Re: Lab OS Choices

[M.B.Jr. <marcio.barbado () gmail com>]

See Peter,
since your mais concern (which, by the way, triggered this thread) are
operating systems,
I strongly recommend you to adopt and test SELinux-empowered Linux distros;
those OSs provide you with tons of security options for you to perform
sophisticated tests.

Moreover,
talking about hardware,
I recommend the Guidance EnCase appliance as well, which is a
fantastic piece of hardware focused on forensics.

Best,

On 8/15/07, Peter Manis <manis () digital39 com> wrote:
> As I have mentioned, I am buying some 2950s and I have gotten a few
> recommendations from people for a CCNA lab, but as far as the PIX and
> additional routers what should I work towards getting to have a good
> lab? Nothing immediate, but the end result.
>
> - PM
>
> On 8/15/07, Pete Herzog <lists () isecom org> wrote:
> > Hi,
> >
> > Over the last 6 years we have studied the differences of tests against
> > various platforms of virtual and real systems.  This has led us to making
> > the best possible test network we can for the OPST and OPSA certification
> > exams.  What we have found is that there is a large difference between them
> > on the network packet level but almost none on the application level
> > (although various application tests do rely on the encapsulating protocol
> > so YMMV).
> >
> > What's most important is the the tester's machine is NOT virtual.  Because
> > the low-level problems at packet level do multiply during testing multiple
> > systems.  However for a complete lab set up, make sure your virtual systems
> > are as close to the OS as possible- kernel level preferably, or else use
> > the real thing directly on metal. If you will only be doing application
> > tests, then it probably matters very little and go with your higher level
> > virtual machines.
> >
> > One final note, as Jerry mentions, make sure your network devices are real!
> >   Don't try to virtualize networking because it is very complicated and
> > will look very fake.  We tested virtual networks and virtual networking but
> > such systems could not handle team traffic (low-to-medium traffic) without
> > producing errors.  If you want to virtualize port forwards and simple hops,
> > you can et away with that between low-level virtualized machines but don't
> > try to duplicate anything else or else your error rate will compound and
> > make your analysis practically worthless.
> >
> > Sincerely,
> > -pete.
> >
> >
> > Shenk, Jerry A wrote:
> > > I've found a few tests that worked against virtual machines but did not
> > > work against real machines.  I agree, in most cases, there really is no
> > > difference.
> > >
> > > I also have some routers in my lab.  That way, I can set up egress
> > > filtering between the servers and the attackers in the lab.  That will
> > > help you get some realism about some things, particularly local exploits
> > > of machines inside the network (like an Exchange client attack).  I
> > > think that also increases your credibility when talking with
> > > clients...for example, "In the lab, we set up egress filtering...blah,
> > > blah, blah...and with the filtering enabled, the remote exploit of the
> > > Exchange client worked in that it crashed the client but it made it much
> > > more difficult to get to a command-prompt on that box."  That's not
> > > really part of the pen-test itself but the real goal of the pen-test is
> > > to make the network more secure and it definitely goes toward explaining
> > > to the client how to make their network more secure.
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------


-- 
Marcio Barbado, Jr.
==============
==============

"In fact, companies that innovate on top of open standards are
advantaged because resources are freed up for higher-value work and
because market opportunities expand as the standards proliferate."
Scott Handy
Vice President Worldwide Linux and Open Source, IBM

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------