Security lab kinda Qs

Ok first off im not 100% that this is the right section to post in but it’s the one I felt, would be more inclined to know where im coming from, as you need a wider? Understanding of the issues to help me I fear. < Afternote : And possibly a degree in psychology ;o) >

I Want to set-up a PC/Laptop to run SNORT And NESSUS over Linux < Red hat preferably > and to be able to run w2k server / 2003 and basically be able to shift between them.

The idea being that I can learn both the *nix and windows security tools and practice them on my work net or different nets as I move about < I’m starting doing general contract work < No work atm :/ >  + A lot of the other tools and documents and such. There just seems so much to do atm.

I was thinking first of just having a Laptop < So I can move about and use at work for testing Sw for work  > with a bunch of diff HDs, the plug and play kind and just inserting as I need, that way I could just have various instances of the diff *nix and the accompanying SW, and that way it would also let me harden the diff OS`s as I went along. And it would also give me lee-way to learn the diff versions of *nix has I went along  < last time I tried Red hat I failed miserably :), in my defence it was about 3 years ago when I was just starting off > 

So my first plan is to have 1 constant HD where I can store all my SW + patches and tools etc + Doc`s I have saved, that way they can be used on all the rest of the HDs.
And then 1 Hd running red hat for NESSUS and a separate 1 for SNORT in case one gets damaged because it will be left on the net or I just wipe it by accident screwing around and playing with it < I’ve great faith in myself ;o) >
Then another one for Windows server for testing SW for various projects and such that I would be working on like patch update management and such.
And after all that it would be nice to have one just for me non-work related: D

The other option that ive only just recently found would be to run a copy of Vmware GSX server and load diff instances of the the various OS`s through that, Hence my posting I’ve only just recently touched on this in the last week so im not sure of its limitations etc. In theory I think it could work a treat. It could be perfect! But im just not sure

So basically im asking what would you do? Or what do you think of my ideas < No profanity’s now plz ;o) > 
Its the only way I can think of setting up and running these programs and keeping them up to date, while I move about from job to job and across the city , I don’t drive .And TRY to get practice on them and their use etc

Bare in mind im not trying to go for the first solution although I think that would be good, I don’t think I can afford it all the same
I suppose a kinda lab environment is what I need .

Any comments appreciated
Thanks.
AdrianOConnorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

liddlerCommented:
Interesting,
First, your are going to have do a lot of research in the HCLs (Hardware Compatability Lists) of the various linux distro, as linux on a laptop can be a real pain.  You also want to look at Solaris x86 (not sure if this will run on a laptop) and various BSDs.  For security BSD is pretty important as it is very hardenable (is that a word?)
Instead of a laptop, you might want to look at a portable computer,  basically a big laptop without a battery, but good spec and much more modular, so you can chang bits.
To be honest a desktop in a big case 5+ disk slots, with generic hardware (i.e. there wil be lots of linux drivers).  Lots of big disks and multibooting between as many OSs as you want is probably the best suggestion.  Although, this isn't portable, but if you build it yourself it might be reasonably cheap.
If you are putting it on the 'net a a security device / scanner it will probably get hacked at sometime(s) so be sure to have a good and regular back-up policy (DVD witer or Tape)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
FlamingSwordCommented:
Good ideas, and good luck.

"plan is to have 1 constant HD where I can store all my SW + patches and tools etc + Doc`s I have saved"

I like that multiboot idea, but I think I want to advise home system for doing the downloading and patch management, give it a CD burner and huge HD.

I think it would be counterproductive to have every single patch on the boot HD, which may be incompatible, initially at least, with some of the spare HDs. So I'd vote to have the home system put together packages of O/S and its latest patches onto a CD, then for the laptop, and HD booted should be able to easily find the patches it needs on its CD.  Plan to carry spare parts, beginning with a spare CDROM for yourself

Otherwise, the overhead on initial boot cd is too much.  It may be ok to have documents on that same HD, as long as they are not too extensive. If they get too complicated and large, consider moving them to CD as well. I agree to place all tools on single HD. Even if it has to be partitioned to enable *nix tools for a defaulted Windows boot. While you are at it, have another HD ready as a duplicate of the first one.  What you do not want to do is ever make the customer wait while you look for things, so have them all at the ready, and organized.  Imagine customer response to you saying: "Oh, I'll get to that immediately, just as soon as I rebuild my HD due to (mumble) glitch ..."

If you are seeking opportunity to give advise on network integrity, consider wireless, but with time on your hands keep track of the news and for how the securing world is going, and especially for how the court cases are going, to define the limits that are used in the communities you'll be serving.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.