Re: Intro To Hacking

["randori ." <randori82 () hotmail com>]

There's a good (discontinued) book by Ed Skoudis out there, The Hack 
Counter-Hack Training Course: A Desktop Seminar.  This books gives detailed 
setup procedures for creating your own physical lab for sec research.

My suggestion though, as others have pointed out, is the use VMWare or the 
like for your test environment.  It's a very powerful and safe way to test 
security on different systems without having to worry about hardware 
(besides a beefy machine to run it vmware on).

Hope this helps.

          Andre Derek Protas
Security Engineer | Electus Solutions
      www.electussolutions.com


> From: Barrie Dempster <barrie () reboot-robot net>
> Reply-To: barrie () reboot-robot net
> To: security-basics () securityfocus com
> Subject: Re: Intro To Hacking
> Date: Tue, 19 Oct 2004 09:55:54 +0100
> MIME-Version: 1.0
> Received: from outgoing2.securityfocus.com ([205.206.231.26]) by 
> mc4-f12.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Tue, 19 Oct 2004 
> 20:03:59 -0700
> Received: from lists.securityfocus.com (lists.securityfocus.com 
> [205.206.231.19])by outgoing2.securityfocus.com (Postfix) with QMQPid 
> 1CE8414377A; Tue, 19 Oct 2004 16:02:39 -0600 (MDT)
> Received: (qmail 23279 invoked from network); 19 Oct 2004 02:50:33 -0000
> X-Message-Info: JGTYoYF78jEomd08prOQKqyitlHcuvli
> Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm
> Precedence: bulk
> List-Id: <security-basics.list-id.securityfocus.com>
> List-Post: <mailto:security-basics () securityfocus com>
> List-Help: <mailto:security-basics-help () securityfocus com>
> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com>
> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com>
> Delivered-To: mailing list security-basics () securityfocus com
> Delivered-To: moderator for security-basics () securityfocus com
> In-Reply-To: <BD996EBF.C5A7%greg () sixx com>
> References: <BD996EBF.C5A7%greg () sixx com>
> Message-Id: <1098176154.7155.48.camel () www bsrf org uk>
> X-Mailer: Evolution 2.0.2 Return-Path: 
> security-basics-return-30657-randori82=hotmail.com () securityfocus com
> X-OriginalArrivalTime: 20 Oct 2004 03:03:59.0350 (UTC) 
> FILETIME=[71F1E160:01C4B651]
>
> There have been a few concerns on this thread about the placement of a
> development/insecure staging box on a production LAN.
> I usually suggest that people intending to do development use a virtual
> server environment that allows creation of virtual LANs, this way you
> can keep the development box off your main network and still play with
> it.
>
> I personally use MS virtual Server 2005[1], solely because it's cheaper
> for me than the offerings by vmware[2] but it does the job extremely
> well. (I also don't yet know of any OSS alternative for this that
> provides the same features). I'd suggest either MS Virtual Server or one
> of the vmware systems (>workstation). I believe you can trial each of
> the systems listed to see if they fit your needs. Having the ability to
> build and run lots of OS's and networks on one machine makes
> testing/playing a breeze as it saves you having a pile of hardware
> running or unnecessary un-patched systems in your production
> environment.
>
> [1]http://www.microsoft.com/windowsserversystem/virtualserver/default.mspx
> [2]http://www.vmware.com/products/
>
> Kind Regards to all.
> --
> Barrie Dempster (zeedo) - Fortiter et Strenue
>
>   http://www.bsrf.org.uk
>
> [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]
> << signature.asc >>

_________________________________________________________________
Don’t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/