RE: Pentesting lab




Exactly....I am doing the same thing in addition to running Win Server
2k3...Backtrack and Metasploit as attacker are good and flexible to use.
As you mentioned Netbios ports alone, I feel, are not enough...Wat do
you say...? In addition i am installing SQL, SMTP, IIS and etc and then
fine tuning them depending upon the exploit success rate. Is that fine
or anything more left to be focused?

Thank you for pointing out malware testing.


Regards,

Balaji Swaminathan .M


-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Elliot Fernandes
Sent: Monday, January 04, 2010 2:04 AM
To: s3c.b3n
Cc: pen-test@xxxxxxxxxxxxxxxxx
Subject: RE: Pentesting lab

You could run vmware, and install windows xp service pack 2. service
pack 2 is used by most people in the windows world, they havent
completely shifted to vista or windows 7. It's already running
vulnerable services mostly on ports 135,139, and 445 tcp. You just need
the latest version of metasploit to test it. For analyzing malware
there's a script in python called malware analyzer
http://www.beenuarora.com/code/analyse_malware.py . But you will need
the PE module from google code http://code.google.com/p/pefile in the
same folder. The malware analyzer is amazingly good for analyzing
botnet-binaries and viruses and such. You'll also need Olly Debug and
IDA pro. Have two VMs ready, one windows for the victim, and linux,
preferably backtrack for the attacker. That should about do. Oh, you
could also have a Honeypot ready to catch exploits from the wild. you
could have them separated from your normal network.




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



Relevant Pages

  • RE: Pentesting lab
    ... and install windows xp service pack ... there's a script in python called malware analyzer ... preferably backtrack for the attacker. ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: Pentest lab box 16 gigs of ram
    ... I don't have a great experience with Windows Vista / Windows 7, ... Another great virtualization system seems to be ProxMox, ... Does anyone have any experience with the latest version of VMware workstation and if it will run properly on Windows 7? ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: Light forensics
    ... I'll second GetDataBack (Fat and NTFS). ... Is there a log you can check to see IP Address Changes in a Windows XP Box? ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: How to create a penetration test lab
    ... You just can't build THE test lab, since there are so many contexts and ... Windows 2000 IIS5 ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: Light forensics
    ... Eduardo Sierra wrote: ... We had a security incident, and i'm doing a "light" forensics. ... Is there a log you can check to see IP Address Changes in a Windows XP Box? ... Information Assurance Certification Review Board ...
    (Pen-Test)