Using a Virtualized Pen Test Platform



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All,

I have traditionally used a multi-boot Linux box as my pen-test platform. It has
always had the disadvantage that I had to reboot into Windows to run some tools
that seem to break under wine.

For the past several months, I have been tinkering with using VMware Workstation
as my base platform, so I can just switch VMs rather than having to reboot. So
far, it seems to work pretty well. However, I am wondering if I am missing
something that is broken by VMware that I have not yet detected. For example,
does VMware break any of the packet crafters or other tools that do 'unusual'
things, that may cause the packet to not traverse correctly from VMware to the
outside target?

What other issues do I need to be aware of?

Also, is there any advantage or disadvantage of running Workstation vs. Server
vs. ESXi as the underlying VMware system?

What would be the advantages or disadvantages of running XEN? Does it have any
issues as a pen test platform hypervisor?

THANKS!

Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
o: 843-849-8214
c: 843-813-2924
s: 843-564-4224
s: JonRKibler
e: Jon.Kibler@xxxxxxxx
e: Jon.R.Kibler@xxxxxxxxx
http://www.linkedin.com/in/jonrkibler

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkrd4DYACgkQUVxQRc85QlO60gCfT2sQ2gsBJo6vcSYIxPHtSA9U
8WgAn2dAPMxow+r0lx2ThokdjtX6o0+z
=bmip
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Relevant Pages

  • Re: Using a Virtualized Pen Test Platform
    ... We chalked this up to multiple layers of abstraction which occurs between the human interaction and the packet send or receive. ... I have traditionally used a multi-boot Linux box as my pen-test platform. ... I have been tinkering with using VMware Workstation ... is there any advantage or disadvantage of running Workstation vs. Server ...
    (Pen-Test)
  • Re: [opensuse] about virtualisation
    ... Well you can almost always run a client image on any platform unless ... You can use the Free Vmware Player if nothing else. ... VMware Workstation targets it self as a development platform and tries to ... Vmware's strength is hardware emulation. ...
    (SuSE)
  • Any VMware experts on a Vista site?
    ... Before I go to VMware with questions, I thought that I would try the Vista experts here to see if there is a match-up of the two talents. ... I now have the capability to run a Vista 32-bit platform by clicking on a desktop icon. ... I connect to the Internet on a wireless basis, using a RangeMax Wireless-N USB 2.0 Adapter. ...
    (microsoft.public.windows.vista.general)
  • Re: Any VMware experts on a Vista site?
    ... platform by clicking on a desktop icon. ... I connect to the Internet on a wireless basis, ... connection, but I am not able to connect to the Internet. ... individual who installed the VMware said that I should not need a USB port ...
    (microsoft.public.windows.vista.general)
  • Re: Any VMware experts on a Vista site?
    ... I recently had someone load VMware Workstation 6 on my new Dell desktop, which uses a Vista 64-bit platform. ... I now have the capability to run a Vista 32-bit platform by clicking on a desktop icon. ... I connect to the Internet on a wireless basis, using a RangeMax Wireless-N USB 2.0 Adapter. ... The individual who installed the VMware said that I should not need a USB port in the 32-bit setup to connect to the Internet. ...
    (microsoft.public.windows.vista.general)