Penetration Testing mailing list archives
Re: Using a Virtualized Pen Test Platform
From: Joshua Gimer <jgimer () gmail com>
Date: Wed, 21 Oct 2009 13:06:06 -0600
Jon I also use virtualization for a pen-testing platform and have for some time. The only issue that I would be aware of is your network interface configuration. You have the ability to setup your virtual interfaces in either a bridged or shared mode a lot of the time, the later of which performs Network Address Translation (NAT). If you were performing tests where you were either sending or sampling a large amount of traffic, there is a possibility that you could fill up your NAT tables which will have adverse consequences in terms of valid test results. -- Thx Joshua Gimer On Tue, Oct 20, 2009 at 10:07 AM, Jon Kibler <Jon.Kibler () aset com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All, I have traditionally used a multi-boot Linux box as my pen-test platform. It has always had the disadvantage that I had to reboot into Windows to run some tools that seem to break under wine. For the past several months, I have been tinkering with using VMware Workstation as my base platform, so I can just switch VMs rather than having to reboot. So far, it seems to work pretty well. However, I am wondering if I am missing something that is broken by VMware that I have not yet detected. For example, does VMware break any of the packet crafters or other tools that do 'unusual' things, that may cause the packet to not traverse correctly from VMware to the outside target? What other issues do I need to be aware of? Also, is there any advantage or disadvantage of running Workstation vs. Server vs. ESXi as the underlying VMware system? What would be the advantages or disadvantages of running XEN? Does it have any issues as a pen test platform hypervisor? THANKS! Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-813-2924 s: 843-564-4224 s: JonRKibler e: Jon.Kibler () aset com e: Jon.R.Kibler () gmail com http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrd4DYACgkQUVxQRc85QlO60gCfT2sQ2gsBJo6vcSYIxPHtSA9U 8WgAn2dAPMxow+r0lx2ThokdjtX6o0+z =bmip -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Using a Virtualized Pen Test Platform Jon Kibler (Oct 21)
- Re: Using a Virtualized Pen Test Platform Joshua Gimer (Oct 21)
- Re: Using a Virtualized Pen Test Platform Kevin L. Shaw, CISSP, GCIH (Oct 21)
- Re: Using a Virtualized Pen Test Platform Dave Aitel (Oct 21)
- Re: Using a Virtualized Pen Test Platform Arjun Sambamoorthy (Oct 27)
- Re: Using a Virtualized Pen Test Platform Pete Herzog (Oct 27)
- Re: Using a Virtualized Pen Test Platform JoePete (Oct 27)
- <Possible follow-ups>
- Re: Using a Virtualized Pen Test Platform Claudio Criscione (Oct 27)