mailing list archives
RE: Ideas for studentes
From: <Donovan.Naidoo () absa co za>
Date: Wed, 3 Oct 2007 09:19:16 +0200
Greetings fellow SECURITY mates from places far and wide :)
GOOD idea to use VMware in setting up your labs, as MUCH testing and an
even greater product understanding can be reached within this virtual
I work as a Security Specialist for one of the largest Banks in the
Southern Hemisphere and must admit that when testing new products and
deploying better security tools, nothing truthfully compares or helps
mitigate further testing, like a Virtual environment!
AS an example, I would like to make mention that I recently went to a
major Anti Virus product evaluation regarding a new product release and
was given the daunting task of thoroughly testing and later deploying
this product within the HUGE infrastructure we manage. i.e. 55 000 user
I set up a 2003 VM, coupled to a Linux VM (LAN Enforcer), re-instating a
complete system state restore of our Active Directory structure (WIN
2003 VM), ROOT (WIN 2003) and PDC (WIN 2003), client or user VM (XP Pro)
and another user VM (Vista).
So, I effectively have 7 VM's running in a team that is set up as a
I am then able to deploy GPO's from AD, Policies from the AV and have
them associate and replicate through this virtual domain quite
seamlessly! :) EVEN when coupled with the AD.
IT does get tricky as you progress further into penetration testing,
more intrinsic policy deployment AND security threat management BUT it
is a replica of what truly exists on the real network and that's where
it helps the most!
I have used SNORT through these VM's, Metasploit and a host of other
tools to further mitigate Security Management from a virtual
IF it exists in the VIRTUAL world, it exists in the REAL WORLD...lol
HOPE this info helps :)
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Iwekani Mukoma
Sent: Tuesday, October 02, 2007 1:01 AM
To: Brian Laing
Cc: Nick Vaernhoej; security-basics () securityfocus com
Subject: Re: Ideas for studentes
Any idea on how virtual labs could be set up using VMware or others
virtualization applications? This could be another approach to learning
Brian Laing wrote:
I second the recommendation of groups setting up solutions such as
described below. Depending on what your lab looks like you also want
to look at configuration analysis. This can cover simply getting
firewalls and routers setup, but also go deeply into secure setup,
auditing policy, common pitfalls, etc. I have done this in the past
with great success.
These types of setups do not typically get finished in under 30
hours. So what I do is chain the labs together. So day 1 they setup
and audit the firewall. For day two your lab setup is getting all
previous components up and running. This works very well specially
when trying to illustrate how an end to end network needs to be setup.
Chief Security Officer
Cellphone: +1 650.280.2389
Office: +1 (888) 845-8169 Ext. 805
Email: brian () redseal net
Redseal Systems - http://www.redseal.net
Instant Visibility. Threats Averted.
On Oct 1, 2007, at 9:21 AM, Nick Vaernhoej wrote:
How about setting the students up in groups of three and give them
a task. One installs Nessus, one installs Snort and one installs
smoothwall on a box with httpd enabled and maybe sshd and similar
Then hook them up to a switch allowing for port mirroring or an old
Initiate a Nessus scan against the firewalled box running the
services and see what Snort spews out.
That could be set up with a lot of defaults and plenty of challenges
any level of student.
However if it has to be completed in three hours and can't span
days this may take too long :)
"Quidquid latine dictum sit, altum sonatur."
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com]
On Behalf Of Juan B
Sent: Monday, October 01, 2007 7:38 AM
To: security-basics () securityfocus com
Subject: Ideas for studentes
I am instructor of a class of students which are
learning info security. each week the students have 3
hours of lab to install a security product. im looking
for ideas of products to install, it could be open
source like iptables, snort or windows applications
etc, I need simple installation so It wont get to
complicated to the studnets. they know linux very
can you send me ideas of products to install? it shoud
be products related to security.
thanks a lot !
Tonight's top picks. What will you watch tonight? Preview the hottest
shows on Yahoo! TV.
This electronic transmission is intended for the addressee (s) named
It contains information that is privileged, confidential, or
ected from use and disclosure. If you are not the intended recipient
hereby notified that any review, disclosure, copy, or dissemination
transmission or the taking of any action in reliance on its
contents, or ot=
her use is strictly prohibited. If you have received this
transmission in er=
ror, please notify the sender that this message was received in error
en delete this message.=0A=
Authorised Financial Services Provider
Important restrictions, qualifications and disclaimers
("the Disclaimer") apply to this email. To read this click on the
following address or copy into your Internet browser:
The Disclaimer forms part of the content of this email in terms of
section 11 of the Electronic Communications and Transactions
Act, 25 of 2002.
If you are unable to access the Disclaimer, send a blank e-mail
to disclaimer () absa co za and we will send you a copy of the