Security Basics mailing list archives
Re: Lab setup for security learning
From: Robert Larsen <robert () the-playground dk>
Date: Sun, 14 Jan 2007 22:58:34 +0100
Ankur Jindal wrote:
Hello all Me and a couple of friends wish to set up a lab of our own for learning network security. I'd like some suggestions about the setup of the lab with respect to a) The number of machines (We only have 3)
3 is fine, but you could increase this to any number using virtual machines. Install VMWare (http://en.wikipedia.org/wiki/Vmware), User Mode Linux (http://en.wikipedia.org/wiki/User-mode_Linux) or XEN (http://en.wikipedia.org/wiki/Xen). That also makes it easy to test different setups and revert to earlier snapshots (post install, post configuration, etc.).
b) Networking components (we have a 4 port switch and a 4-port hub)
A switch with a monitor port for sniffing could be useful...or that hub. Depends on what you want to do. The hub sends out all packets to all connected machines which makes it easy to sniff but if you want to play with overflowing the arp tables in the switch that's what you'll need. For playing with intrusion any will probably do just fine.
c) OS/Softwares (Win XP, Fedora Core 2, Backtrack (for all testing), windows disassemblers etc.)
Depends on how skilled you are. If you are beginners start with an old version of some Linux distribution or Windows version with known problems. I like Backtrack for performing attacks and forensics...has nearly everything you need. Disassembling is (in my opinion) for advanced users only...or those who want to be advanced :-) IDA Pro is probably the best disassembler out there.
d) Setup architecture (both physical and software)
Go with a realistic setup. Firewall with a couple of servers behind (web, database, dns, whatever). The firewall will also be a great place to hook up a sniffer to see your attacks. Maybe also a Snort machine. Good luck --------------------------------------------------------------------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect ---------------------------------------------------------------------------
Current thread:
- Lab setup for security learning Ankur Jindal (Jan 12)
- Re: Lab setup for security learning Matt Coffman (Jan 15)
- Re: Lab setup for security learning gjgowey (Jan 15)
- Re: Lab setup for security learning Francois Yang (Jan 15)
- Re: Lab setup for security learning Ankur Jindal (Jan 15)
- Re: Lab setup for security learning Francois Yang (Jan 15)
- Re: Lab setup for security learning Morgan Reed (Jan 16)
- Re: Lab setup for security learning Ankur Jindal (Jan 15)
- Re: Lab setup for security learning Johnny Wong (Jan 15)
- Re: Lab setup for security learning Kamchybek Jusupov (Jan 15)
- Re: Lab setup for security learning Robert Larsen (Jan 15)
- <Possible follow-ups>
- Re: Lab setup for security learning kenneth . buckler (Jan 15)
- Re: Lab setup for security learning davestout (Jan 15)
- Re: Lab setup for security learning bardotherevolting (Jan 16)
- Re: Lab setup for security learning Ankur Jindal (Jan 17)
- Re: Lab setup for security learning Matt Coffman (Jan 15)