RE: Lab leads??

["Greg Rice" <grice () iastate edu>]

Dan Ragsdale and a few others have put together a nice lab for students
at West Point.  In the lab they actually carry out attack-defend
situations, etc.  Check out their paper online at:

http://www.itoc.usma.edu/Documents/IWARLab.pdf

Hope this helps - greg

> -----Original Message-----
> From: 'ken'@FTU [mailto:franklin_tech_bulletins () yahoo com] 
> Sent: Tuesday, October 16, 2001 10:02 PM
> To: pen-test () securityfocus com
> Subject: Lab leads??
>
>
> Hello,
>
> I'm looking to set up a lab of about 30 host to simulater an 
> Internet/DMZ/Intranet.
>
> Does anyone have any sources (papers) or ideas that might 
> help? Here are 
> a few parameters:
>
> Lab must contain various OS'es.
> Lab must be able to be very easily configurable to create and 
> demonstrate holes and how to patch them. (But then recreate 
> the hole to 
> demonstrate the weakness again to another set of people.)
> The holes must be at the network, os and application levels.
>
> One idea I had is to create images of servers known to have holes, 
> demonstrate the exploit, patch the hole, show it is fixed and then 
> reimage the disk with the old hole. The imaging trick should 
> work with 
> different OS's as well. What do you think?
>
> Thanks in advance.
>
> 'ken'
>
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security 
> Intelligence Alert (SIA) Service. For more information on 
> SecurityFocus' SIA service which automatically alerts you to 
> the latest security vulnerabilities please see: 
https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/