Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Practice Pen-Testing lab setup?

  1. #1
    Junior Member Polorboy's Avatar
    Join Date
    Mar 2010
    Posts
    25

    Default Practice Pen-Testing lab setup?

    Ok, I did a quick search and the results I got were not really related to what I was looking for. I have two towers sitting at home doing nothing. One is an old Dell XPS 410 and the other is a Dell Server (I can't remember what model off hand). I also have a Cisco 2651xm router I purchased on ebay for my CCNA studying, so that is also available to use for setting up a lab. It has a real Cisco IOS with advanced something and VOIP capabilities. Anyway, I want to set up my own pen-testing lab environment to learn this stuff in a safe and legal way. What would you guys recommend starting with what I have available already? I am also up for getting other equipment to add to this lab so I can get as much experience as possible. Thanks.

  2. #2

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    The de-ice pentest disks are awesome. I learned lots from those. I think the new site is called heron.net. Grendal is awesome over there.

  4. #4
    Junior Member Polorboy's Avatar
    Join Date
    Mar 2010
    Posts
    25

    Default

    Awesome, thanks a lot. Now I have somewhere to start .

  5. #5
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Here's mine, as of a year ago:

    Heorot.net • Login

    It's had some revisions since them, including a fourth PC, monitor,keyboard, mouse, and a 4-port KVM switch. The rack area also has two more Cisco switches in it. It was designed for use with the De-ICE disks, and I've used it as the practical portion of two certifications.

    Even though I designed it for pentesting, my cousin liked using the lab so much, spent a week with me last January, and used the lab to test his knowledge of his CCNA studies.
    Thorn
    Stop the TSA now! Boycott the airlines.

  6. #6
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default

    there is some good information already posted but i thought i could help... my testing inviorment looks like this...

    Backtrack usb stick <--labtop
    windows 2000.iso <---Desktop Vbox
    windows xp.iso <---Desktop Vbox
    windows vista.iso <---Desktop Vbox
    mac osx.iso <---Desktop Vbox

    i run a virtual box and my main focus is windows... just for example, i was writing my own reverse tcp backdoor and i wanted all functions to run flawlessly on all 3 versions of windows... i took each function one step at a time and one OS at a time... you can expand your virtual network like for example service packs 1 2 and 3 should be tested...

    you can find all kinds of iso files tweaked for size and performance, the 3 versions of windows i use are less then 700mb in size... there not genuine versions but they work for me...

  7. #7
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    No one has directly mentioned it yet so I will - Damn Vulnerable Linux.

    There is also a page at the IronGeek site that lists a number of deliberately insecure web apps which are good if web apps are the thing you want to learn to attack. I don't have the link handy, but it is referenced elsewhere on the forum.

    Personally for my home lab I just have a bunch of VMs on my laptop which I bring up as needed. I got a laptop with lots of RAM (2 GB - which was good when I got it back in 2006 but medium of the road now) specifically so I could do this. For VMs I have a Server 2003, an unpatched Windows XP, an unpatched Windows XP SP2 and an unpatched Fedora Core 4. The Windows XP SP2 VM gets the most use.

    My lab setup at work is fairly similar, although it runs on a dedicated bare bones Linux system which just runs VMs (its Ubuntu Server with VMWare Server 2 - I would have used ESXi but it wasnt compatible with the hardware).

    I also have a Damn Vulnerable Linux virtual machine running at work.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  8. #8
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Vmware is the way to go., You can download trial versions of MS software like server08 etc. And use those to practice with. One can using vmware server take snapshots of the image to make resetting a breeze when something goes wrong, and as Lupin mentioned it can be done with one computer, if that is all you have to use.
    Furthermore companies release pre-configured virtual apps at vmware all the time. If you grab the new ones you may be able to test and find vulnerabilities.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  9. #9
    Member floyd's Avatar
    Join Date
    Mar 2009
    Posts
    231

    Default

    I'm currently setting up one for students.

    I've choosen
    - BT4 pre Final (as attacker) with some really cool stuff like User Module Linux to have a iptables lab inside of BT (so they will have 4 shells: internal, external, firewall and dmz "workstations")
    - Moth (:: moth - Bonsai Information Security ::) -> Ubuntu Hardy (as victim) with a bad configured apache and some server services (to have the server side for mitm attacks)
    - Win XP - for the newbies to have cryptool, M$ Outlook (to try spam-stuff) and WebGoat. Also the Client side for mitm attacks

    Everything on VMWare. I will add a DVL and Win7 (only for personal use).
    Auswaertsspiel

  10. #10
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Although I understand the reasons behind using VMs, I don't think they are ideal for everything in a lab. They are cheap and easy if someone wants to learn about things purely at an OS level, but a lot can be happening at the network which is missed with VMs. I'm a big fan of capturing (and sometimes manipulating) packets on the wire; having machines physically connected to a network allows that to be practiced.
    Thorn
    Stop the TSA now! Boycott the airlines.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •