About me? Well, I am 23 years old student from the US. I can't find a decent hacking forum anywhere that doesn't have malicious/skid motivations. I've always been into computers. I went through the phase of being malicious/skid back in the middle school days with AOL, AIM, "nukers," "punters," (if anybody remembers those good ol' tools lol).
Anyway, I am now finally majoring in IT (used to be a Psych major, read a study once about monkeys not liking their hobby when they started getting paid for it and I liked computers too much, I wouldn't get a degree in it) and I am focusing on security. After my script kiddie days, I gave up on the hacking scene (obviously, those tools rarely worked) then I would come back here and there. Now, I am serious again and with a new agenda. I want to learn. Learn it all, how it works, why it works, and I want to secure things. I would LOVE to make this my career. Their are not many feelings that feel better than "solving the puzzle" and gaining access/getting the password (I did a lot of the lessons on HackThisSite!).
My question is this. I have a friend at school that I have interested in hacking. I believe that his intentions are good and he isn't trying to do damage, he is just fascinated by it all.
Well, I am brainstorming ways to set up a pentest lab for us. I see a lot about VMWare and what not, which is all good, but, we want to be able to attack the network from the outside.
For example, if he is at home and wants to do some work, he can, or, we're both at school and want to work on it, we can. I do not, however, want to make my entire network vulnerable.
My idea was to set up a network of vulnerable ISOs (hackerdemia, de-ice, dvl, metasploitable, etc) where (i think only VirtualBox supports it) only the VMs can talk to one another. Then, set up Backtrack as it's own IP on the network so we could SSH into that then use the BT VM to attack the toher VMs. I do not know how I would go about setting this up though.
Or if there are maybe better ideas?
What would be best is a way to attack the box directly from our laptops, however, like I said, I fear making my entire network vulnerable.
My router has an option to isolate everything on the network from one another, however, that ruins the file server setup my girlfriend and I have.
I guess I am basically just looking for any alternate ideas that I may not have thought of.
So to summarize:
A friend and I would like to attack a computer on my network (preferably w/ our own OS, he runs blackbuntu, i have Arch w/ preferred tools) but I do not want to make the entire network vulnerable (what are the chances of someone actually hacking my network though unless I was out looking for trouble??) SSH into a Backtrack VM (or even Backtrack as the Host OS) and attacking the VMs would work also.
Anybody wanna help?? =)
Thank you in advance, I'll check back soon after I surf the forums some more =)