.

Advice needed for pentest lab setup

<<

AndyB67

User avatar

Full Member
Full Member

Posts: 100

Joined: Fri Jan 14, 2011 7:13 am

Location: UK

Post Tue Mar 15, 2011 4:24 pm

Advice needed for pentest lab setup

Have recently aquired the recommended WAP and USB Wifi device for my attempt at Backtrack WiFU after easter.  My initial plans were to just run the WAP in various configurations and keep experimenting with aircrack as it's currently not connected to anything.

As well as my laptop that dual boots Ubuntu and Backtrack, I also have a reasonable spec PC (with 2 network cards) setup with just Backtrack on and sat on my home network/internet connection.

Have just had a thought that I could run a couple of VM's off my backtrack PC (dam vunerable linux and a poorly patched xp), tie them down to the 2nd network card and connect that to my new WAP so I have something to have a go at when I crack into the WAP.

Bearing in mind that my training WAP is going to be potentially vunerable, whats the best way to secure my backtrack system so I don't allow someone an easy way in. 

I plan to put the second network card, vm's and the wap on a class B network address and subnet compared with my class c address for my network but want to do everything else I can to keep the two networks separated on the PC???
Net+ Sec+ More to come
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Tue Mar 15, 2011 10:56 pm

Re: Advice needed for pentest lab setup

something to remember. In order to attack WiFi there as to be traffic on it in some form.
OSWP, Sec+
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Tue Mar 15, 2011 11:00 pm

Re: Advice needed for pentest lab setup

AndyB wrote:Bearing in mind that my training WAP is going to be potentially vunerable, whats the best way to secure my backtrack system so I don't allow someone an easy way in. 


Just put all your vulnerable VMs on a virtual network that isn't connected to anything else (as opposed to bridged, NAT, or host-only).

chrisj wrote:something to remember. In order to attack WiFi there as to be traffic on it in some form.


You need the handshake for WPA, but you can use something like fragmentation or chopchop for WEP.
The day you stop learning is the day you start becoming obsolete.
<<

TheXero

User avatar

Full Member
Full Member

Posts: 112

Joined: Tue Dec 07, 2010 12:24 pm

Post Wed Mar 16, 2011 9:39 am

Re: Advice needed for pentest lab setup

When I was enrolled in the course, I had the WRT54GL router on its own and not connected to anything

Now that I've passed, it part of my PenTest lab (made up of VM's).  For now don't connect it to anything unless you want it broken into just stick to the course material, then once you have passed the exam you can experiment to your hearts desire :)
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Wed Mar 16, 2011 10:01 am

Re: Advice needed for pentest lab setup

When I did wifu, I had an Linksys WRT54GL with a xubuntu box connected to it via wireless, and another on connected to it via wire. The router itself was not connected to the internet.

I use the traffic between them for the labs where I needed to have traffic running (handshake, capture, etc). I also used being able to connect into those boxes as proof I had the right key when I connected to wireless from my laptop running backtrack.
OSWP, Sec+
<<

AndyB67

User avatar

Full Member
Full Member

Posts: 100

Joined: Fri Jan 14, 2011 7:13 am

Location: UK

Post Wed Mar 16, 2011 3:20 pm

Re: Advice needed for pentest lab setup

chrisj wrote:something to remember. In order to attack WiFi there as to be traffic on it in some form.

I have an old(ish) dell PDA that is capable of wep and wpa wireless so that can give me some wirless traffic.

Thanks for the advice guys had fogotten about VM's virtual networks as it's a while since I used it in anger
Net+ Sec+ More to come
<<

AndyB67

User avatar

Full Member
Full Member

Posts: 100

Joined: Fri Jan 14, 2011 7:13 am

Location: UK

Post Thu Mar 24, 2011 2:28 pm

Re: Advice needed for pentest lab setup

Bit more advice required here if possible as my 'hacking' PC has two nics in and i'm having an issue with them

The 1st is a 100M onboard one (eth0) currently connected to my WAP and vunerable machines that has no external connection to the internet.  This gets a 10.0 address off my WAP (subnetted)

The 2nd is a 1G add in card (eth1) connected to my home network that has a connection to the internet.  This gets a 192 address off my internet router

With eth1 up, I am able to browse the internet and do all the good stuff.  The moment I bring eth 0 up, I lose my connection to the internet as it tries to route all my traffic through the WAP.

What would be the best way to get my system to route all external traffic through my home net? 
Should I swap the nic cables over so that eth1 connects to my WAP and eth0 my home network?
Do I just need to make modifications to the routing table on my PC?

My next question is re VMware and virtual networks.  I've currently got VMWare Player but could get my hands on a (legal) copy of Workstation if needed.
I'd like to bridge any virtual machines I create onto which ever NIC is attached to the WAP.  Is there any way to force which nic the VM binds to?

Thanks in advance
Net+ Sec+ More to come
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Thu Mar 24, 2011 2:38 pm

Re: Advice needed for pentest lab setup

AndyB wrote:Bit more advice required here if possible as my 'hacking' PC has two nics in and i'm having an issue with them

The 1st is a 100M onboard one (eth0) currently connected to my WAP and vunerable machines that has no external connection to the internet.  This gets a 10.0 address off my WAP (subnetted)

The 2nd is a 1G add in card (eth1) connected to my home network that has a connection to the internet.  This gets a 192 address off my internet router

With eth1 up, I am able to browse the internet and do all the good stuff.  The moment I bring eth 0 up, I lose my connection to the internet as it tries to route all my traffic through the WAP.

What would be the best way to get my system to route all external traffic through my home net? 
Should I swap the nic cables over so that eth1 connects to my WAP and eth0 my home network?
Do I just need to make modifications to the routing table on my PC?

My next question is re VMware and virtual networks.  I've currently got VMWare Player but could get my hands on a (legal) copy of Workstation if needed.
I'd like to bridge any virtual machines I create onto which ever NIC is attached to the WAP.  Is there any way to force which nic the VM binds to?

Thanks in advance


No experience with VMWare, but the other issue sounds like a routing issue.  Make sure the default gw on your 'hacking' PC is set to the IP of your Internet router, then configure another route to route all 10 network traffic to the WAP IP.
Last edited by lorddicranius on Thu Mar 24, 2011 2:40 pm, edited 1 time in total.
GSEC, eCPPT, Sec+
<<

TheXero

User avatar

Full Member
Full Member

Posts: 112

Joined: Tue Dec 07, 2010 12:24 pm

Post Thu Mar 24, 2011 3:20 pm

Re: Advice needed for pentest lab setup

Set eth0 to a static address, but leave the default gateway blank

I've had this trouble in the past, multiple default gateway's can only lead to trouble
<<

AndyB67

User avatar

Full Member
Full Member

Posts: 100

Joined: Fri Jan 14, 2011 7:13 am

Location: UK

Post Thu Mar 24, 2011 3:55 pm

Re: Advice needed for pentest lab setup

TheXero wrote:Set eth0 to a static address, but leave the default gateway blank


Bingo, got my internet back with eth0 up.  It's always the little things that trip me up!!

Just need to dig out my vmware notes and working out the VMnetwork side of things now. 

Thanks guys
Net+ Sec+ More to come

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software