Hi Coral, I would say always make them 'sudo', as its just a good overall practice. You should also look at PAM (Programmable Authentication Module). Can be a bit complex if you have not used before, a simple typo, and you can lock yourself out of the machine. You may want to look at creating a protected 'chroot' jail.... Also, check out Trinux, a RAM based version that is security specific, has many hard to find Security apps ported to Lin*X (eg: Vomit, to intercept Cisco VoIP, originally made for BSD, Trinux, distros...include....the Lin*X ver...for the real lazy...) http://trinux.sourceforge.net/ Turn, off the pC's when class over, all potential damage...gone... Its a great Pen-Test, tool.....overall..... -Bye Joe McGean Techincal Security Architect Allianz, Ireland www.allianz.ie Subject: Training Lab Question This may be a bit off-topic, but I'd like some feedback on the following issue: I'm in the process of setting up a Pen Testing training lab. The lab consists of a network of target hosts and a network of attack hosts (student workstations). The student workstations running Slackware 8.x (current). Here's my question? What is the best/safest way to allow the students to run the tools (mostly nmap and various sniffers) that need root privileges for full functionality? Should I just make those tools suid root or should I use sudo? Are there any other alternatives? Thanks in advance. Coral "Coral J. Cook" <cjcookat_private> on 29/05/2002 20:15:58 To: pen-testat_private cc: (bcc: Joe McGean/AGFIL/AGF) Subject: Training Lab Question This may be a bit off-topic, but I'd like some feedback on the following issue: I'm in the process of setting up a Pen Testing training lab. The lab consists of a network of target hosts and a network of attack hosts (student workstations). The student workstations running Slackware 8.x (current). Here's my question? What is the best/safest way to allow the students to run the tools (mostly nmap and various sniffers) that need root privileges for full functionality? Should I just make those tools suid root or should I use sudo? Are there any other alternatives? Thanks in advance. Coral ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the HelpDesk at 3955. ********************************************************************** ******************************************************************** Please Note: Our e-mail address is now 'allianz.ie' Visit our website at http://www.allianz.ie Disclaimer : The information contained and transmitted in this e-mail is confidential information, and is intended only for the named recipient to which it is addressed. The content of this e-mail may not have been sent with the authority of the company. If the reader of this message is not the named recipient or a person responsible for delivering it to the named recipient, you are notified that the review, dissemination, distribution, transmission, printing or copying, forwarding, or any other use of this message or any part of it, including any attachments, is strictly prohibited. If you have received this communication in error, please delete the e-mail and destroy all record of this communication. Thank you for your assistance. ******************************************************************** ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu May 30 2002 - 13:04:34 PDT