RE: [lists] Looking to set up an infosec lab

To:	"'John M. Martinelli'" <john@martinelli.com>, <pen-test@securityfocus.com>
Subject:	RE: [lists] Looking to set up an infosec lab
From:	"Curt Purdy" <purdy@tecman.com>
Date:	Thu, 2 Aug 2007 08:56:40 -0400
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
In-reply-to:	<AD30A871-0213-4432-9CFE-2F7DE432E89C@martinelli.com>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<20b0a0170707270525m548e299dtd0643c9e0e2ef49d@mail.gmail.com> <BA0E92F3A518C74F99579843B13CF25939A4@ned.LogicallySecure.local> <002401c7d18b$1a7086f0$4f5194d0$@org> <20b0a0170707300602p59857285l3f1a703a6f14c352@mail.gmail.com> <AD30A871-0213-4432-9CFE-2F7DE432E89C@martinelli.com>
Resent-date:	Fri, 3 Aug 2007 09:49:19 -0600 (MDT)
Resent-from:	pen-test-return-1078484749@securityfocus.com
Resent-message-id:	<20070803154919.CCEFF14477F@outgoing2.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com
Thread-index:	AcfTNcLnwOn7CmXoQueYW8ojc7ysaABziGCw

Our lab is a dual dual-core Opteron (4 procs) w/16 gb RAM running SuSE Linux
10.2 w/VMWare ESX Server (have not run Windoze on bare metal for 4 years -
thus have not had to re-install in 4 years :)

I then run about a dozen OS's including every version of Windoze, a few
*NIX's and Novell.  I have images of every guest for quick re-install (10-30
minutes per, depending on size).  I then turn malware loose on a Windoze box
and watch it infect the other boxes, depending on the propogation mode.  Of
course the *NIX and Novell boxes never skip a beat.

Curt Purdy CISSP, GSNA, GSEC, CNE, MCSE+I, CCDA 
202.302.6032
infosysec@gmail.com
purdy@tecman.com

-------------

If you spend more on coffee than on IT security, you will be hacked. 
What's more, you deserve to be hacked. 
-- former White House cybersecurity czar Richard Clarke 
 

> -----Original Message-----
> From: listbounce@securityfocus.com 
> [mailto:listbounce@securityfocus.com] On Behalf Of John M. Martinelli
> Sent: Monday, July 30, 2007 9:40 PM
> To: pen-test@securityfocus.com
> Subject: [lists] Looking to set up an infosec lab
> 
> Hi, list.
> 
> A few of the previous e-mails going out on the mailing list got my  
> attention - I'm interested in building a moderate hacklab to conduct  
> mock attacks, intrusion detection, detection evasion, etcetera. My  
> hardware situation allows me to deploy a VMware or Parallels lab -  
> what kind of machines would you set up in my situation?
> 
> I plan on having a few Windows machines - perhaps a '98 box, a 2000  
> box, and an XP box. As far as Linux, I'd like to set up a Zoot  
> (RedHat 6.2) and BSD box, but beyond that I'm asking for advice.  
> Which flavors would you put up for conducting general vulnerability  
> testing?
> 
> Thanks,
> John Martinelli
> RedLevel.org Security
> 
> --------------------------------------------------------------
> ----------
> This list is sponsored by: Cenzic
> 
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
> 
> http://www.cenzic.com/downloads
> --------------------------------------------------------------
> ----------
> 
> 


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
RE: [lists] Looking to set up an infosec lab, Curt Purdy <= Tools for pen test,, IRM Re: Tools for pen test,, 杨峰 Re: Tools for pen test,, John M. Martinelli RE: Tools for pen test,, Alexandru Bradescu-Popa RE: Tools for pen test,, Stephen McNaught RE: Tools for pen test,, Stephen McNaught Re: Tools for pen test,, Antonin Kral

Previous by Date:	Re[2]: Analize Virus, Rafa Richart
Next by Date:	Re: Analize Virus, lists73
Previous by Thread:	Re: Looking to set up an infosec lab, Jamie Riden
Next by Thread:	Tools for pen test,, IRM
Indexes:	[Date] [Thread] [Top] [All Lists]