Home page logo
/

basics logo Security Basics mailing list archives

RE: Ideas for studentes
From: <Donovan.Naidoo () absa co za>
Date: Wed, 3 Oct 2007 09:19:16 +0200

Greetings fellow SECURITY mates from places far and wide :)


GOOD idea to use VMware in setting up your labs, as MUCH testing and an
even greater product understanding can be reached within this virtual
environment!

I work as a Security Specialist for one of the largest Banks in the
Southern Hemisphere and must admit that when testing new products and
deploying better security tools, nothing truthfully compares or helps
mitigate further testing, like a Virtual environment!

AS an example, I would like to make mention that I recently went to a
major Anti Virus product evaluation regarding a new product release and
was given the daunting task of thoroughly testing and later deploying
this product within the HUGE infrastructure we manage. i.e. 55 000 user
infrastructure.

I set up a 2003 VM, coupled to a Linux VM (LAN Enforcer), re-instating a
complete system state restore of our Active Directory structure (WIN
2003 VM), ROOT (WIN 2003) and PDC (WIN 2003), client or user VM (XP Pro)
and another user VM (Vista).

So, I effectively have 7 VM's running in a team that is set up as a
VLAN.

I am then able to deploy GPO's from AD, Policies from the AV and have
them associate and replicate through this virtual domain quite
seamlessly! :) EVEN when coupled with the AD.

IT does get tricky as you progress further into penetration testing,
more intrinsic policy deployment AND security threat management BUT it
is a replica of what truly exists on the real network and that's where
it helps the most!

I have used SNORT through these VM's, Metasploit and a host of other
tools to further mitigate Security Management from a virtual
perspective!

IF it exists in the VIRTUAL world, it exists in the REAL WORLD...lol


HOPE this info helps :)


Kind regards,

DON



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Iwekani Mukoma
Sent: Tuesday, October 02, 2007 1:01 AM
To: Brian Laing
Cc: Nick Vaernhoej; security-basics () securityfocus com
Subject: Re: Ideas for studentes

Any idea on how virtual labs could be set up using VMware or others 
virtualization applications? This could be another approach to learning

Brian Laing wrote:
I second the recommendation of groups setting up solutions such as 
described below.  Depending on what your lab looks like you also want 
to look at configuration analysis.  This can cover simply getting 
firewalls and routers setup, but also go deeply into secure setup, 
auditing policy, common pitfalls, etc.  I have done this in the past 
with great success.

These types of setups do not typically get finished in under 30 
hours.  So what I do is chain the labs together.  So day 1 they setup 
and audit the firewall.  For day two your lab setup is getting all 
previous components up and running.  This works very well specially 
when trying to illustrate how an end to end network needs to be setup.
--------------------------------------------------------------------
Brian Laing
Chief Security Officer
Cellphone:  +1 650.280.2389
Office:     +1 (888) 845-8169 Ext. 805
Email: brian () redseal net

Redseal Systems - http://www.redseal.net

Instant Visibility.  Threats Averted.
-------------------------------------------------------------------




On Oct 1, 2007, at 9:21 AM, Nick Vaernhoej wrote:

Good morning,

How about setting the students up in groups of three and give them
each
a task. One installs Nessus, one installs Snort and one installs
smoothwall on a box with httpd enabled and maybe sshd and similar
easily
enabled services.

Then hook them up to a switch allowing for port mirroring or an old
hub.
Initiate a Nessus scan against the firewalled box running the
accessible
services and see what Snort spews out.

That could be set up with a lot of defaults and plenty of challenges
for
any level of student.

However if it has to be completed in three hours and can't span
multiple
days this may take too long :)

Nick Vaernhoej
"Quidquid latine dictum sit, altum sonatur."


-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com]
On Behalf Of Juan B
Sent: Monday, October 01, 2007 7:38 AM
To: security-basics () securityfocus com
Subject: Ideas for studentes

Hi,

I am instructor of a class of students which are
learning info security. each week the students have 3
hours of lab to install a security product. im looking
for ideas of products to install, it could be open
source like iptables, snort or windows applications
etc, I need simple installation so It wont get to
complicated to the studnets. they know linux very
basically.

can you send me ideas of products to install? it shoud
be products related to security.

thanks a lot !

Juan




________________________________________________________________________
____________
Tonight's top picks. What will you watch tonight? Preview the hottest
shows on Yahoo! TV.
http://tv.yahoo.com/


This electronic transmission is intended for the addressee (s) named 
above.=
 It contains information that is privileged, confidential, or 
otherwise prot=
ected from use and disclosure. If you are not the intended recipient 
you are=
 hereby notified that any review, disclosure, copy, or dissemination 
of this=
 transmission or the taking of any action in reliance on its 
contents, or ot=
her use is strictly prohibited. If you have received this 
transmission in er=
ror, please notify the sender that this message was received in error

and th=
en delete this message.=0A=
Thank you.



___________________________________________________________

Important Notice:
Authorised Financial Services Provider

Important restrictions, qualifications and disclaimers
("the Disclaimer") apply to this email. To read this click on the
following address or copy into your Internet browser:

http://www.absa.co.za/disclaimer

The Disclaimer forms part of the content of this email in terms of
section 11 of the Electronic Communications and Transactions
Act, 25 of 2002.

If you are unable to access the Disclaimer, send a blank e-mail
to disclaimer () absa co za and we will send you a copy of the
Disclaimer.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault