RE: Lab leads??

From: Greg Rice (grice@iastate.edu)
Date: 10/18/01 

From: "Greg Rice" <grice@iastate.edu>
To: <pen-test@securityfocus.com>
Subject: RE: Lab leads??
Date: Wed, 17 Oct 2001 23:36:28 -0500
Message-ID: <002301c1578e$7455ff10$954fead1@gricew2k>

Dan Ragsdale and a few others have put together a nice lab for students
at West Point. In the lab they actually carry out attack-defend
situations, etc. Check out their paper online at:

http://www.itoc.usma.edu/Documents/IWARLab.pdf

Hope this helps - greg

> -----Original Message-----
> From: 'ken'@FTU [mailto:franklin_tech_bulletins@yahoo.com]
> Sent: Tuesday, October 16, 2001 10:02 PM
> To: pen-test@securityfocus.com
> Subject: Lab leads??
>
>
> Hello,
>
> I'm looking to set up a lab of about 30 host to simulater an
> Internet/DMZ/Intranet.
>
> Does anyone have any sources (papers) or ideas that might
> help? Here are
> a few parameters:
>
> Lab must contain various OS'es.
> Lab must be able to be very easily configurable to create and
> demonstrate holes and how to patch them. (But then recreate
> the hole to
> demonstrate the weakness again to another set of people.)
> The holes must be at the network, os and application levels.
>
> One idea I had is to create images of servers known to have holes,
> demonstrate the exploit, patch the hole, show it is fixed and then
> reimage the disk with the old hole. The imaging trick should
> work with
> different OS's as well. What do you think?
>
> Thanks in advance.
>
> 'ken'
>
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security
> Intelligence Alert (SIA) Service. For more information on
> SecurityFocus' SIA service which automatically alerts you to
> the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • Re: Lab leads??
    ... Subject: Lab leads?? ... >> The holes must be at the network, ... >This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Lab leads??
    ... Subject: Lab leads?? ... The holes must be at the network, ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: Lab leads??
    ... Subject: Lab leads?? ... > I'm looking to set up a lab of about 30 host to simulater an ... > The holes must be at the network, ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Armstrong and doping on American radio
    ... the lab which tested Landis's data, even to the point of accusing them ... I am simply pointing out there are holes in their procedures where there need to be none, ... the ASO/ the lab or anyone else was involved in a 'conspiracy' against ... Do you think that a testing lab needs to be of the highest possible integrity if their evidence is to be completely trustworthy? ...
    (uk.rec.cycling)