From: Jacques Thomas (jacktom@noos.fr)
Date: Thu May 30 2002 - 18:11:10 EDT
User Mode Linux (ULM) might be a good alternative to VMWare, which I
appreciate a lot also. As with VMWare, you can reinstall the whole
(virtual) system by simply copying a file.
I have not used it much but I read Alan Cox on a mailing list stating
that he used it to insulate certain servers.
Regards,
Jacques
PS: http://user-mode-linux.sourceforge.net/
Greg wrote:
>
> My recommendation would be to give each student a VMWare workstation system
> to play with. That way once the course is over or the student trashes their
> system (whichever happens sooner) you can simply replace their system with
> your master VMWare workstation image.
>
> This means that you can give the students r00t (because it's easier than
> trying to setuid lot's of software) and not worry too much about what they
> do to the systems.
>
> Consider using VMWare to host your target systems as well for much the same
> reasons, this also saves you using lots of physical boxes too.
>
> regards
>
> Greg
>
> BTW Despite the fact that nearly half of my posts to this list seem to
> pertain to VMWare (I don't know why) : I am not selling/connected to or
> otherwise related to VMWare. That said, VMWare does rock.
>
> > -----Original Message-----
> > From: Coral J. Cook [mailto:cjcook@nosc.mil]
> > Sent: 29 May 2002 21:16
> > To: pen-test@securityfocus.com
> > Subject: Training Lab Question
> >
> >
> > This may be a bit off-topic, but I'd like some feedback on the following
> > issue:
> >
> > I'm in the process of setting up a Pen Testing training lab. The lab
> > consists of a network of target hosts and a network of attack
> > hosts (student
> > workstations). The student workstations running Slackware 8.x (current).
> >
> > Here's my question? What is the best/safest way to allow the
> > students to run
> > the tools (mostly nmap and various sniffers) that need root privileges for
> > full functionality? Should I just make those tools suid root or
> > should I use
> > sudo? Are there any other alternatives? Thanks in advance.
> >
> > Coral
> >
> >
> >
> > ------------------------------------------------------------------
> > ----------
> > This list is provided by the SecurityFocus Security Intelligence
> > Alert (SIA)
> > Service. For more information on SecurityFocus' SIA service which
> > automatically alerts you to the latest security vulnerabilities
> > please see:
> > https://alerts.securityfocus.com/
> >
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:21 EDT