Penetration Testing mailing list archives
Re: Lab OS Choices
From: Pete Herzog <lists () isecom org>
Date: Thu, 16 Aug 2007 22:17:25 +0200
Hi,
It's official, I have a lot to learn about networking, haha
Does the learning ever stop? Take a look at the OPRP sometime (http://www.isecom.org/oprp) and you'll see there's so much about networking to possibly know!
When you mention making sure the OS is as close as possible are you speaking about the guest to the host, or the tester's machine and the victim VM?
Yes, OS to bare metal. VMs are getting closer to the metal though- L4 and Xen are great examples especially now that they are integrated into the kernel. Watching OpenTC unfold, (opentc.net) you see the work behind the virtualization of an OS to make it more secure which means to add layers of abstraction.
If you are using physical network hardware with virtual machines will the lack of the physical machines effect any of the tests?
I'm confused by what you mean with "physical network hardware". If you mean routers running virtual machines- like vlans- I think those are legitimate tools in a network and should be tested with. If you mean running router software virtually on a server then the answer is maybe. I haven't tested it. But based on previous tests, the problem has always been the amount of layers of abstraction that packets need to get through to produce the packet. This is one of the major problems with high level OSes and a small part of why Linux or *BSD make great OSes to test from.
You mention not virtualizing the network, can using one of the Cisco IOS emulators like dynamips have any benefit? I guess it is the same thing as virtualizing, but in a situation like mine where I don't have access to 9 models of Cisco. Would it work well enough to learn a little about attacking the various models? I am looking at a buying 1 or 2 Cisco 2950s and a router (any recommendations on model?) to work with, but I am a programmer so I would not be around any other models very often.
Do what you have to do to learn. The real problem is when virtualization is used to study real-world responses. That's like using an ant farm in a box to study how ants interact in the real world. Sure it's educational and you'll get to see some things that you normally can't see underground, but don't pretend it's the same as the hostile and so-complex-as-to-appear-unpredictable world we live in.
-pete. www.isecom.org ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Lab OS Choices Peter Manis (Aug 11)
- Re: Lab OS Choices Deepak Parashar (Aug 12)
- RE: Lab OS Choices Shenk, Jerry A (Aug 12)
- Re: Lab OS Choices Peter Manis (Aug 12)
- Re: Lab OS Choices Peter Manis (Aug 12)
- RE: Lab OS Choices Shenk, Jerry A (Aug 13)
- Re: Lab OS Choices Pete Herzog (Aug 15)
- Re: Lab OS Choices Peter Manis (Aug 15)
- Re: Lab OS Choices Pete Herzog (Aug 16)
- Re: Lab OS Choices Peter Manis (Aug 15)
- Re: Lab OS Choices Pete Herzog (Aug 16)
- Re: Lab OS Choices Peter Manis (Aug 16)
- Re: Lab OS Choices Pete Herzog (Aug 17)
- Re: Lab OS Choices Peter Manis (Aug 12)
- Re: Lab OS Choices M . B . Jr . (Aug 17)
- <Possible follow-ups>
- Re: Lab OS Choices Shaon Diwakar (Aug 12)
- Re: Lab OS Choices Peter Manis (Aug 12)
- Re: Lab OS Choices M . B . Jr . (Aug 15)
- Re: Lab OS Choices Benjamin Anderson (Aug 15)