RE: setting up a lab

["Erin Carroll" <amoeba () amoebazone com>]

Michael,

I know that several people will suggest virtualization which is definitely
one way to go. While I do use some virtualization I tend to try to keep my
lab setup as close to "real" as possible; both to minimize any possible
network stack oddness with some VM bridging mechanisms as well as allow for
kernel-level and related testing which doesn't play well with VM's. This
kind of setup can be done fairly cheaply as well if you have several old
systems & hard drives laying around and is extremely flexible. Maybe this
will provide some ideas for you or other list members.
 
My home lab consists of the following:

Workstations:
- 2 hardware identical workstations with removable hard drive caddies set as
boot device. This allows for swapping out OS as desired. Currently have
installs for Solaris x86, various Linux & BSD distros, Win 2k, XP, Vista,
2k3 & 2k8 server... in 32 and 64-bit variants for each. Grub or LILO is your
friend here to maximize OS flexibility while reducing # of hard drives (and
cost) to juggle. Both systems have NICs and wireless so I can adjust to
testing scenario.

- LaCie 2TB NAS. Repository for tools, application configs & setups, OS
images. 100+ gigs of rainbow tables, brute force dictionaries & related
cracking, tftp drop for various Cisco router configs.

- Laptop for "attacker" launchpad

Network:
- Cisco 2610 router

- Dual-NIC'd workstation for non-Cisco router emulation, inline active or
passive sniffing usage, IDS/IPS/FW emulation, etc.

- Dual broadband connections (Comcast, FiOS)

- Linksys 4-port hub, several Wireless routers & misc wi-fi
USB/dongles/cards


Aside from the Cisco router & NAS (and dual broadband providers... I have
issues :)), anyone with some spare hardware laying around could easily setup
a nice little lab similar to this with minimal investment.

In my lab I can quickly emulate 3-tiered web/appserv/db infrastructures or
other attack scenarios without bringing boxes to their knees with lots of VM
resource overhead or management. Oh, and if you go this route with your own
lab invest in a really good power solution. I love my APC AP7931 but they
are not cheap
(http://www.apc.com/resource/include/techspec_index.cfm?base_sku=AP7931)



--
Erin Carroll
Moderator, SecurityFocus pen-test mailing list
amoeba () amoebazone com
"Do Not Taunt Happy-Fun Ball"





-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Michael Kitange
Sent: Sunday, September 07, 2008 10:07 AM
To: pen-test () securityfocus com
Subject: setting up a lab

hi guys,
i am looking for tips on creating my own pen-test lab. i've got two
computest. one xp and the other one zenwalk. i've got a router
(d-link) and an internet connection on the router.
i'd also like to know what tools should i use to test and some good
vulnerable servers. i'm currently downloading backtrack3.
thanks for help in advance.

-- 
Sent from Gmail for mobile | mobile.google.com

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

No virus found in this incoming message.
Checked by AVG - http://www.avg.com 
Version: 8.0.169 / Virus Database: 270.6.18/1658 - Release Date: 9/7/2008
3:30 PM


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------