Brian Laing <brian () redseal net>]

Vmware is a great way to setup services, even decent sized networks.   
You can create 1 vmware that has a software based firewall, software  
routers, and servers.  These can all be built at various stages of  
the lab work you want to put together.  You can also do this with  
light weight vm's.  You dont need to create vmware images with gigs  
of ram.  Most of the services that have been mentioned will run on a  
gig or less of ram allocated to each vm.
--------------------------------------------------------------------
Brian Laing
Chief Security Officer
Cellphone:  +1 650.280.2389
Office:     +1 (888) 845-8169 Ext. 805
Email: brian () redseal net

Redseal Systems – http://www.redseal.net

Instant Visibility.  Threats Averted.
-------------------------------------------------------------------




On Oct 1, 2007, at 4:01 PM, Iwekani Mukoma wrote:

> Any idea on how virtual labs could be set up using VMware or others  
> virtualization applications? This could be another approach to  
> learning
>
> Brian Laing wrote:
> > I second the recommendation of groups setting up solutions such as  
> > described below.  Depending on what your lab looks like you also  
> > want to look at configuration analysis.  This can cover simply  
> > getting firewalls and routers setup, but also go deeply into  
> > secure setup, auditing policy, common pitfalls, etc.  I have done  
> > this in the past with great success.
> >
> > These types of setups do not typically get finished in under 30  
> > hours.  So what I do is chain the labs together.  So day 1 they  
> > setup and audit the firewall.  For day two your lab setup is  
> > getting all previous components up and running.  This works very  
> > well specially when trying to illustrate how an end to end network  
> > needs to be setup.
> > --------------------------------------------------------------------
> > Brian Laing
> > Chief Security Officer
> > Cellphone:  +1 650.280.2389
> > Office:     +1 (888) 845-8169 Ext. 805
> > Email: brian () redseal net
> >
> > Redseal Systems – http://www.redseal.net
> >
> > Instant Visibility.  Threats Averted.
> > -------------------------------------------------------------------
> >
> >
> >
> >
> > On Oct 1, 2007, at 9:21 AM, Nick Vaernhoej wrote:
> >
> > > Good morning,
> > >
> > > How about setting the students up in groups of three and give  
> > > them each
> > > a task. One installs Nessus, one installs Snort and one installs
> > > smoothwall on a box with httpd enabled and maybe sshd and similar  
> > > easily
> > > enabled services.
> > >
> > > Then hook them up to a switch allowing for port mirroring or an  
> > > old hub.
> > > Initiate a Nessus scan against the firewalled box running the  
> > > accessible
> > > services and see what Snort spews out.
> > >
> > > That could be set up with a lot of defaults and plenty of  
> > > challenges for
> > > any level of student.
> > >
> > > However if it has to be completed in three hours and can't span  
> > > multiple
> > > days this may take too long :)
> > >
> > > Nick Vaernhoej
> > > "Quidquid latine dictum sit, altum sonatur."
> > >
> > >
> > > -----Original Message-----
> > > From: listbounce () securityfocus com  
> > > [mailto:listbounce () securityfocus com]
> > > On Behalf Of Juan B
> > > Sent: Monday, October 01, 2007 7:38 AM
> > > To: security-basics () securityfocus com
> > > Subject: Ideas for studentes
> > >
> > > Hi,
> > >
> > > I am instructor of a class of students which are
> > > learning info security. each week the students have 3
> > > hours of lab to install a security product. im looking
> > > for ideas of products to install, it could be open
> > > source like iptables, snort or windows applications
> > > etc, I need simple installation so It wont get to
> > > complicated to the studnets. they know linux very
> > > basically.
> > >
> > > can you send me ideas of products to install? it shoud
> > > be products related to security.
> > >
> > > thanks a lot !
> > >
> > > Juan
> > >
> > >
> > >
> > > ____________________________________________________________________ 
> > > ____
> > > ____________
> > > Tonight's top picks. What will you watch tonight? Preview the  
> > > hottest
> > > shows on Yahoo! TV.
> > > http://tv.yahoo.com/
> > >
> > >
> > > This electronic transmission is intended for the addressee (s)  
> > > named above.=
> > >  It contains information that is privileged, confidential, or  
> > > otherwise prot=
> > > ected from use and disclosure. If you are not the intended  
> > > recipient you are=
> > >  hereby notified that any review, disclosure, copy, or  
> > > dissemination of this=
> > >  transmission or the taking of any action in reliance on its  
> > > contents, or ot=
> > > her use is strictly prohibited. If you have received this  
> > > transmission in er=
> > > ror, please notify the sender that this message was received in  
> > > error and th=
> > > en delete this message.=0A=
> > > Thank you.