Re: Looking to set up an infosec lab



It depends on the type of environment in which you want to look for
vulnerabilities...servers, business desktops/workstations or home
computers?

For servers, if you want your lab to mirror the "real world" as much as
possible, I'd recommend a version of RedHat 7 or newer, RedHat
Enterprise 2.1 or newer, Solaris 2.6 or newer, Win 2k and 2k3 Server
(maybe even NT4 Server).

For business desktop/workstations, 2000 and XP Pro are probably gonna
be your best bets.

Now for the "home computer" situation, Mac OSX 10.2 or newer, Win 9x,
Me, XP Home and Vista are gonna be your biggest share, on the *nix side,
I'd probably throw in Ubuntu and RedHat, maybe OpenSUSE and Fedora too.

-- Ned

"John M. Martinelli" <john@xxxxxxxxxxxxxx> 07/30/07 09:40PM >>>
Hi, list.

A few of the previous e-mails going out on the mailing list got my
attention - I'm interested in building a moderate hacklab to conduct
mock attacks, intrusion detection, detection evasion, etcetera. My
hardware situation allows me to deploy a VMware or Parallels lab -
what kind of machines would you set up in my situation?

I plan on having a few Windows machines - perhaps a '98 box, a 2000
box, and an XP box. As far as Linux, I'd like to set up a Zoot
(RedHat 6.2) and BSD box, but beyond that I'm asking for advice.
Which flavors would you put up for conducting general vulnerability
testing?

Thanks,
John Martinelli
RedLevel.org Security

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



Relevant Pages

  • Re: yum issues with RedHat 5 servers
    ... Several of the problems discussed on this thread are related to an RHN ... from routinely being able to schedule patches to our servers and to install ... bash the distribution here (I'm actually moving our organization to RedHat ... turn around literally 2 minutes later to run yum check-update on the exact ...
    (RedHat)
  • Why redhat will never get another dime of my money.
    ... Over the past 8 years, I've deployed about 1800 redhat servers, 1/2 of them being in turnkey beowulf clusters, ... RedHat will not be involved in any of my future deployments. ... I have a serious problem with my satellite server. ... Australian: "Let me go find our satellite guy, ...
    (RedHat)
  • Re: yum issues with RedHat 5 servers
    ... Several of the problems discussed on this thread are related to an RHN ... from routinely being able to schedule patches to our servers and to install ... bash the distribution here (I'm actually moving our organization to RedHat ... turn around literally 2 minutes later to run yum check-update on the exact ...
    (RedHat)
  • Re: Had it with Fedora!
    ... I love compiz and got it to work again with unity desktop in gnome, ... off of the LVM to ext4 on the 400 so it is easy pickings once CentOS ... I have servers setup on it and they must be setup again on the ... Whatever you can do with RedHat proper, ...
    (alt.os.linux)
  • Re: AMD64 Northbridge errors
    ... logged a call with HP and Redhat support and have ... > Five of the computers have between 1-30 references to these error ... > DRAM Controller ...
    (RedHat)