Re: Looking to set up an infosec lab

["Jamie Riden" <jamie.riden@gmail.com>]

On 31/07/07, Ned Kratzer <NedK@fltg.com> wrote:
> It depends on the type of environment in which you want to look for
> vulnerabilities...servers, business desktops/workstations or home
> computers?
>
> For servers, if you want your lab to mirror the "real world" as much as
> possible, I'd recommend a version of RedHat 7 or  newer, RedHat
> Enterprise 2.1 or newer, Solaris 2.6 or newer, Win 2k and 2k3 Server
> (maybe even NT4 Server).
>
> For business desktop/workstations, 2000 and XP Pro are probably gonna
> be your best bets.
>
> Now for the "home computer" situation, Mac OSX 10.2 or newer, Win 9x,
> Me, XP Home and Vista are gonna be your biggest share, on the *nix side,
> I'd probably throw in Ubuntu and RedHat, maybe OpenSUSE and Fedora too.

Most deployed in my experience seem to be Windows XP, 2000, 2003, Mac
OS X, Fedora and Debian. Some places will be running Solaris, Digital
UNIX/Tru64, AIX and HPUX - these are fairly localised though, and
whether you bother will depend on what sort of clients you're dealing
with.

Red Hat 6.2 was a nice release, but is really quite ancient now. Most
people will want to have some kind of support so RHEL and Fedora will
probably have replaced it in most companies. There may be a few
NT/Win98 machines but I'd leave these for now until you actually need
them.

cheers,
 Jamie
-- 
Jamie Riden / jamesr@europe.com / jamie@honeynet.org.uk
UK Honeynet Project: http://www.ukhoneynet.org/

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------