Ok, I did a quick search and the results I got were not really related to what I was looking for. I have two towers sitting at home doing nothing. One is an old Dell XPS 410 and the other is a Dell Server (I can't remember what model off hand). I also have a Cisco 2651xm router I purchased on ebay for my CCNA studying, so that is also available to use for setting up a lab. It has a real Cisco IOS with advanced something and VOIP capabilities. Anyway, I want to set up my own pen-testing lab environment to learn this stuff in a safe and legal way. What would you guys recommend starting with what I have available already? I am also up for getting other equipment to add to this lab so I can get as much experience as possible. Thanks.
The de-ice pentest disks are awesome. I learned lots from those. I think the new site is called heron.net. Grendal is awesome over there.
Here's mine, as of a year ago:
Heorot.net • Login
It's had some revisions since them, including a fourth PC, monitor,keyboard, mouse, and a 4-port KVM switch. The rack area also has two more Cisco switches in it. It was designed for use with the De-ICE disks, and I've used it as the practical portion of two certifications.
Even though I designed it for pentesting, my cousin liked using the lab so much, spent a week with me last January, and used the lab to test his knowledge of his CCNA studies.
Stop the TSA now! Boycott the airlines.
there is some good information already posted but i thought i could help... my testing inviorment looks like this...
Backtrack usb stick <--labtop
windows 2000.iso <---Desktop Vbox
windows xp.iso <---Desktop Vbox
windows vista.iso <---Desktop Vbox
mac osx.iso <---Desktop Vbox
i run a virtual box and my main focus is windows... just for example, i was writing my own reverse tcp backdoor and i wanted all functions to run flawlessly on all 3 versions of windows... i took each function one step at a time and one OS at a time... you can expand your virtual network like for example service packs 1 2 and 3 should be tested...
you can find all kinds of iso files tweaked for size and performance, the 3 versions of windows i use are less then 700mb in size... there not genuine versions but they work for me...
No one has directly mentioned it yet so I will - Damn Vulnerable Linux.
There is also a page at the IronGeek site that lists a number of deliberately insecure web apps which are good if web apps are the thing you want to learn to attack. I don't have the link handy, but it is referenced elsewhere on the forum.
Personally for my home lab I just have a bunch of VMs on my laptop which I bring up as needed. I got a laptop with lots of RAM (2 GB - which was good when I got it back in 2006 but medium of the road now) specifically so I could do this. For VMs I have a Server 2003, an unpatched Windows XP, an unpatched Windows XP SP2 and an unpatched Fedora Core 4. The Windows XP SP2 VM gets the most use.
My lab setup at work is fairly similar, although it runs on a dedicated bare bones Linux system which just runs VMs (its Ubuntu Server with VMWare Server 2 - I would have used ESXi but it wasnt compatible with the hardware).
I also have a Damn Vulnerable Linux virtual machine running at work.
Vmware is the way to go., You can download trial versions of MS software like server08 etc. And use those to practice with. One can using vmware server take snapshots of the image to make resetting a breeze when something goes wrong, and as Lupin mentioned it can be done with one computer, if that is all you have to use.
Furthermore companies release pre-configured virtual apps at vmware all the time. If you grab the new ones you may be able to test and find vulnerabilities.
I'm currently setting up one for students.
- BT4 pre Final (as attacker) with some really cool stuff like User Module Linux to have a iptables lab inside of BT (so they will have 4 shells: internal, external, firewall and dmz "workstations")
- Moth (:: moth - Bonsai Information Security ::) -> Ubuntu Hardy (as victim) with a bad configured apache and some server services (to have the server side for mitm attacks)
- Win XP - for the newbies to have cryptool, M$ Outlook (to try spam-stuff) and WebGoat. Also the Client side for mitm attacks
Everything on VMWare. I will add a DVL and Win7 (only for personal use).
Although I understand the reasons behind using VMs, I don't think they are ideal for everything in a lab. They are cheap and easy if someone wants to learn about things purely at an OS level, but a lot can be happening at the network which is missed with VMs. I'm a big fan of capturing (and sometimes manipulating) packets on the wire; having machines physically connected to a network allows that to be practiced.
Stop the TSA now! Boycott the airlines.