setting up an insecure box

[Rob Berk <rberk11 () yahoo com>]

Hi,

I am a software developer with a newfound interest in computer security. Inspired by a chapter from "Stealing the 
Network", I would like to set up an unpatched box to observe and try to learn from- monitor the traffic, try to reverse 
engineer any malware it gets.. I have a few questions- 
1) is this realistic?  will setting up an unsecure older box on my home network actually attract any malicious code or 
people?
2) what software configuration would work best for this?  in the book, the (fictional) character sets up a box with 
windows 2000 and IIS5, and catches the new worm within a few minutes, but the book is a few years old.. would I want to 
use an unpatched windows server 2003 with IIS6?  

Also, any other suggestions are very much welcome.  Thanks!

R



      


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------