From: scott (redhowlingwolves@bellsouth.net)
Date: Mon Jul 30 2007 - 00:03:53 EDT
Surely you can pull a few boxes together,install different OS'es on each
box,install the same version of apps that the servers you're testing are
running,trying to make sure that the processors are the same,or very
closely related.
The one thing that has stung me in the past was Apache on
Windows.I,foolishly, assumed it was a *nix variant!Blind test,of
course.So why were scans leaning to an OS called Microsoft?Bad recon.
Everything you can do before and after the recon("You did do
this,right?") matters for how you make up your lab for that specific
pen-test.That's my personal method.
IMHO.
Shenk, Jerry A wrote:
> I on the otherhand test exploits in my lab all the time. I find it very
> useful to have a number of machines set up with a variety of operating
> systems. I find that by testing exploits in the lab, prior to
> attempting them on-site I know better what results to expect. One of my
> goals in pen-testing is to avoid "blowing up" production boxes. By
> testing exploits in the lab, I can have a pretty good idea what the
> results will be. I also try to avoid getting caught. It mimics an
> experienced attacker better to avoid making an insane amount of noise so
> if I can find an exploit that will allow me to make a quick clean
> attack, I find that going through that in the lab first allows me to do
> better on the live test. ....people never watch their logs anyway so
> being stealthy isn't normally that big a deal;)
>
> Lot of people use VMware or similar platforms for this and I do also, to
> a degree. I most often find myself using a number of old servers
> (Compaq & "Intel Whitebox servers) with a variety of drives in hot-swap
> trays that I swap in for a particular OS version and patch level. I
> don't really use the "hot-swap" feature to swap drives without rebooting
> but it is handy to be able to just pull a drive out and stick another
> one in.
>
> -----Original Message-----
> From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
> On Behalf Of Jan Heisterkamp
> Sent: Sunday, July 29, 2007 10:29 AM
> To: Gubir
> Cc: pen-test@securityfocus.com
> Subject: Re: Basic facilities required to establish a pen test lab
>
> Gubir schrieb:
>
>> I am CEH. But still I need some suggestion from you guys to setup a
>>
> pen test
>
>> lab. Please give me some guidance about the basic essential hardware
>>
> and
>
>> software to make a good pen test lab
>>
>>
>>
> A pent test lab; what could this be?
> Definition of laboratory: A laboratory (often abbreviated lab) is a
> place where scientific research and experiments are conducted. A lab can
>
> hold space for one to thirty, or more, researchers depending on the size
>
> of the room and state mandated maximum occupancy limit.
>
>
> **DISCLAIMER
> This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business.
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:59 EDT