RE: Penetration Testing Lab Setup

From: Discussion Lists (discussionsat_private)
Date: Thu Mar 06 2003 - 10:51:04 PST

Next message: Brian Brotschi: "RE: X.25 tools"

Previous message: Andreas Östling: "Re: Program for automatic attack replay"
Maybe in reply to: Indian Tiger: "Penetration Testing Lab Setup"
Next in thread: disciple: "RE: Penetration Testing Lab Setup - VMWare"
Next in thread: Jorge Lozano: "Re: Penetration Testing Lab Setup"
Reply: disciple: "RE: Penetration Testing Lab Setup - VMWare"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Indian Tiger,
I have had really good luck with VMWare.  It is great for setting up
various Linux/Windows platform configurations, and saving them, then
re-using them later.  You will need a LOT of HD space, and a TON of RAM
for them though if you plan on setting up anything complex.  I have been
able to set up entire company networks including (believe it or not)
firewalls, mail servers, clients even home-grown routers (of the linux
flavor).  I can set those machines so that they have restore points, so
that anything I do to them can be undone.  If you run out of RAM on the
host machine, you just get another host machine and start running more
virtual machines on it.  Stick them all on a hub, and set up a separate
"test machine" on the same hub with all of your penn-test tools, and
start hammering away.

> -----Original Message-----
> From: Indian Tiger [mailto:indiantigerat_private] 
> Sent: Wednesday, March 05, 2003 10:59 PM
> To: pen-testat_private
> Subject: Penetration Testing Lab Setup
> Importance: High
> 
> 
> Hi All,
> 
> My management asks me to give detailed requirements for 
> Penetration Testing 
> lab setup. Same Lab I would like to utilize for Computer 
> Crime Investigation 
> as well. Currently we are following OSSTMM as baseline for 
> Penetration 
> Testing.
> 
> Any suggestions, comments highly appreciated.
> Thanking You.
> 
> Sincerely,
> 
> Indian Tiger, CISSP
> 
> 
> --------------------------------------------------------------
> --------------
> 
> Are your vulnerability scans producing just another report? 
> Manage the entire remediation process with StillSecure VAM's 
> Vulnerability Repair Workflow. Download a free 15-day trial: 
> http://www2.stillsecure.com/download/sf_vuln_l> ist.html
> 
> 

----------------------------------------------------------------------------

Are your vulnerability scans producing just another report?
Manage the entire remediation process with StillSecure VAM's
Vulnerability Repair Workflow.
Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html

Next message: Brian Brotschi: "RE: X.25 tools"
Previous message: Andreas Östling: "Re: Program for automatic attack replay"
Maybe in reply to: Indian Tiger: "Penetration Testing Lab Setup"
Next in thread: disciple: "RE: Penetration Testing Lab Setup - VMWare"
Next in thread: Jorge Lozano: "Re: Penetration Testing Lab Setup"
Reply: disciple: "RE: Penetration Testing Lab Setup - VMWare"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 06 2003 - 15:38:17 PST