Penetration Testing mailing list archives

Re: Attack Server

From: "phillip () bailey st" <phillip () bailey st>
Date: Wed, 08 Sep 2010 20:55:50 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Check this,

http://blog.metasploit.com/2010/05/introducing-metasploitable.html

Phillip


On 09/08/2010 05:04 PM, Kurt M. John wrote:

Hey Guys,

I got another one for you. I'm looking to create a combination
attack/testing server. The idea here is to have a server than can
perform remote analysis and attacks (and perform such services as tftp).
The server will also double as a testing server. Ideally I'd like to
have a few VMs on there such as Damn Vulnerable Linux (for training) and
Windows Server 2003 (for fine-tuning attacks before launching it against
client systems).

Currently the server has the following hardware specs: 4gigs of ram and
1TB of space. 

If you guys have any suggestions or links/documents which offer a good
setup for what I described that would be great.

Initial software I'm thinking includes:

Windows Server 2003 
VMWare Workstation     
      Helix     Backtrack4     Damn Vulnerable Linux     Windows XP, 7 


Thanks Guys

Kurt M. John, CISA, C|EH, CPT
http://www.applisoft.net





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------



- -- 
(Spsa) Snorby Preconfigured Security Application:
http://bailey.st/blog/snorby-spsa/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJMh9wyAAoJENNBJKHbaDgTIX0H/087iLoruD9QvjYV2ns6z3oq
+QyFI4pQcEViYqKi2Kbz4hj2lRfxt3yudlhVZXSWGFzmvlprQjB18pUyRKiS4fFy
QTXOkVnDiISWI5IslamoTVatZxjDL40n7qz6Gp5s56Tefz/Ufy/9JYhJvBkcbAl3
5EbbPXFcFBXis7zDuZxJTKj0TqfkPmeaFl1CQGmuo97vvwTIvP679ggwbPVE07HT
H+7QyKSNR6UkIb/rlCLBEUF8tqKuEsUrLLSxVJU42mpXInrIcnjXDoMrf6lz9dec
MusLjz5TX+CERCeHO6SeAEr+uNN12076DCkqUniNdCsera0+eqCdiMxNRWHV4HY=
=XM72
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Attack Server Kurt M. John (Sep 08)
- Re: Attack Server Robin Wood (Sep 08)
  - RE: Attack Server Kettlewell, Nate (Kansas City) (Sep 08)
- Re: Attack Server TAS (Sep 08)
  - Re: Attack Server Terry M (Sep 08)
- Re: Attack Server phillip () bailey st (Sep 08)