Penetration Testing mailing list archives
Re: Lab leads??
From: H D Moore <hdm () secureaustin com>
Date: Thu, 18 Oct 2001 16:26:24 -0500
On Tuesday 16 October 2001 10:02 pm, franklin_tech_bulletins () yahoo com wrote:
Hello,
[ snip ]
One idea I had is to create images of servers known to have holes, demonstrate the exploit, patch the hole, show it is fixed and then reimage the disk with the old hole. The imaging trick should work with different OS's as well. What do you think?
My company uses stacks of nice dual-proc rackmount machines each running linux with 5 VMWare images. Managing the system is trivial via Xvnc and SSH tunnels, images are stored locally in compressed format and on CD. For the other 10% of targets that need special hardware (solaris sparc, hpux, etc) we just make a backup image of their drives and restore as needed. -- H D Moore http://www.digitaldefense.net - work http://www.digitaloffense.net - play ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Lab leads?? 'ken'@FTU (Oct 17)
- Re: Lab leads?? Alex Butcher (pentest) (Oct 17)
- Re: Lab leads?? Matthew Leeds (Oct 18)
- RE: Lab leads?? Greg Rice (Oct 18)
- Re: Lab leads?? Don Bailey (Oct 18)
- Re: Lab leads?? H D Moore (Oct 18)
- Re: Lab leads?? Alex Butcher (pentest) (Oct 17)