RE: Training Lab Question

From: Ballowe, Charles (CBallowe@usg.com)
Date: Thu May 30 2002 - 12:19:09 EDT

• Next message: Vladimir Parkhaev: "Re: PEN Testing a everchanging realm in apache"
• Previous message: Jon Bull: "Re: Scanners and unpublished vulnerabilities - Full Disclosure"
• Maybe in reply to: Coral J. Cook: "Training Lab Question"
• Next in thread: Joe.McGean@allianz.ie: "Re: Training Lab Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Since it is a training lab, let the students have root. Expect
to re-image the disks on the student machines after every class
passes through. Consider that somebody doing a pen-test will
likely be doing it from their own machine, they will most likely
have root.

It may not be the safest, but is the most realistic way to train them.
Give them the tools that they will have in the field.

I assume that you're already simulating a vulnerable network, you could
also do some host based pen-test training. Leave a vulnerable binary on
the student systems and have them exploit it before continuing on to
network pen-testing.

> -----Original Message-----
> From: Coral J. Cook [mailto:cjcook@nosc.mil]
> Sent: Wednesday, May 29, 2002 3:16 PM
> To: pen-test@securityfocus.com
> Subject: Training Lab Question
>
>
> This may be a bit off-topic, but I'd like some feedback on
> the following
> issue:
>
> I'm in the process of setting up a Pen Testing training lab. The lab
> consists of a network of target hosts and a network of attack
> hosts (student
> workstations). The student workstations running Slackware 8.x
> (current).
>
> Here's my question? What is the best/safest way to allow the
> students to run
> the tools (mostly nmap and various sniffers) that need root
> privileges for
> full functionality? Should I just make those tools suid root
> or should I use
> sudo? Are there any other alternatives? Thanks in advance.
>
> Coral
>
>
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security
> Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security
> vulnerabilities please see:
> https://alerts.securityfocus.com/
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Vladimir Parkhaev: "Re: PEN Testing a everchanging realm in apache"
• Previous message: Jon Bull: "Re: Scanners and unpublished vulnerabilities - Full Disclosure"
• Maybe in reply to: Coral J. Cook: "Training Lab Question"
• Next in thread: Joe.McGean@allianz.ie: "Re: Training Lab Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:21 EDT