My boss and I were talking this morning about an employee's phone being connected to the network and he suggested that it opens us up to our network being penetrated. 

We have a pretty stable and some what secured network behind two firewalls, and a couple snort boxes, etc...

Under what scenario couple a mobile phone running iOS be used to gain access to our network without the phone being rooted or jailbroken?

hayabusa: These are dual-core socket 603/604 Xeon servers. ESXi refused to install(3.5 and 4.0) and not even going to try VMServer. I can of course always run Vbox OR VMworkstation on a host, but ESXi was my goal, but not much I can do.

Andrew:  I have already purchased that book and a few others , just waiting on them to arrive. 

Thanks for all your help guys, I think I have more than enough to get the ball rolling.

Good Points. Final analysis is ... I'm keeping the MAC.

Thanks guys

Thanks Andrew. I will read those today and report back.

I was ran across a deal and ordered a Dual Xeon dual core 2.8ghz G5 MAC.  I live in Nashville, TN (born and raised) where everyone wants to be the next big country star and everyone wants a mac with Protools for their so-called home music studio. So I bought it to re-sale, but if MAC pentesting is important, then I'll keep the machine for my lab.

Thoughts?

A lot of people have helped me get things up and running. I did get my DD-WRT router fixed and now have internet in my new lab...

Just a quick recap found here: http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6838.0/

As an experienced network administrator / hobby developer...  I know how I would setup a development / business network, but I don't know enough about Pentesting yet to know how my network should be configured.  If you experience guys could weigh in on what you would do with my equipment and how you would configure it that would be awesome.

I have four servers. Due to the age and compatibility I can not run a virtual environment, so that means I can run a separate OS's or dual boot OSb  on each machine and create nightly (and a master install) image on my NAS to some what emulate a VM environment.

Here's where I'm lost and need help.

I have 4 boxes and don't know what to do with them. 

Can some of you pros weigh in and give me some detailed insight on what you would do with the equipment and how you would set them up.

I have ordered a few books that would possibly help me with this problem, but they haven't arrived yet and I'm eager to get started.

PLEASE HELP.

PS: I don't know completely know what Backtrack 4 is, but I know it's important and I've paid for the training videos.  Should one box be dedicated for Backtrack ? And what about Metasploit

That's not a bad idea. For only $13.00 I will add those to my order to, considering the rack fits under my desk ... we'll see

I've looked at HackingDojo and the thing that turned me away was a complete lack of information of the homepage. Basically, there's one page with a couple paragraphs describing the course.  For that reason alone... I couldn't even consider it.

Great. I have a whole drawer full of those at work (probably 100 or more).  Thanks for the help. I'm going to order the Skeletek 30' tonight and hopefully I'mm be on my way.

I also picked up a Belkin repeater today, so hopefully the only problem left to resolve is the ESXi problem.

Keep ya posted.

THANKS AGAIN FOR THE RACK HELP. And for only $100 - sweet!

They all have ear tabs. I think i have everything. Is that what you have yours mounted with?

Thanks Andy. I was using 4.2.x I will try 3 when I get home and let you know.
Thanks

The DD-WRT isn't acting as a repeater. It does work as a regular router though, but my main goal is to be wireless down there. I have a website that gets 700K+ hits a month, several android apps and a Roku channel that I would like to move my development down there as well, since they require a bit of dev time.

Skeletek. I just searched for and I only round the racks for cisco routers, which most cisco conform to 1U and 2U standards.  Before I purchase one, do you have 1U / 2U Mounted on this rack.  Here's the one I'm looking at:
http://www.dantraknet.com/item/120

Thanks for all your help guys. I have enrolled in the elearnsecurity as well as the ordered the backtrack videos.  I've also ordered these books:

1. Ninja Hacking - Unconventional Penetration Testing Tactics
2. Hacking Web Applications
3. Professional Penetration Testing

Once I finish those two courses and feel like I've got a firm grasp on the scene and techniques, I'll then see were it leads me.

Thanks Again,
MC

BillV

Thanks for pointing this out, you're right... If I remember correctly RAID 5 needs 3 of more disk.  That's what was posted on the ebay spec sheet, but I just rebuilt it before the Linux install for Raid 0 is didn't need mirroring.

Thanks for your help, I'll let you know how it all turns out.

Well, I've been very excited to get my lab setup (or at least beginning setting it up)(I don't rush, things get screwed up that way) but nothing is going right...

Here's my complications: 

I have the new (used) boxx servers with this configuration:
CPU: 2 x Dual Core Xeon 3.04 ghz
Memory: 2 Machines have 4 gigs - 2 Machines have 8 gigs
Hardrives: 2 X 72 Gigs (RAID 5)
Minor notes: Dual gigabit adpaters, no remote management, cd-rom, ect...

Well, after the advice I received here. I decided to go with ESXi on two of the machines, but guess what?... Not Compatible. Go figure. 

Here's my current setup:


WHAT THE HELL DO I DO NOW?

Problem 1:
I know one box will be Ubuntu 10.10 as my primary OS, however how should I configure the other boxes? I'm a little lost on where to go now, because I'm signing up the elearnsecurity cert classes as soon I get my network configured, hopefully sooner than later.

Problem 2:
Another problem.   I planned on my DD-WRT Linksys router to provide a wireless  internet connection bridged with my homes wireless, however it's not even close to working and I've deployed 20+ of these and this one is an anomaly. Can anyone suggest a more reliable wireless interface that can provide bridged access to my router?

Problem 3:
Another issue is space.  I was lucky enough to have a supportive wife to build a 640 sqft man cave.  So, I've allocated a section of the room for the equipment that won't kill the room's purpose.  Next to the MAME cabinet is where the desk and hopefully all the equipment will reside. I don't want it to look cluttered (that space is alot bigger than the picture 7ft from wall to MAME cabinet).



So, does anyone have any techniques they've used to consolidate space for equipment?

PLEASE HELP. I'm ready to start elearning and backtrack courses.