RE: Suggested lab materials/systems/setup?

[<glemmon () onealwebster com>]

I use vmware quite a bit and have several base (no configurations, no SPs, no
Hotfixes) images on an external usb hard drive which I just copy to the
machines and boot into depending on what I am doing. I have a P4, 1Gb RAM
which I usually use to run 2 or 3 guest Oses, one compaq 7360 (or something
like that) my firewall and my laptop; 2.8GHz proc, 2GB RAM and a 60Gb hdd
(this I use when I am away from the home lab mostly). Thinking of expanding -
getting me some cisco stuff etc.

Gregory

-----Original Message-----
From: Mike Sweeney [mailto:mikesweeney () packetattack com] 
Sent: Sunday, July 10, 2005 7:45 PM
To: Erin Carroll
Cc: pen-test () securityfocus com
Subject: Re: Suggested lab materials/systems/setup?

VMware is king in my lab. I use a P4 3Ghz with 2 gig of RAM and it just works
well. The newest 5.0 workstation is very stable. I used version 4.x in my
book and I had SuSE, Redhat, Fedora C1 and C2, Slackware and FreeBSD all
running on VMware, sometimes multiple images running concurrently.  On the
Windows side, I have an image of Windows 2003 running the Cisco 3.x Secure
Server for RADIUS/TACACS+ work.

I also recycled an old Cisco 4230 IDS unit into a test box. It's a dual P3
500 and works pretty well aside from it weighs a ton to move around being a
4U rack mount box.

For firewalls, I have different IP table scripts to load, a PIX501 and a
m0n0wall router on a WISP card(kicks ass). I have two access points, Cisco
340 and a hacked Linksys. Various switches and hubs laying around.

Workstations are a few different intel laptops, my compaq 700M is a fav even
though it's only a PIII/800 but it has swappable drives. I have several
drives preloaded with different OSs. in a lab, that is very handy and it's
handy onsite. I just recently picked up a iMacG5 which I love and I've been
using for my daily stuff. Pretty front end and BSD based backend.. you gotta
love it.

Imaging server?  no way dude ;)  A firewire/USB2 external drive with Acronis
TrueImage works fine and is ALOT cheaper :) I use it on both Wintel and the
Linux boxen. I have not tried it on the Mac but then Carbon Copy Cloner works
fine for Tiger when run from a command line.

I should mention that a switch that supports real VLANs is very handy to mock
up a network of different subnets etc. I say real VLANs only  
because some switches claim they do VLANs but cheeseout on the   
details. A brand "D" switch does vlans but you can not mirror the VLAN, only
a port in the VLAN which kind of sucks at times. Maybe the newer ones are
better but I just bought a used Cisco 2900 series and called it done.

Mike Sweeney
____________________________________

mikesweeney () packetattack com
www.packetattack.com
Home of "Network Security using Linux"

Office 714.637.4235



On Jul 10, 2005, at 3:42 PM, Erin Carroll wrote:

> All,
>
> I'm in the process of setting up a pen-test lab environment of several 
> servers running various OS flavors (both Windows & BSD/*nix) along 
> with a netscreen-10 firewall and cisco 3825 to use as the lab router. 
> What do other list members use for their lab environments and what 
> suggestions/ issues have you encountered? I'm just using equipment I 
> have laying around but would be interested in hearing about other lab 
> setups to get some ideas (or excuses to go shopping) on what else I 
> can utilize for pen-testing practice.
>
> I'm definitely going to set up an imaging server (jumpstart &
> Altiris) to
> make changing things around less painful but I've also considered 
> Vmware on the hosts. Basically I'm curious as to what you all use to 
> practice pen-testing to keep the skills sharp when not "on the job".
>
> Thanks!
> --
> Erin Carroll
> "Do Not Taunt Happy-Fun Ball"