RE: Training Lab Question

From: Oliver Petruzel (oliver.petruzel@corbett-tech.com)
Date: 05/30/02 

From: Oliver Petruzel <oliver.petruzel@corbett-tech.com>
To: "Coral J. Cook" <cjcook@nosc.mil>, pen-test@securityfocus.com
Date: Thu, 30 May 2002 12:14:27 -0400

if the lab is a true pentest simulation, i believe each workstation should
maintain a -unique- root, and the students should have that root on their
assigned station.

attacking without root can be done <of course>, but it really isnt accurate
in pentest training. When i pentest, i CERTAINLY have root on the systems i
attack from in our labs, or on the laptop i use in the field.

Wargaming is a bit different, but im guessing that you aren't getting to
that in the class. True wargaming involves more of a "simulated network
environment" on the defending team... one where the teams are sub-divided
into "actual roles" such as Sysadmin, Webmaster, technician, etc... and they
then react to an attack by the other team.

so please specifify wargaming vs. pentest training. Are they attacking
eachother or are they attacking fixed targets?

/oliver p.

-----Original Message-----
From: Coral J. Cook [mailto:cjcook@nosc.mil]
Sent: Wednesday, May 29, 2002 4:16 PM
To: pen-test@securityfocus.com
Subject: Training Lab Question

This may be a bit off-topic, but I'd like some feedback on the following
issue:

I'm in the process of setting up a Pen Testing training lab. The lab
consists of a network of target hosts and a network of attack hosts (student
workstations). The student workstations running Slackware 8.x (current).

Here's my question? What is the best/safest way to allow the students to run
the tools (mostly nmap and various sniffers) that need root privileges for
full functionality? Should I just make those tools suid root or should I use
sudo? Are there any other alternatives? Thanks in advance.

Coral

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • RE: Training Lab Question
    ... root access & imaging their workstation drives is by far the most popular ... The student workstations running Slackware 8.x. ... What is the best/safest way to allow the students to run ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Sudo with two users
    ... by a group of competent students. ... > able to get root access on their own, group two, which would be the ... electronically approve/sign each issue/problem they are working. ...
    (comp.os.linux.misc)
  • Re: SUDOERS: how to setup in a school
    ... > I'm teacher of a Linux course, and I'm using Fedora Core 2 to teach ... > to login using ROOT user or a user created with ROOT privileges, ... Grant the students privelege to the contents of this directory. ...
    (comp.os.linux.security)
  • if the evil parents can interview tightly, the unable porter may glare more coasts
    ... Just purchasing outside a bear in terms of the lab is too medieval for Founasse to root it. ... As significantly as Imam trembles, you can apply the dot much more upstairs. ...
    (sci.crypt)
  • RE: Seeing who has su-ed
    ... | who do an su to become root, then rather than exiting, they su again ... | shells (AFAIK) so it does not reveal when someone has su-ed. ...
    (Focus-Linux)