EH-Net

Hello!

Just wondering if anyone had any input on setting up a lab. I now have 3 computers to play with and was thinking its about tiome i got some hands on experience. I currently have two laptops and a desktop.

Does anyone have any input on what possible configurations I could put on the systems so I can get some hands on network security experience, e.g pen testing. Im still in the stage of having done quite a bit of reading but having no experience, so if anyone knows of any tutorials for such lab testing I would greatly appreciate it.

Kind regards

Mambo

Backtrack would be a good distro to load to access quite a few different tools.

http://www.remote-exploit.org/backtrack.html

i had a play with backtrack when i setup a smoothwall firewall, but didnt really get anywhere with it.

Has anyone had experience with damn vulnerable linux? I would like something easy to exploit so i can see some results =]

No, but I'm definitely going to check it out. Thanks for bringing that up!

Damn Vulnerable Linux is also offering certifications
hxxp://www.damnvulnerablelinux.org/index.php/eng/Certification

One more has been added to BackTrack competitors list .

Mambo, you may want to look into a book called "Build Your Own Security Lab: A Field Guide for Network Testing" (http://www.amazon.com/Build-Your-Own-Security-Lab/dp/0470179864/ref=sr_1_1?ie=UTF8&s=books&qid=1233694130&sr=1-1). A friend of mine read it and he said it'd be a good start for people wanting to set up their own labs.

I highly recommend setting up one machine as a VMWare ESXi server. You can host all sorts of guest with different OSes, patch levels, and software. It also has the ability for snapshots which is very useful for testing and learning.

Alternatively you can check out NETinVM

NETinVM is a single VMware virtual machine image that contains, ready to run, a series of User-mode Linux (UML) virtual machines which, when started, conform a whole computer network inside the VMware virtual machine. Hence the name NETinVM, an acronym for NETwork in Virtual Machine. NETinVM has been conceived mainly as an educational tool for teaching and learning about operating systems, computer networks and system and network security, but other uses are certainly possible.

It is a good book. I did run across a few dead links in it however...

The thing with pentesting, is that you need SOMETHING to assess whether it's a service or network.  What I mean for service is whether it's a web server, database server, data center, web services, or even an IP voice solution.  By assessing the network, I mean attempting to assess targets through a real switch, real router, and multiple other security controls.

Hence my point is that you'll need to either team up with someone who knows how to configure servers, or a network guy unless you want to learn either one (or both!).  Not knowing how to do one at least leaves you at a major disadvantage I feel.

Agreed, there are probably well known to most here (mentioned in the forums a lot) but check out De-ICE (http://heorot.net/) and DVL (http://www.damnvulnerablelinux.org/) to get you start with targets.

Great idea. You could get additional experience and knowledge by setting up additional linux VMs as IPS, Firewall, or for routing. This would teach you how to configure them, and how to get past them. Again, I recommend VMWare's ESXi since it is free and based on the industry leading VM platform. Not a bad idea to learn VMWare while you are at it. ESXi will allow you to set up multiple networks for setting up the lab described above.