Penetration Testing mailing list archives

Re: Lab OS Choices

From: Shaon Diwakar <shaon.diwakar () yahoo com au>
Date: Sat, 11 Aug 2007 16:58:05 -0700 (PDT)

Hi Peter,

This issue has been discussed on the list a few times, so you might find some great advice from looking in the archives 
as well...

I would recommend having a base desktop build with what ever OS you are comfortable (GNU/Linux, Windows or even MacOSX) 
and using VMWare Server or Parallels images.

There are some good virtual machine appliances available on the VMWare site, which should save you the time of creating 
images yourself. You can then practise your pen testing techniques against these. I've even used Backtrack Linux in a 
VM - and all but the wireless & bluetooth tools work well (though, you might get some port scanning issues out of VM's 
depending on your config, since the virtual ethernet adapter NAT's packets). Having a dual booting laptop is also great 
for learning wireless pen testing etc.

So I'd say its easiest to have a few desktops and a nice stable server to host your virtual machines on.

The most important thing is your Internet connection, its worth devoting time to researching the technology you wish to 
use and the hardware to support that - ADSL2+ if available, should be great, but be vary of those SOHO routers - some 
do not seem to deal with large volumes of exotic port scans well. In my experience you'd probably have less headaches 
if you purchase something which is more configurable e.g. a Cisco 800 series or similar within your budget?



----- Original Message ----
From: Peter Manis <manis () digital39 com>
To: pen-test () securityfocus com
Sent: Sunday, 12 August, 2007 8:40:25 AM
Subject: Lab OS Choices

I am new to the world of pen testing and am working on building a lab.
 What operating systems and versions do you recommend for a good all
around lab.  Windows of course is a big one, but do you go back to 98?
 Being a beginner I would think having all the patches on XP or Vista
might make it difficult to learn.  I would also think adding a secure
OS like openbsd would be a waste of time for a beginner to try to gain
access to.  All advice is appreciated.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

RE: Lab OS Choices, (continued)
- - - RE: Lab OS Choices Shenk, Jerry A (Aug 13)
    - Re: Lab OS Choices Pete Herzog (Aug 15)
    - Re: Lab OS Choices Peter Manis (Aug 15)
    - Re: Lab OS Choices Pete Herzog (Aug 16)
    - Re: Lab OS Choices Peter Manis (Aug 15)
    - Re: Lab OS Choices Pete Herzog (Aug 16)
    - Re: Lab OS Choices Peter Manis (Aug 16)
    - Re: Lab OS Choices Pete Herzog (Aug 17)
    - Re: Lab OS Choices M . B . Jr . (Aug 17)
- Re: Lab OS Choices Nikhil Wagholikar (Aug 12)
- Re: Lab OS Choices Shaon Diwakar (Aug 12)
  - Re: Lab OS Choices Peter Manis (Aug 12)
  - Re: Lab OS Choices M . B . Jr . (Aug 15)
    - Re: Lab OS Choices Benjamin Anderson (Aug 15)
- Re: Lab OS Choices Shaon Diwakar (Aug 12)
- Re: Lab OS Choices Shaon Diwakar (Aug 13)
  - Re: Lab OS Choices Peter Manis (Aug 13)
- Re: Lab OS Choices Pete Herzog (Aug 16)
  - Re: Lab OS Choices Jan Heisterkamp (Aug 17)