Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Lab leads??

From: "'ken'@FTU" <franklin_tech_bulletins () yahoo com>
Date: Tue, 16 Oct 2001 23:02:17 -0400
Hello,
I'm looking to set up a lab of about 30 host to simulater an Internet/DMZ/Intranet.
Does anyone have any sources (papers) or ideas that might help? Here are a few parameters: 

Lab must contain various OS'es.
Lab must be able to be very easily configurable to create and demonstrate holes and how to patch them. (But then recreate the hole to demonstrate the weakness again to another set of people.) 
The holes must be at the network, os and application levels.
One idea I had is to create images of servers known to have holes, demonstrate the exploit, patch the hole, show it is fixed and then reimage the disk with the old hole. The imaging trick should work with different OS's as well. What do you think? 

Thanks in advance.

'ken'


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: