Solved

Security lab kinda Qs

Posted on 2003-10-22
5
235 Views
Last Modified: 2010-04-11
Ok first off im not 100% that this is the right section to post in but it’s the one I felt, would be more inclined to know where im coming from, as you need a wider? Understanding of the issues to help me I fear. < Afternote : And possibly a degree in psychology ;o) >

I Want to set-up a PC/Laptop to run SNORT And NESSUS over Linux < Red hat preferably > and to be able to run w2k server / 2003 and basically be able to shift between them.

The idea being that I can learn both the *nix and windows security tools and practice them on my work net or different nets as I move about < I’m starting doing general contract work < No work atm :/ >  + A lot of the other tools and documents and such. There just seems so much to do atm.

I was thinking first of just having a Laptop < So I can move about and use at work for testing Sw for work  > with a bunch of diff HDs, the plug and play kind and just inserting as I need, that way I could just have various instances of the diff *nix and the accompanying SW, and that way it would also let me harden the diff OS`s as I went along. And it would also give me lee-way to learn the diff versions of *nix has I went along  < last time I tried Red hat I failed miserably :), in my defence it was about 3 years ago when I was just starting off > 

So my first plan is to have 1 constant HD where I can store all my SW + patches and tools etc + Doc`s I have saved, that way they can be used on all the rest of the HDs.
And then 1 Hd running red hat for NESSUS and a separate 1 for SNORT in case one gets damaged because it will be left on the net or I just wipe it by accident screwing around and playing with it < I’ve great faith in myself ;o) >
Then another one for Windows server for testing SW for various projects and such that I would be working on like patch update management and such.
And after all that it would be nice to have one just for me non-work related: D

The other option that ive only just recently found would be to run a copy of Vmware GSX server and load diff instances of the the various OS`s through that, Hence my posting I’ve only just recently touched on this in the last week so im not sure of its limitations etc. In theory I think it could work a treat. It could be perfect! But im just not sure

So basically im asking what would you do? Or what do you think of my ideas < No profanity’s now plz ;o) > 
Its the only way I can think of setting up and running these programs and keeping them up to date, while I move about from job to job and across the city , I don’t drive .And TRY to get practice on them and their use etc

Bare in mind im not trying to go for the first solution although I think that would be good, I don’t think I can afford it all the same
I suppose a kinda lab environment is what I need .

Any comments appreciated
Thanks.
0
Comment
Question by:AdrianOConnor
5 Comments
 
LVL 18

Accepted Solution

by:
liddler earned 75 total points
ID: 9599800
Interesting,
First, your are going to have do a lot of research in the HCLs (Hardware Compatability Lists) of the various linux distro, as linux on a laptop can be a real pain.  You also want to look at Solaris x86 (not sure if this will run on a laptop) and various BSDs.  For security BSD is pretty important as it is very hardenable (is that a word?)
Instead of a laptop, you might want to look at a portable computer,  basically a big laptop without a battery, but good spec and much more modular, so you can chang bits.
To be honest a desktop in a big case 5+ disk slots, with generic hardware (i.e. there wil be lots of linux drivers).  Lots of big disks and multibooting between as many OSs as you want is probably the best suggestion.  Although, this isn't portable, but if you build it yourself it might be reasonably cheap.
If you are putting it on the 'net a a security device / scanner it will probably get hacked at sometime(s) so be sure to have a good and regular back-up policy (DVD witer or Tape)
0
 
LVL 3

Assisted Solution

by:FlamingSword
FlamingSword earned 75 total points
ID: 9600199
Good ideas, and good luck.

"plan is to have 1 constant HD where I can store all my SW + patches and tools etc + Doc`s I have saved"

I like that multiboot idea, but I think I want to advise home system for doing the downloading and patch management, give it a CD burner and huge HD.

I think it would be counterproductive to have every single patch on the boot HD, which may be incompatible, initially at least, with some of the spare HDs. So I'd vote to have the home system put together packages of O/S and its latest patches onto a CD, then for the laptop, and HD booted should be able to easily find the patches it needs on its CD.  Plan to carry spare parts, beginning with a spare CDROM for yourself

Otherwise, the overhead on initial boot cd is too much.  It may be ok to have documents on that same HD, as long as they are not too extensive. If they get too complicated and large, consider moving them to CD as well. I agree to place all tools on single HD. Even if it has to be partitioned to enable *nix tools for a defaulted Windows boot. While you are at it, have another HD ready as a duplicate of the first one.  What you do not want to do is ever make the customer wait while you look for things, so have them all at the ready, and organized.  Imagine customer response to you saying: "Oh, I'll get to that immediately, just as soon as I rebuild my HD due to (mumble) glitch ..."

If you are seeking opportunity to give advise on network integrity, consider wireless, but with time on your hands keep track of the news and for how the securing world is going, and especially for how the court cases are going, to define the limits that are used in the communities you'll be serving.
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Admin Certificates in my browser 2 43
Exchange 2010 Email server black listed 14 91
TrapX & best honey pots that deal with email ransomwares & malwares 1 52
firewall log 4 39
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question