From: Joe.McGean@allianz.ie
Date: Thu May 30 2002 - 15:12:52 EDT
Hi Coral,
I would say always make them 'sudo', as its just a good overall practice. You
should
also look at PAM (Programmable Authentication Module). Can be a bit complex
if you have not used before, a simple typo, and you can lock yourself out of the
machine.
You may want to look at creating a protected 'chroot' jail....
Also, check out Trinux, a RAM based version that is security specific, has many
hard to
find Security apps ported to Lin*X (eg: Vomit, to intercept Cisco VoIP,
originally made
for BSD, Trinux, distros...include....the Lin*X ver...for the real lazy...)
http://trinux.sourceforge.net/
Turn, off the pC's when class over, all potential damage...gone...
Its a great Pen-Test, tool.....overall.....
-Bye
Joe McGean
Techincal Security Architect
Allianz, Ireland
www.allianz.ie
Subject: Training Lab Question
This may be a bit off-topic, but I'd like some feedback on the following
issue:
I'm in the process of setting up a Pen Testing training lab. The lab
consists of a network of target hosts and a network of attack hosts (student
workstations). The student workstations running Slackware 8.x (current).
Here's my question? What is the best/safest way to allow the students to run
the tools (mostly nmap and various sniffers) that need root privileges for
full functionality? Should I just make those tools suid root or should I use
sudo? Are there any other alternatives? Thanks in advance.
Coral
"Coral J. Cook" <cjcook@nosc.mil> on 29/05/2002 20:15:58
To: pen-test@securityfocus.com
cc: (bcc: Joe McGean/AGFIL/AGF)
Subject: Training Lab Question
This may be a bit off-topic, but I'd like some feedback on the following
issue:
I'm in the process of setting up a Pen Testing training lab. The lab
consists of a network of target hosts and a network of attack hosts (student
workstations). The student workstations running Slackware 8.x (current).
Here's my question? What is the best/safest way to allow the students to run
the tools (mostly nmap and various sniffers) that need root privileges for
full functionality? Should I just make those tools suid root or should I use
sudo? Are there any other alternatives? Thanks in advance.
Coral
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the HelpDesk at 3955.
**********************************************************************
********************************************************************
Please Note:
Our e-mail address is now 'allianz.ie'
Visit our website at http://www.allianz.ie
Disclaimer :
The information contained and transmitted in this e-mail is
confidential information, and is intended only for the
named recipient to which it is addressed. The content of
this e-mail may not have been sent with the authority of
the company. If the reader of this message is not the
named recipient or a person responsible for delivering it
to the named recipient, you are notified that the review,
dissemination, distribution, transmission, printing or copying,
forwarding, or any other use of this message or any part of
it, including any attachments, is strictly prohibited. If you
have received this communication in error, please delete
the e-mail and destroy all record of this communication.
Thank you for your assistance.
********************************************************************
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:21 EDT