Re: Bootable Nmap virtual network CD

[Rod Seney <rodseney () yahoo com>]

I think options 1 & 2 could more or less be the same
thing.  The idea of using the CD to reference examples
in the book was the original intent (or one of them). 
I think this would be the route to take, along with
the "mock" network idea for playing.  I think that
option 3 would get into a rather large, cumbersome
project for whoever tries to set-up the CD.  I just
feel option 3 is beyond the scope of our main intent. 
It (#3) would be as large a project as the book, and
I've got the impression that the book should be the
main focus (which I'm in agreement with) with the CD
secondary.

Rod

--- David Pybus <david_pybus () yahoo co uk> wrote:
> I think before we progress this idea too much
> further we really need to ground
> out what we would to achieve with the CD. In order
> to do that we need to agree
> to some questions about what the CD should provide:
>  1) Is the CD purely a demo/testbed CD for nmap or
> do we plan that people use
>     it as an actual attack system in the real world.
> If we only plan on the
>     former we don't need to worry "as much" about
> keeping the thing upto date,
>     learn the basics on the knoppic-toy and then
> move onto the real thing with
>     current software.
>  2) Is the book going to contain worked
> examples/questions/exercises? Should 
>     these be worked around the CD and what it allows
> you to? If you use the CD
>     then you can give tips/answers based on the test
> network?
>  3) What is the CD going to emulate. There are
> various issues here depending on
>     what is being done at a given time. What about a
> menu driven system. The
>     user has several options such as, scan /16, scan
> virtual hosts, scan FW
>     scan randomly generated network. The
> menu/script/whatever then setups a
>     virtual network accordingly. This allows for
> much more variation and if
> used
>     with examples/questions from the book, then
> different virutal environments
>     could be produced depending on what the chapeter
> was about.
> I am sure people would add other questions to that
> list but by making the CD
> flexible then we stand more chance of it being all
> things to all people from an
> experimental perspective, i.e. for bulk scanning
> just use honeyd emulating /16
> but for host fingerprinting run linux and bsd under
> bochs. Also putting the CD
> in the book will give at least some people access to
> what they couldn't either
> download, after all not all of us can download ISOs
> at 2M/s.
>
> David Pybus
>
>  --- Bennett Todd <bet () rahul net> wrote: >
> 2003-11-12T23:07:32 Eddie:
> > > Also, is there consensus yet on how many
> machines would be needed?
> > "needed"? You'll never see agreement.
> >
> > If you'll substitute "desired", then I'll answer
> "loads", like "a
> > /16 full". honeyd ought to be able to do that
> pretty well, spoofing
> > various OS types. I'm expecting that the config
> for this would be
> > something we'd generate with a program, not try to
> hand edit.
> > >  While I think it may be most helpful to focus
> on a couple
> > > machines for most of the examples, I can imagine
> a chapter on
> > > "shotgun" scanning.
> >
> > This is _so_ weird. Am I the only person on this
> list who never uses
> > nmap as a burglary tool, rarely uses it for
> security assessment, but
> > turns to it routinely for pefectly ordinary
> network discovery?
> > I'll build databases classifying hosts by os type,
> and
> > cross-reference them against the admin databases
> that are supposed
> > to completely describe the net, turning up missing
> and stale
> > entries.
> >
> > I'll look for "rogue" (i.e. unsupported) servers
> for various
> > protocols, to help make sure that upgrade
> schedules have complete
> > coverage.
> >
> > When you've got an balkanized enterprise that is
> built by pasting
> > together a couple of decades worth of mergers and
> acquisitions, and
> > whose IT organizations have undergone
> reorganizations every few
> > years, it's common to find that absolutely nobody
> knows exactly
> > what's on the net, and finding out is too big a
> job for manual
> > walkaround inventory. nmap is my friend.
> >
> > -Bennett
>
> > ATTACHMENT part 2 application/pgp-signature 
>  
________________________________________________________________________
> Want to chat instantly with your online friends? 
> Get the FREE Yahoo!
> Messenger http://mail.messenger.yahoo.co.uk
---------------------------------------------------------------------
> For help using this (nmap-writers) mailing list,
> send a blank email to 
> nmap-writers-help () insecure org .


__________________________________
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://antispam.yahoo.com/whatsnewfree

---------------------------------------------------------------------
For help using this (nmap-writers) mailing list, send a blank email to 
nmap-writers-help () insecure org .