Hello everybody!! I am new here, obviously.  I am hoping that I am not going to be posting your typical n00b questions.

About me? Well, I am 23 years old student from the US.  I can't find a decent hacking forum anywhere that doesn't have malicious/skid motivations. I've always been into computers.  I went through the phase of being malicious/skid back in the middle school days with AOL, AIM, "nukers," "punters," (if anybody remembers those good ol' tools lol).

Anyway, I am now finally majoring in IT (used to be a Psych major, read a study once about monkeys not liking their hobby when they started getting paid for it and I liked computers too much, I wouldn't get a degree in it) and I am focusing on security.  After my script kiddie days, I gave up on the hacking scene (obviously, those tools rarely worked) then I would come back here and there. Now, I am serious again and with a new agenda. I want to learn. Learn it all, how it works, why it works, and I want to secure things. I would LOVE to make this my career.  Their are not many feelings that feel better than "solving the puzzle" and gaining access/getting the password (I did a lot of the lessons on HackThisSite!). 

My question is this.  I have a friend at school that I have interested in hacking.  I believe that his intentions are good and he isn't trying to do damage, he is just fascinated by it all.

Well, I am brainstorming ways to set up a pentest lab for us.  I see a lot about VMWare and what not, which is all good, but, we want to be able to attack the network from the outside. 

For example, if he is at home and wants to do some work, he can, or, we're both at school and want to work on it, we can. I do not, however, want to make my entire network vulnerable.

My idea was to set up a network of vulnerable ISOs (hackerdemia, de-ice, dvl, metasploitable, etc) where (i think only VirtualBox supports it) only the VMs can talk to one another. Then, set up Backtrack as it's own IP on the network so we could SSH into that then use the BT VM to attack the toher VMs.  I do not know how I would go about setting this up though.

Or if there are maybe better ideas?

What would be best is a way to attack the box directly from our laptops, however, like I said, I fear making my entire network vulnerable.

My router has an option to isolate everything on the network from one another, however, that ruins the file server setup my girlfriend and I have. 

I guess I am basically just looking for any alternate ideas that I may not have thought of.



So to summarize:

A friend and I would like to attack a computer on my network (preferably w/ our own OS, he runs blackbuntu, i have Arch w/ preferred tools) but I do not want to make the entire network vulnerable (what are the chances of someone actually hacking my network though unless I was out looking for trouble??)  SSH into a Backtrack VM (or even Backtrack as the Host OS) and attacking the VMs would work also.

Anybody wanna help?? =)   

Thank you in advance, I'll check back soon after I surf the forums some more =)

You have many options but I do this:

1. I have Virtual Box in my laptop with all the OS that I need (xp, linux, 2003/2008, de-ice, etc). When I have time or I need to do a test I run it. You guys mention that you have laptops, just put it there.

2. If you want to have your own central network where to work, just built it in the machines(s) that you want at home and use something like logmein or any remote software to connect to a machine inside of your network and begin to work (for me that slow).

It is not good idea to open connection from internet to your vulnerable network, you could get bad surprises.

Well keep in mind, any "affordable" hardware firewall solution for you will really only be forwarding ports, so finding the vulns on the outside, is really not going to be much different than finding them from the inside.  You have specific services running on the systems and you will pick those up doing some network mapping and enumeration.  Then its just about finding ways to exploit those vulns.  If you want to simulate a more advanced firewall then you can setup a software based one on the host system and use it to route your lab traffic through.  You should be able to do this with some of the networking options that Virtualbox or vmware workstation provide.

I would also setup the lab at your home, mainly because that is a network you control.  The school's network may not always provide the ability to remote into your lab, they may block that sort of traffic and they also may block the traffic from your attacks.  An OpenVPN setup may give you better performance/access than logmein.  Or you can just setup your attacking system on the lab and connect to it over VPN over SSH.   Like impelse suggested, opening that system to the Internet, may not be wise.  Just as something like Backtrack is used to pen test, people know how to crack it just as well and take over the system for their own means.