Penetration Testing mailing list archives

RE: Penetration Testing Lab Setup

From: "Discussion Lists" <discussions () lagraphico com>
Date: Thu, 6 Mar 2003 10:51:04 -0800

Hi Indian Tiger,
I have had really good luck with VMWare.  It is great for setting up
various Linux/Windows platform configurations, and saving them, then
re-using them later.  You will need a LOT of HD space, and a TON of RAM
for them though if you plan on setting up anything complex.  I have been
able to set up entire company networks including (believe it or not)
firewalls, mail servers, clients even home-grown routers (of the linux
flavor).  I can set those machines so that they have restore points, so
that anything I do to them can be undone.  If you run out of RAM on the
host machine, you just get another host machine and start running more
virtual machines on it.  Stick them all on a hub, and set up a separate
"test machine" on the same hub with all of your penn-test tools, and
start hammering away.

-----Original Message-----
From: Indian Tiger [mailto:indiantiger () mailandnews com] 
Sent: Wednesday, March 05, 2003 10:59 PM
To: pen-test () securityfocus com
Subject: Penetration Testing Lab Setup
Importance: High

Hi All,

My management asks me to give detailed requirements for 
Penetration Testing 
lab setup. Same Lab I would like to utilize for Computer 
Crime Investigation 
as well. Currently we are following OSSTMM as baseline for 
Penetration 
Testing.

Any suggestions, comments highly appreciated.
Thanking You.

Sincerely,

Indian Tiger, CISSP

--------------------------------------------------------------
--------------

Are your vulnerability scans producing just another report? 
Manage the entire remediation process with StillSecure VAM's 
Vulnerability Repair Workflow. Download a free 15-day trial: 
http://www2.stillsecure.com/download/sf_vuln_l> ist.html


----------------------------------------------------------------------------

Are your vulnerability scans producing just another report?
Manage the entire remediation process with StillSecure VAM's
Vulnerability Repair Workflow.
Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html

Current thread:

Penetration Testing Lab Setup Indian Tiger (Mar 06)
- Re: Penetration Testing Lab Setup Don Bailey (Mar 06)
- Re: Penetration Testing Lab Setup Jorge Lozano (Mar 07)
- <Possible follow-ups>
- RE: Penetration Testing Lab Setup Discussion Lists (Mar 06)
  - RE: Penetration Testing Lab Setup - VMWare disciple (Mar 07)