Using a Virtualized Pen Test Platform



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All,

I have traditionally used a multi-boot Linux box as my pen-test platform. It has
always had the disadvantage that I had to reboot into Windows to run some tools
that seem to break under wine.

For the past several months, I have been tinkering with using VMware Workstation
as my base platform, so I can just switch VMs rather than having to reboot. So
far, it seems to work pretty well. However, I am wondering if I am missing
something that is broken by VMware that I have not yet detected. For example,
does VMware break any of the packet crafters or other tools that do 'unusual'
things, that may cause the packet to not traverse correctly from VMware to the
outside target?

What other issues do I need to be aware of?

Also, is there any advantage or disadvantage of running Workstation vs. Server
vs. ESXi as the underlying VMware system?

What would be the advantages or disadvantages of running XEN? Does it have any
issues as a pen test platform hypervisor?

THANKS!

Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
o: 843-849-8214
c: 843-813-2924
s: 843-564-4224
s: JonRKibler
e: Jon.Kibler@xxxxxxxx
e: Jon.R.Kibler@xxxxxxxxx
http://www.linkedin.com/in/jonrkibler

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkrd4DYACgkQUVxQRc85QlO60gCfT2sQ2gsBJo6vcSYIxPHtSA9U
8WgAn2dAPMxow+r0lx2ThokdjtX6o0+z
=bmip
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------