Penetration Testing mailing list archives

Re: Lab OS Choices

From: Pete Herzog <lists () isecom org>
Date: Fri, 17 Aug 2007 11:34:13 +0200

I have found Xen to be quite capable and we are testing it currently in ourHackerHighschool (HHS) network (www.hackerhighschool.org) to see what kindof error rates it produces. So far, running 5 servers simultaneously, thepacket errors have only come from incompatibilities between it and thevirtual OS running on it so it's looking great! However I have not testedit as hosting the system to attack from.

Other choices besides Xen or making an install each time are Live BootDisks and BartPE for Windows, ghosting drives, or swappable drives. Youmay want to to try L4 as well but I think it may limit the OSes and thecapabilities you can install. The last VMWare we tested was 2 years ago Ithink, for HHS, and the error rate was very high. We had it running on arobust Linux server with 6 ethernet cards so each vhost had its own cardand 1 for accessing the Linux host. The set up itself took a LONG time as Ispent days in VMWare support forums troubleshooting the set-up. I wantedto make sure the packet loss was not our fault.

Just because something is sold as a solution for something doesn't mean itworks well for the job. Security auditors using virtual hosts to test fromare really screwed up. It means either they never noticed the packet lossor they never cared-- both tells you bad things about the auditor.


-pete.
www.isecom.org

Peter Manis wrote:

It just so happens I just converted about 90% of everything I own to
rackmount and put it in a 42U cabinet, every geeks dream right?

What are good choices for getting the OS as close to metal as
possible?  VMWare Workstation in Windows XP probably wouldn't be a
good choice, haha, but is VMWare server a good option? Last time I
looked at Xen it seemed that there were limitations as to what
versions of Linux you could run, I sure there is a work around though.
 Does the new virtualization technology in processors make a
difference as to how close different virtualization solutions can get
to a bare metal equivilent?

Thanks for the great information.


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

RE: Lab OS Choices, (continued)
- RE: Lab OS Choices Shenk, Jerry A (Aug 12)
  - Re: Lab OS Choices Peter Manis (Aug 12)
    - Re: Lab OS Choices Peter Manis (Aug 12)
    - RE: Lab OS Choices Shenk, Jerry A (Aug 13)
    - Re: Lab OS Choices Pete Herzog (Aug 15)
    - Re: Lab OS Choices Peter Manis (Aug 15)
    - Re: Lab OS Choices Pete Herzog (Aug 16)
    - Re: Lab OS Choices Peter Manis (Aug 15)
    - Re: Lab OS Choices Pete Herzog (Aug 16)
    - Re: Lab OS Choices Peter Manis (Aug 16)
    - Re: Lab OS Choices Pete Herzog (Aug 17)
    - Re: Lab OS Choices M . B . Jr . (Aug 17)
- Re: Lab OS Choices Nikhil Wagholikar (Aug 12)
- Re: Lab OS Choices Shaon Diwakar (Aug 12)
  - Re: Lab OS Choices Peter Manis (Aug 12)
  - Re: Lab OS Choices M . B . Jr . (Aug 15)
    - Re: Lab OS Choices Benjamin Anderson (Aug 15)
- Re: Lab OS Choices Shaon Diwakar (Aug 12)
- Re: Lab OS Choices Shaon Diwakar (Aug 13)
  - Re: Lab OS Choices Peter Manis (Aug 13)
- Re: Lab OS Choices Pete Herzog (Aug 16)

(Thread continues...)