This is a mirror of official site: http://jasper-net.blogspot.com/

Building an InfoSec lab, on the cheap

| Wednesday, June 9, 2010
So, you want to experiment with the latest pen-testing tools, or see how new exploits effect a system? Obviously you don't want to do these sorts of tests on your production network or systems, so a security lab is just the thing you need. This article will be my advice on how to build a lab for testing security software and vulnerabilities, while keeping it separate from the production network. I'll be taking a mile high overview, so you will have to look into much of the subject matter yourself if you want a step by step solution. I'll try to keep my recommendations as inexpensive as possible, mostly sticking to things that could be scrounged from around the office or out of a dumpster. The three InfoSec lab topologies I'll cover are: Dumpster Diver's Delight, VM Venture and Hybrid Haven.

Dumpster Diver's Delight: Old hardware, new use

       The key idea here is to use old hardware you have lying around to create a small LAN to test on. Most computer geeks have a graveyard of old boxes friends and family have given them, and businesses have older machines that are otherwise condemned to be hazardous materials waste. While what you will have to gather depends on your needs, I would recommend the following:

1. A NAT box: Any old cable/DSL router will work, or you can dual home a Windows on Linux box for the job and set up IP Masquerading. The reason you want to set up a separate LAN with a NAT box is so that things you do on the test network don't spill over onto the production network, but you can still access the Internet easily to download needed applications and updates. Also, since you will likely have un-patched boxes in your InfoSec lab so you can test out vulnerabilities, you don't want them sitting on a hostile network and getting exploited by people other than you. You can punch holes into the test network by using the NAT router's port forwarding options to map incoming connection to SSH, Remote Desktop or VPN services inside of the InfoSec lab. This way you can sit outside of the InfoSec LAN at your normal workstation on the production LAN, and just tunnel into the InfoSec lab to test things.

2. A bunch of computers/hosts: Whatever you want to test, be it computers, print servers or networking equipment. Boxes for a security lab do not have to be as up to snuff as production workstations. If you are doing mostly network related activities with the hosts, speed becomes less of an issue since you aren't as annoyed by slow user interfaces.

Read more: Irongeek.com

Posted via email from jasper22's posterous

0 comments: