.

Pen Testing Lab

<<

El33tsamurai

User avatar

Full Member
Full Member

Posts: 219

Joined: Sat Feb 03, 2007 4:01 pm

Post Tue Jul 30, 2013 11:02 pm

Pen Testing Lab

Looking to make a set of tutorials about setting up a pen testing lab from hardware and box build to virtual servers/nodes ect. on the network.

What are you guys looking for? Where would you like to see this start? What kind of budget should I gear this towards? Anything else?
<<

prats84

User avatar

Jr. Member
Jr. Member

Posts: 73

Joined: Thu Nov 18, 2010 7:03 pm

Post Wed Jul 31, 2013 3:03 am

Re: Pen Testing Lab

Would be great if you can show like different network subnets and components showing a more real-life scenarios. For example something like OSCP labs. How they have couple of networks separated by firewalls.

By saying oscp i dont mean the hosts details etc. But just more on having some virtual Firewall between the networks. How to automate the start and stop of VMs. May be restore from snapshots.

I had a little difficult time to do automate restore from snapshots.


Thanks.

Pratik
<<

UKSecurityGuy

User avatar

Jr. Member
Jr. Member

Posts: 88

Joined: Wed Mar 27, 2013 10:51 am

Post Wed Jul 31, 2013 6:28 am

Re: Pen Testing Lab

I'll 2nd prats84's comments.

A couple of random VMs with vulnerable copies of linux on them does not constituate a realistic corporate network.

In my own test lab I have a linux machine acting as a webserver in the front end, and GNS3 providing a virtual firewall between that and the main network. Within the main network I have several microsoft machines (Virtual machines provided free from Microsoft's download centre) set up with a few flaws such as insecure DNS update allowed, and shared Administrator passwords.
<<

El33tsamurai

User avatar

Full Member
Full Member

Posts: 219

Joined: Sat Feb 03, 2007 4:01 pm

Post Wed Jul 31, 2013 9:04 am

Re: Pen Testing Lab

prats84 wrote:Would be great if you can show like different network subnets and components showing a more real-life scenarios. For example something like OSCP labs. How they have couple of networks separated by firewalls.

By saying oscp i dont mean the hosts details etc. But just more on having some virtual Firewall between the networks. How to automate the start and stop of VMs. May be restore from snapshots.

I had a little difficult time to do automate restore from snapshots.


Thanks.

Pratik



I been doing alot of research on how to automate the vm refresh like the oscp. I been planing on using PFsense as the firewall to separate all networks, does that work? Or are you interested in seeing other firewalls as well?
<<

JohnE

User avatar

Newbie
Newbie

Posts: 12

Joined: Tue Jan 31, 2012 10:09 pm

Location: Sydney, Australia

Post Wed Jul 31, 2013 9:24 pm

Re: Pen Testing Lab

Perhaps have a machine running an IDS to test bypassing them. Same with anti-virus.
<<

UKSecurityGuy

User avatar

Jr. Member
Jr. Member

Posts: 88

Joined: Wed Mar 27, 2013 10:51 am

Post Thu Aug 01, 2013 3:37 am

Re: Pen Testing Lab

The trouble with putting AV and IDS in these kind of networks is that they're rule based. Different products have different rule sets, so even if you put in an AV that can be bypassed - it doesn't indicate that all AVs can be bypassed.

Firewall-wise, the flaws tend to be in the rulebases of these devices rather than the Appliance/Application itself, so I'd suggest that any firewall would do - as long as it's got a couple of flaws in the rulebase - allowing the tester to poke through between different tiers of the application stack.
<<

El33tsamurai

User avatar

Full Member
Full Member

Posts: 219

Joined: Sat Feb 03, 2007 4:01 pm

Post Mon Aug 05, 2013 6:41 am

Re: Pen Testing Lab

UKSecurityGuy wrote:Firewall-wise, the flaws tend to be in the rulebases of these devices rather than the Appliance/Application itself, so I'd suggest that any firewall would do - as long as it's got a couple of flaws in the rulebase - allowing the tester to poke through between different tiers of the application stack.


I was thinking of having two paths into the network one with a firewall and one without.
<<

El33tsamurai

User avatar

Full Member
Full Member

Posts: 219

Joined: Sat Feb 03, 2007 4:01 pm

Post Tue Aug 06, 2013 12:49 pm

Re: Pen Testing Lab

Anyone looking for anything else?
<<

jrdoty

User avatar

Newbie
Newbie

Posts: 17

Joined: Sun Dec 09, 2012 8:43 pm

Post Thu Aug 08, 2013 6:13 pm

Re: Pen Testing Lab

I second everyone's comments above. I've been doing some research into this as well. I've felt like the classes I have taken are realistic enough or don't go to the next level with just a single vulnerable VM. I would like my pen test lab to have segmented networks with multiple machines/ web apps. IDS, AV, SIEM. I've looked into GNS3 before but I don't have the IOS images to work with.



My plan is to build my Pen test lab in October but I have begun to collect resources on it. Paul Dot com and Joesph McCray have talked a lot about good pen test labs. Some links
https://blip.tv/pauldotcom/building-a-s ... ap-6543666
http://seclists.org/pauldotcom/2010/q1/1035
http://mail.pauldotcom.com/pipermail/pa ... 08584.html
http://castroller.com/podcasts/Pauldotc ... ly/3401222

Also this book seemed to have some good info on setting up advanced pen test labs
http://www.amazon.com/dp/1849517746


Although AVs and IDS's are rule based it is better than nothing. A realistic pen test would have network security devices like these that you will have to work around.

Return to Tutorials

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software