Penetration Testing mailing list archives
Re: Using a Virtualized Pen Test Platform
From: "Kevin L. Shaw, CISSP, GCIH" <kshaw () eeenterprisesinc com>
Date: Wed, 21 Oct 2009 15:39:41 -0400
It's a pain to reboot, almost as much as it is to carry two machines to run some activities concurrently. I have read that several prominent penetration testers use VMs; and there is some information out there about booting one partition and running the second partition in a virtual machine instead of booting back and forth. I haven't heard of any reported problems with these - the only item of interest I know is of VM-aware malware that will shut itself off if you try to examine it inside a virtual machine; but this shouldn't affect you if you are performing that sort of work.
A friend of mine who works for RedHat swears by Xen; however you should probably test it yourself. One issue I have run into with any VM solution is the hardware may not support virtualization; I've had that problem with several Toshiba laptops. I know ESXi has pages dedicated to hardware compatibility lists.
Jon Kibler wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All, I have traditionally used a multi-boot Linux box as my pen-test platform. It has always had the disadvantage that I had to reboot into Windows to run some tools that seem to break under wine. For the past several months, I have been tinkering with using VMware Workstation as my base platform, so I can just switch VMs rather than having to reboot. So far, it seems to work pretty well. However, I am wondering if I am missing something that is broken by VMware that I have not yet detected. For example, does VMware break any of the packet crafters or other tools that do 'unusual' things, that may cause the packet to not traverse correctly from VMware to the outside target? What other issues do I need to be aware of? Also, is there any advantage or disadvantage of running Workstation vs. Server vs. ESXi as the underlying VMware system? What would be the advantages or disadvantages of running XEN? Does it have any issues as a pen test platform hypervisor? THANKS! Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-813-2924 s: 843-564-4224 s: JonRKibler e: Jon.Kibler () aset com e: Jon.R.Kibler () gmail com http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrd4DYACgkQUVxQRc85QlO60gCfT2sQ2gsBJo6vcSYIxPHtSA9U 8WgAn2dAPMxow+r0lx2ThokdjtX6o0+z =bmip -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Using a Virtualized Pen Test Platform Jon Kibler (Oct 21)
- Re: Using a Virtualized Pen Test Platform Joshua Gimer (Oct 21)
- Re: Using a Virtualized Pen Test Platform Kevin L. Shaw, CISSP, GCIH (Oct 21)
- Re: Using a Virtualized Pen Test Platform Dave Aitel (Oct 21)
- Re: Using a Virtualized Pen Test Platform Arjun Sambamoorthy (Oct 27)
- Re: Using a Virtualized Pen Test Platform Pete Herzog (Oct 27)
- Re: Using a Virtualized Pen Test Platform JoePete (Oct 27)
- <Possible follow-ups>
- Re: Using a Virtualized Pen Test Platform Claudio Criscione (Oct 27)